Lincolnshire County Council has fallen victim to a malware attack demanding a £1m ransom. The ransomware resulted in a total shut down of the computer systems for four days. Council authorities say they are working with security experts to fix the systems.
Although there are no details about the exact data breach, chief information officer Judith Hetherington-Smith said only a small number of files were affected. She said the authority shut down the systems after the malware was identified.
"People can only use pens and paper, we've gone back a few years," said Hetherington-Smith. She told the BBC: "It happened very quickly. Once we identified it we shut the network down, but some damage is always done before you get to that point - and some files have been locked by the software. A lot of the files will be available for us to restore from the back-up."
The council expects the systems to be back to normalcy by early next week. It claims the ransomware was "the biggest attack" it had ever experienced, saying it was the "0-day malware."
Ransomware is a family of malware that denies access to infected computers systems until the victim pays a ransom to remove the restriction. The Information Commissioner's Office, which is responsible for the enforcement of the Data Protect Act 1998, said it was aware of the attack.
Meanwhile, the Register, after speaking to the council spokesperson, claims that about 300 staff computers were hit by the ransomware. But it is not known if the servers and data stores have been affected. The malware started its action after a staff opened a dodgy email attachment, which is one of the most common methods attackers use to spread malware. The council said the ransomware was not a CryptoLocker.