Cheltenham Council recovers after major malware strike

Unidentified malware causes IT outages

Cheltenham Borough Council is recovering from a major malware attack that caused disruption to services including online Council Tax payments and the recent Police and Crime Commissioner elections.

According to the local press, the problem was first detected as early as 31 October but it took the Council a week to realise the extent of the infection, when staff decided to undertake a complete scan of systems.

The resulting IT disruption reportedly caused the Council's online Council Tax system to become unavailable for three days and caused a communication glitch that delayed counting of ballots cast by citizens in the outlying town of Stroud during the Police and Crime Commissioner elections.

Staff were also unable to access email and internal systems for three days, the Council has confirmed.

The malware that caused the issue has not been identified and will probably never be made public. The effectiveness of the installed antivirus software will come under scrutiny but the press report stated that "new" - probably updated - antivirus software was eventually able to spot a "numerous new viruses" on Council computers.

No sensitive data is said to have been compromised during the attack with the Council declaring itself "virus free" after several weeks of close monitoring.

The Council had taken "immediate action to secure data and there were no breaches," resources head Mark Sheldon reportedly told an internal committee.

The Council fielded a range of questions relating to the incident during an Overview and Scrutiny committee meeting, including why the installed antivirus software had not picked up the infection earlier.

''The council is now virus free and our ICT systems are stable. It was a very challenging period but staff from within the council, supported by colleagues at Forest of Dean district council, did an amazing job in dealing with the virus quickly and minimising the disruption to staff and our customers," Sheldon added.

"I am concerned about the knock-on effect of this on future budgets because anti-virus measures are expensive," commented Conservative councillor Andrew Wall.

"Also, what are the reputational damages that Cheltenham Borough Council has suffered. We have invested a lot of money in this [security] and it doesn't look like something that has paid us back sufficiently."

Details of malware infections in the UK public sector are rarely publicised and local authorities are under no obligation to report incidents they deem have no data protection implications.

A rare exception was a 2009 incident in which Ealing Council in London was hit by a Conficker variant, an incident that caused significant costs and disruption to services.

Join the newsletter!


Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Follow our new CSO Australia LinkedIn
Follow our new social and we'll keep you in the loop for exclusive events and all things security!
Have an opinion on security? Want to have your articles published on CSO? Please contact CSO Content Manager for our guidelines.

Tags public sector

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Brand Page

Stories by John E Dunn

Latest Videos

More videos

Blog Posts