Cyberattack Cripples IT Systems Across London Councils

A significant cybersecurity incident has disrupted essential IT services for three major London councils, impacting hundreds of thousands of residents. The Royal Borough of Kensington and Chelsea and Westminster City Council announced they are grappling with service outages after a cyberattack compromised their shared technology infrastructure. Phone lines and multiple internal systems have been affected, forcing the councils to enact emergency protocols to ensure residents continue receiving vital services.

Because these authorities operate certain IT systems jointly, the disruption simultaneously impacted both. A third council, the London Borough of Hammersmith and Fulham, which also shares some services, proactively took enhanced measures to isolate and safeguard our networks, leading to its own operational disruptions as a precaution.

Westminster City Council is a critically important local authority. Its jurisdiction covers iconic landmarks including the Palace of Westminster, Buckingham Palace, 10 Downing Street, and numerous national institutions, major shopping districts, and popular tourist destinations.

As a protective measure to prevent further damage, the councils shut down several computerized systems. Collectively, they provide services for approximately 360,000 people. The Royal Borough of Kensington and Chelsea is notably the smallest London borough in size and population, yet it ranks as the wealthiest in the UK by GDP per capita. The London Borough of Hammersmith and Fulham is a mid-sized council serving around 180,000 residents.

The Royal Borough of Kensington and Chelsea initially reported an issue preventing residents from reaching the council via online services or its contact center. It later confirmed it was responding to a cyber security issue that began on Monday and also affected Westminster City Council.

Investigations are currently underway to identify the perpetrators and their motives. The council has committed to providing public updates as more information is confirmed. Officials stated that the two primary affected authorities are collaborating closely with specialist cyber incident experts and the National Cyber Security Centre. The primary objectives are protecting systems and data, restoring functionality, and maintaining essential public services.

“We don’t have all the answers yet, as the management of this incident is still ongoing,” a representative for the Royal Borough of Kensington and Chelsea said. The council acknowledged that people will understandably have concerns and promised further updates for residents and partners in the coming days.

“At this stage, it is too early to say who did this and why, but we are investigating to see if any data has been compromised,” the council added. In line with standard procedure, the UK Information Commissioner’s Office has been formally notified of the breach.

Westminster City Council and the London Borough of Hammersmith and Fulham have posted brief statements on their websites about the disruptions. These notices include alternative contact numbers for residents who need immediate assistance.

While inquiries were made about the specific nature of the shared IT system, a council spokesperson declined to provide additional details at this time. According to security expert Kevin Beaumont, the incident constitutes a ransomware attack targeting a services provider used by all three councils. Despite this assessment, no ransomware group had publicly claimed responsibility for the attack at the time of reporting.

(Source: Bleeping Computer)