Search This Blog

UK Councils and Hospitals Have Weak Cyber Security, Prone to Cyber Attacks

UK council spent a mere amount of €32,000 yearly on its cybersecurity budget.

Weak Cybersecurity Spending

A cybersecurity investigation at UK public services disclosed huge inconsistencies in defense expenditure, hundreds of flaws in websites, and staff e-mail IDs and passwords. All these have been found at one council, and the full details have been posted online. 

The ITV News investigation revealed that a UK council spent a mere amount of €32,000 yearly on its cybersecurity budget. When compared to another council, a relatively smaller one- it had an annual cybersecurity budget of €1m, 30 times more. 

What are the findings

The investigation also disclosed that a hospital had just €10,000 per year for cybersecurity. The investigation hasn't disclosed the names of the public institutions. 

“Realistic funding, along with the right strategies, is vital to safeguard employees and members of the public. Public sector organizations must take steps to not only raise awareness of new and emerging cyber threats but also provide effective security training and support." 

By equipping and empowering employees with the knowledge and know-how to spot and avoid attacks, the UK’s local authorities will be able to remain one step ahead. This isn’t just about technical defenses; it’s about supporting people in their day-to-day lives," said Oz Alashe, CEO and founder CybSafe. 

 According to ITV News, the problems that cyber-attacks have caused are: 

  • Overpriced tax bills 
  • Hospital operations canceled 
  • Incorrect benefit payments 
  • People were forced to vacate their residence 
  • House sales falling 
  • Can't apply for council housing 
  • Private data leaked online 
  • Council houses repair is not done 

The investigation mentioned that experts informed ITV News of their concerns about the lack of understanding and standards for public services related to cybersecurity. In 2021, Gloucester City Council's servers were attacked by Russian threat actors. 

In June, the IT systems of the city council weren't functioning. The authorities had kept €380,000 for fixing and recovering from the incident. In October 2021, the UK council was attacked, leading to 33,645 data breach attacks that happened due to human error in the last five years, the officials say. 

According to InfoSecurity "the data, obtained following a Freedom of Information (FoI) request sent by VPNOverview to 103 county councils in the UK, broke down the number of breaches suffered by each body. The local authority with the worst record for human-caused data breaches was Hampshire County Council, with 3759 incidents since 2016. This included 902 breaches in the year 2018/19. Gloucestershire County Council had the next worst record, suffering 2723 breaches in this period. It also experienced the largest increase from 2016/17 (90) to 2020/21 (1004) of any UK council, a rise of 1016%."

Share it:

Company Safety

Council

Cyber Security

Hospitals