HQ/EMEAFind out how we can help your business
Three councils in England—Canterbury, Dover, and Thanet—recently fell victim to a coordinated cyberattack allegedly caused by an attack on their IT and HR service provider, Civica.
According to reports, the campaign forced the councils to shut down numerous online services temporarily. The affected councils on England’s southeastern coast collectively serve a population of nearly 500,000.
The NCSC has promptly initiated an investigation, collaborating with the affected councils to assess the full scope of the cyber incident. Moreover, a spokesperson for the agency expressed their commitment to understanding the attack’s impact on these critical local government entities.
The affected English councils have outsourced their IT and HR services to Civica.
According to the initial investigation, the councils involved that have fallen to the cyberattack share a common: they outsource their IT and HR services to Civica through the East Kent Services partnership.
This outsourcing arrangement has raised suspicions since the East Kent Services partnership’s website is inaccessible. Hence, these campaigns raise serious concerns about the potential compromise of services and data.
However, Civica, the private company responsible for providing IT and HR services and handling revenues, benefits, customer services, and debt collection for the three English councils, has denied involvement in the cyberattack.
Furthermore, Civica remains silent about the incident. On the other hand, researchers believe that there is a possibility that the attack originated within Civica, posing a critical question about the true scope of the breach.
On the other hand, the media manager for Canterbury City Council emphasised that the investigation is still in its early stages, preventing them from enumerating the compromised systems. As a precautionary measure, they isolated all systems, including those provided by Civica.
The cybersecurity community expressed their concerns about its potential impact on Civica. Experts noted that service providers such as Civica are frequent targets for supply chain attacks. These attacks compromise a single service provider, allowing a malicious entity to compromise all its customers simultaneously, resulting in a more devastating and impactful cyberattack.
As the investigation develops, the incident raises questions about the vulnerabilities associated with outsourcing essential services, urging a reevaluation of cybersecurity measures to fortify against potential supply chain attacks.
