"Sustained cyber attack" on council in West Sussex

Hackers have attempted to gain access to the authority's email system

Author: Huw Oxburgh, Local Democracy Reporting ServicePublished 5th Jul 2021

Wealden District Council has been the target of a “sustained cyber attack” for several weeks, councillors have heard.

According to the council, it was discovered on June 14 that hackers were attempting to login to the authority’s email system, making around 3,000 such attempts by the end of that first day alone.

A similar number of attempts were made over the following days and weeks, although officers said none were successful and the attack appears to have now ceased.

Details of the attack and the council’s response were discussed at an overview and scrutiny committee meeting on Monday (July 5).

David Plank, the council’s head of customer and digital services, said: “It was what we call a brute force attack, for want of a better phrase.

“On June 14 we had over 3,000 attacks in one day. To put that into context, we normally get 20 to 30 each day.

“It was a concern, however, I am very pleased to announce that, over the weekend and into this morning, the email attacks have completely reduced again to that number. Although 20 to 30 a day is worrying, it happens all of the time I’m afraid. It is part and parcel of what we do.

“What I am pleased to say is that none of the attacks were successful whatsoever.”

Mr Plank went on to say the council had contacted the National Security Cyber Centre (NSCC) for advice and support during the attack.

Working with the NSCC, the council shored up its cybersecurity and introduced new measures to prevent its email system from being breached. This included a requirement that users sign-up for Multi-Factor Authentication when signing into their accounts.

According to the council, the attempted log-ins used various credentials from a wide number of countries, including Vietnam, Russia, Iran, and Brazil among others.