Contactez-nous Suivez-nous sur Twitter En francais English Language

Freely subscribe to our NEWSLETTER

Newsletter FR

Newsletter EN



Leicester City Council suffers cyberattack - Netwrix comments

April 2024 by Dirk Schrader, field CISO and VP of security research at Netwrix

Leicester City Council has revealed that after suffering a cyberattack, approximately 25 confidential documents including rent statements, passport information and applications to buy council housing are online. The culprits of this attack are infamous ransomware gang, INC Ransom, who are notoriously known for targeting government and healthcare organisations.

Dirk Schrader, field CISO and VP of security research at Netwrix notes the best practices organisations can adopt in order to avoid similar cyberattacks:

“The INC Ransom group has published a limited number of documents to gain attention, solidify the reputation of a dangerous adversary, and create further anxiety. They will likely leverage the exfiltrated data in future attacks, including impersonation or scams, to extract money.

“Other public entities should stay vigilant and make sure to get prepared accordingly. Typically, there are three stages in the attack. First, bad actors gain access to some part of the IT infrastructure to have ‘a foot in the door’. Next, they infiltrate deeper, expanding their control over a victim’s digital assets. Finally, they impair the operations and extract sensitive data.

“With this in mind, the first step towards ransomware protection will be to adapt digital assets to the known cyber risks. The most likely scenarios include account takeover by phishing campaigns, brute force password cracking, and exploiting vulnerable configurations, to name a few. Implementing the least privilege approach and system hardening will help to mitigate these risks.

“Second, it is crucial to anticipate new risks where threat actors change their tactics, techniques, and procedures. Switching to modern security solutions and updating them in a timely manner significantly reduces the number of vulnerabilities that adversaries can exploit.

“Finally, it is crucial to ensure that an organisation is capable of functioning while being under attack and can recover from it. Organisations should take regular care of their backups and exercise restoration processes to make sure everything runs smoothly when the time comes.”

See previous articles


See next articles

Your podcast Here

New, you can have your Podcast here. Contact us for more information ask:
Marc Brami
Phone: +33 1 40 92 05 55

All new podcasts