Lincolnshire County Council site hit by ransomware
The malware was demanding the council pay £1m to unscramble encrypted data
Lincolnshire County Council's website has been down for five days, following a ransomware attack demanding 1 million.
The malware infected the council's online systems as well as its public-facing website and encrypted all the files, saying it would not unscramble them unless the council paid the money.
A tweet posted on the council's official feed yesterday read: "Following a malware attack, the majority of our systems will be back online by tomorrow morning. No data has been stolen. Thank you"
Although the sites were taken offline, the council said only a few files were encrypted by the malware and added the website should be up and running again early this week. Everything appeared to be functioning normally at the time of writing.
The authority confirmed it was a zero-day attack, adding that it was unfortunate it was the first organisation to have been targeted with this particular malware and that security experts were not previously aware of this particular type of ransomware.
"People can only use pens and paper, we've gone back a few years," the council's CIO Judith Hetherington-Smith told the BBC.
"[The attack] happened very quickly. Once we identified it we shut the network down, but some damage is always done before you get to that point - and some files have been locked by the software.
She added that many of the files hit can be restored from the back-up, so all was not lost in the attack.
Lincolnshire Police is investigating into the attack to try and determine who would make such demands.
What you need to know about migrating to SAP S/4HANA
Factors to assess how and when to begin migrationDownload now
Your enterprise cloud solutions guide
Infrastructure designed to meet your company's IT needs for next-generation cloud applicationsDownload now
Testing for compliance just became easier
How you can use technology to ensure compliance in your organisationDownload now
Best practices for implementing security awareness training
How to develop a security awareness programme that will actually change behaviourDownload now