Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.
Home News Aberdeen & Aberdeenshire

North councils still at risk from cyber attack

By Calum Ross
Post Thumbnail

Several local authorities in the north and north-east remain vulnerable to cyber attacks after failing to fully implement e-mail security measures.

Research has found that fewer than a third of Scottish councils have brought in anti-spoofing technology recommended by the UK National Cyber Security Centre (NCSC).

The “DMARC” (domain-based message authentication, reporting and conformance) system helps authenticate an organisation’s communications as genuine and prevents attackers from sending out “phishing” messages appearing to originate from the council.

The NCSC says that attackers sending fake e-mails purporting to be from a government body is “one of the biggest problems in UK cyber security”.

Last year HMRC – which is the “most spoofed brand” in Britain – blocked more than 300 million malicious or fraudulent e-mails, with the help of DMARC.

But in northern Scotland, only Aberdeenshire and Shetland Islands Council have fully implemented the security measure, with the process remaining incomplete at Aberdeen City Council, Argyll and Bute Council, Highland Council, Moray Council and Western Isles Council, according to the research. The study was carried out by technology company OnDMARC.

Co-founder Randal Pinto said: “The UK Government has deemed DMARC as an essential step in protecting residents of Scotland against phishing attacks, so it’s disappointing to see so many local authorities neglecting to shore up their e-mail defences.

“DMARC was designed by IT industry heavyweights together in a bid to eradicate e-mail fraud, so we need to educate local authorities from Falkirk to the Orkney Islands Council about what it is, how it can better protect citizens and how it can be implemented with minimal cost and disruption to existing local government services.”

Last night, a spokeswoman for Moray Council said: “We already use elements of DMARC and are now working to implement it fully as we put into place the Secure Email Blueprint from the National Cyber Security Centre.

“This will strengthen our already robust approach to cyber security and protect residents and businesses from phishing.”

A Highland Council spokeswoman said: “As part of its ICT transformation programme, Highland Council is currently implementing DMARC as an additional cyber security measure to its existing Public Services Network (PSN) security accreditation  to ensure our residents data is securely protected.”

Between April 2016 and December 2016, more than 15million attacks were attempted against Aberdeen City Council.

This included more than 12million spam attacks, and almost 300,000 attempts to infect the local authority’s systems with computer viruses.

This January, Aberdeen City Council’s website was taken down by hackers, who left their names on the web page.

The hackers said they targeted the council in response to President Donald Trump’s travel ban.