Bacho Foto – stock.adobe.com
Suppliers are being invited to refined for enhanced cyber security capabilities at ransomware sufferer Hackney Council
London’s Hackney Council is tendering for mark novel security assurance capabilities and should soundless take into legend a preference of suppliers to come to a decision on the job, following a ransomware attack on its systems closing one year that, months later, has left many of its key companies disrupted.
In a anticipate for proposal (RFP) posted to the authorities’s Digital Marketplace, the council mentioned it supposed to set and organize its risks all over all its ICT environments to minimise the chance of a future cyber attack on its systems.
“Hackney Council is reviewing the intention we carry security assurance, following a cyber attack in October 2020 and enforcing changes to where required,” the council wrote.
“This work will encompass a evaluate of some of our technological tools as successfully our governance preparations and processes. This work will most seemingly be underpinned by a concurrent fragment of work focused upon the safety custom all the method by the team.”
The mission will carry two key strands of work: a evaluate and strengthening of insurance policies, processes and procedures; and an evaluation and implementation of novel security, behaviour and abilities capabilities.
The council mentioned it had already identified a preference of skills gaps and capability shortages of its have accord that would hinder the quick initiating of the mission: user research to set most modern behaviours and cultures impacting cyber security; evaluation of change, job and policy to distil that knowledge and flip it into actionable apply; and senior security apply to abet within the build of novel processes, and initiating of coaching and entirely apply to council workers.
The cost range for the mission is between £200,000 and £250,000, other than VAT, and the programme is decided to fling for approximately six months, with the chosen team working alongside the council’s staffers “in an agile mission sort”, doubtlessly remotely as a result of the pandemic. The reduce-off date for applications is decided for 2 February 2021.
The attack on Hackney’s systems, which first unfolded in October 2020, was described by Hackney mayor Philip Glanville as “morally insensible” and “fully putrid”.
It has affected hundreds of Londoners, and brought about ripple effects that race a long way previous the availability of IT systems – for example, property purchases within the borough accumulate ground to a stay.
Even if the council was originally reluctant to repeat the explicit nature of the attack, it was forced to substantiate it was ransomware after the Pysa/Mespinoza gang leaked likely the most stolen knowledge on-line earlier in January in an are trying to habits a double extortion attack.
The reality the knowledge was leaked at all is a solid indicator that the council has no longer paid the gang – that are described by Emsisoft’s Brett Callow as “horribly amateurish” – any ransom money and is correctly refusing to attain so.
Negate material Continues Beneath
Study more on Recordsdata breach incident management and restoration
![]()
Sepa knowledge leaks as agency resists ransom demands
By: Alex Scroxton
![]()
Extinct, on-premise systems focused in Hackney ransomware attack
By: Alex Scroxton
![]()
Hackney Council knowledge leaked by Pysa ransomware gang
By: Alex Scroxton
![]()
Ransomware ‘companies’: Does acting legit pay off?
By: Alexander Culafi
