Moray Council needs to update cyber security
Register for free to read more of the latest local news. It's easy and will only take a moment.
Moray Council needs to update its cyber security to protect against online attacks that would harm its ability to deliver services.
Discussions were held yesterday after a review highlighted this failure.
Dafydd Lewis, the council's audit and risk manager, said: "I do not wish to sound as if I’m scaremongering.
"However, in the current environment the question may not be if but when a Scottish council will be subject of a successful cyber attack."
Mr Lewis added that the council's security policies have not been reviewed for several years.
Councillor Donald Gatt (Keith and Cullen, Conservative) said: "I’m a little concerned there was a delay in the audit because of Covid.
"With the pandemic in mind and the attack the other year on Sepa, if we lose our IT system then we really are in a lot of bother across the whole council with all manner of things."
Cllr Graham Leadbitter (Elgin South, SNP) stated that Sepa – the Scottish Environmental Protection Agency is still recovering from the attack in December 2020.
Around 4000 documents were made public on Christmas Eve after the agency refused to pay a ransom.
The full financial impact of the attack is still unknown.
Cllr Leadbitter said: "The amount of data lost was the vast majority of the data the organisation held.
"They had to rebuild all their communication, all their emails, all their distribution lists.
"It took months just to get back to some of the most basic operations.
"The impact cannot be underestimated."
Cllr Peter Bloomfield (Elgin South, Conservative) said he'd had to instal anti-virus on his council mobile phone was subject to phishing (fraudulent messages).
Mr Lewis said he would raise the issue with the council's IT manager.
