Attacks on remote council staff increased 213% during pandemic

A remote worker having IT issues
(Image credit: Shutterstock)

Cyber attacks on UK council staff working remotely more than tripled during the pandemic, a Freedom of Information (FOI) request has revealed.

Attacks increased by an average of 213% from March 2020, according to tech provider Insight, which gathered data from 47 councils across the UK.

On average, 74% of council employees switched to remote working, which is more than double the UK average and represents 1.4 million of the country's workers, according to Insight. What's more, remote working is set to continue in 98% of councils, leading to fears that attacks targeting employees at home will only continue to increase.

"The fact that councils could move their employees to remote working without disrupting services needs to be recognised for the major achievement it was," said Darren Hedley, the managing director of Insight UK and Ireland. "However, councils now need to build on this success: putting in place and strengthening defences to protect remote workers and eliminate gaps in security that could allow attackers to threaten essential services.

Hedley adds that many councils cannot do this alone and suggests that they need support and resources from the government, warning that there will be more and more employees and councils falling victim to attacks.


Don’t just educate: Create cyber-safe behaviour

Designing effective security awareness and training programmes


Another area of concern is around training, with less than half (47%) of councils investing more of their IT budget in increased security training for remote workers, even though such education is thought to be essential for remote or hybrid workforces.

"Clearly the priority in 2020 was enabling remote working, but more than a year into the pandemic it's worrying that many councils still haven't been able to assess their security posture," said Charlotte Davis, Insight's cyber security practice lead.

"These assessments need to cover the entire threat landscape, including third party risks, and honestly analyse gaps in the organisation's security posture. Once this is in place, councils can take the appropriate action to repair any gaps, from investing in technology, to building security awareness and putting frameworks in place so employees can follow best practice."

Bobby Hellard

Bobby Hellard is ITPro's Reviews Editor and has worked on CloudPro and ChannelPro since 2018. In his time at ITPro, Bobby has covered stories for all the major technology companies, such as Apple, Microsoft, Amazon and Facebook, and regularly attends industry-leading events such as AWS Re:Invent and Google Cloud Next.

Bobby mainly covers hardware reviews, but you will also recognize him as the face of many of our video reviews of laptops and smartphones.