Minister accused of telling Yorkshire council to keep quiet about cyber attack

Mason Boycott-Owen
By Mason Boycott-Owen
Published 31st Jan 2023, 17:32 BST
Updated 1st Feb 2023, 10:55 BST
A government minister has been accused of telling a Yorkshire council to keep quiet about the impact of a “catastrophic” cyber-attack two years ago, MPs have been told.

Mary Lanigan, the leader of Redcar and Cleveland Borough Council told the Joint Commission on the National Security Strategy (JCNSS) on Monday that pressure from the Government “caused us a lot of issues”.

The committee is currently holding an inquiry into the effectiveness of the UK’s national security strategy in dealing with cyberattacks such as ransomware.

Hide Ad
Hide Ad

Ms Lanigan told the JCNSS that a minister told her that the Government would meet the costs, but that it failed to do so, costing the council around £7 million.

Mary Lanigan, the leader of Redcar and Cleveland Borough Council told the Joint Commission on the National Security Strategy (JCNSS) on Monday that pressure from the Government “caused us a lot of issues”.Mary Lanigan, the leader of Redcar and Cleveland Borough Council told the Joint Commission on the National Security Strategy (JCNSS) on Monday that pressure from the Government “caused us a lot of issues”.
Mary Lanigan, the leader of Redcar and Cleveland Borough Council told the Joint Commission on the National Security Strategy (JCNSS) on Monday that pressure from the Government “caused us a lot of issues”.

The ransomware attack on the council in 2020, which covers some of the most deprived areas of the country, was “devastating” to local services just before the pandemic, the committee was told.

“Children and adult services — everything had been wiped out completely,” said Ms Lanigan.

“So you can imagine any reports coming in from members of the public regarding children and services and things like that [were missed]. It was devastating.”

Hide Ad
Hide Ad

“We couldn’t even take in payments for [business] rates or for any bills,” she added.

“We were advised not to go into a great deal of depth about what had happened. The public knew that we’d been hit with a ransom attack, but not how serious that was… it was catastrophic, not just for the council but for the residents and the people that we serve across the board,” said Ms Lanigan.

The council leader praised staff from the National Cyber Security Centre, part of GCHQ, for helping the council get its children’s services functioning after the attack, with workers given beds to sleep in the building to get services running again.

However, it took the council more than eight months to be fully functioning again, during which time the country had gone into lockdown, with councils around the UK facing extreme pressures.

Hide Ad
Hide Ad

“Although we informed central government that we were under attack, we were left to our own devices for the first week or so. We had to ring private security. Central government left us. I have the paperwork here,” Ms Lanigan told the committee.

“What I was getting from central government was ‘don’t say anything,’ which made it very difficult — although my cabinet knew what was going on — and it seemed that we had to keep it really tight,” she said.

“And maybe because of security, I absolutely understand that, but then in hindsight it caused us a lot of issues because we couldn’t actually go out there and say ‘this is what’s happened.’”

A Government spokesperson said: "The National Cyber Security Centre worked to support Redcar and Cleveland Council as soon as this incident occurred, including sending a team to provide on-site advice.

Hide Ad
Hide Ad

“The NCSC continued to help with co-ordination with wider government and law enforcement, and remained in regular contact throughout.

“In addition to £3.6m in direct funding to help with the costs of this incident, the Government has offered the council an extra £1.2m in capital flexibility."

Related topics:GovernmentMPsYorkshire