William Eichler 12 February 2018

Two council websites hacked by crypto-coin miners

Two council websites hacked by crypto-coin miners image

Manchester City, Camden and Croydon council websites were among 5,000 sites ‘maliciously’ hacked over the weekend.

The perpetrators attempted to introduce malware software known as ‘Coinhive’, which would illegally mine a cryptocurrency similar to Bitcoin.

A Manchester spokesperson said there had been no negative impact on council services.

The websites of the Information Commissioner's Office and the Student Loans Company were also impacted.

The Coinhive script was inserted into a third-party accessibility plugin ‘BrowseAloud’ which is used to help blind or partially-sighted people access the web.

The company Texthelp, which develops the BrowseAloud plugin, has confirmed their product was ‘compromised during a cyber attack’ on Sunday morning.

Texthelp immediately detected the hack and removed the product.

‘Texthelp has in place continuous automated security tests for Browsealoud, and these detected the modified file and as a result the product was taken offline,’ said Martin McKay, CTO and data security officer at Texthelp.

‘This removed Browsealoud from all our customer sites immediately, addressing the security risk without our customers having to take any action.’

The National Cyber Security Centre (NCSC) is investigating the incident’s impact on Government websites.

‘NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency,’ a spokesperson said.

‘The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely.

‘At this stage there is nothing to suggest that members of the public are at risk.’

A Croydon council spokesman said: 'We would like to reassure our website users that no council data or information has been accessed or compromised during this worldwide cyberattack.

'As a precaution we are working closely with our web partners to review the security of any third party software and accessibility services that we use to mitigate against any future threat.'

A Manchester City Council spokesperson said: 'We were made aware of a cyber-attack on a third-party's server yesterday [Sunday, 11 February]. The council’s website does use the Browesaloud service but the manchester.gov site is safe to use and there is no risk to our users’ personal data.'

'This was an issue within the Browsealoud software, which is accessible via our site, rather than a hack on our council website itself,' said a spokesperson for Camden Council.

'No customer data has been accessed or lost and Camden’s website continues to be secure.

'As soon as the software was taken down nationally it was no longer available via our website, but we still took steps to remove the links to the software from our site.'

For your free daily news bulletin
Highways jobs

Independent non-executive members of proposed NHS Integrated Care Boards

Do you have the vision to shape the future of health and care for people in your area? Nationwide
Recuriter: NHS

Lead Community Protection Officer

Royal Borough of Greenwich
£37722 - £40869 per annum + value award of £2,472 per annum
2 x Lead Community Protection OfficersCommunity Protection Team(PO3 plus an incremental value award of £2,472 per annum) Permanent Our Community Prote England, London, Woolwich
Recuriter: Royal Borough of Greenwich

School Organisation Project Officer

Camden London Borough Council
£41,952- £48,663
We’re giving a platform to people inside and outside our community. Because, we’re not just home to the UK’s fast-growing economy. Camden, London (Greater)
Recuriter: Camden London Borough Council

Service Manager (Referral and Assessment)

London Borough of Richmond upon Thames and London Borough of Wandsworth
£60,426 to £74,202 per annum
Can you inspire, encourage, and develop excellent social work practice to make a real difference in the lives of children and young people? Wandsworth, London (Greater)
Recuriter: London Borough of Richmond upon Thames and London Borough of Wandsworth

Asset Management Team Administrator

The Royal Borough of Kensington & Chelsea Council
£26,544 - £30,618 per annum
The role is what you make it, and the more you put in, the bigger the difference you can make to... Kensington and Chelsea, London (Greater)
Recuriter: The Royal Borough of Kensington & Chelsea Council

Public Property

Latest issue - Public Property News

This issue of Public Property examines how how flexible workspaces can lead the way in regeneration for local authorities, Why local authority intervention is key to successful urban regeneration schemes and if the Government’s challenge of embracing beauty is an opportunity for communities.

The March issue also takes a closer look at Blackburn with Darwen Council's first digital health hub to help people gain control over health and care services.

Register for your free digital issue