William Eichler 12 February 2018

Two council websites hacked by crypto-coin miners

Manchester City, Camden and Croydon council websites were among 5,000 sites ‘maliciously’ hacked over the weekend.

The perpetrators attempted to introduce malware software known as ‘Coinhive’, which would illegally mine a cryptocurrency similar to Bitcoin.

A Manchester spokesperson said there had been no negative impact on council services.

The websites of the Information Commissioner's Office and the Student Loans Company were also impacted.

The Coinhive script was inserted into a third-party accessibility plugin ‘BrowseAloud’ which is used to help blind or partially-sighted people access the web.

The company Texthelp, which develops the BrowseAloud plugin, has confirmed their product was ‘compromised during a cyber attack’ on Sunday morning.

Texthelp immediately detected the hack and removed the product.

‘Texthelp has in place continuous automated security tests for Browsealoud, and these detected the modified file and as a result the product was taken offline,’ said Martin McKay, CTO and data security officer at Texthelp.

‘This removed Browsealoud from all our customer sites immediately, addressing the security risk without our customers having to take any action.’

The National Cyber Security Centre (NCSC) is investigating the incident’s impact on Government websites.

‘NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency,’ a spokesperson said.

‘The affected service has been taken offline, largely mitigating the issue. Government websites continue to operate securely.

‘At this stage there is nothing to suggest that members of the public are at risk.’

A Croydon council spokesman said: 'We would like to reassure our website users that no council data or information has been accessed or compromised during this worldwide cyberattack.

'As a precaution we are working closely with our web partners to review the security of any third party software and accessibility services that we use to mitigate against any future threat.'

A Manchester City Council spokesperson said: 'We were made aware of a cyber-attack on a third-party's server yesterday [Sunday, 11 February]. The council’s website does use the Browesaloud service but the manchester.gov site is safe to use and there is no risk to our users’ personal data.'

'This was an issue within the Browsealoud software, which is accessible via our site, rather than a hack on our council website itself,' said a spokesperson for Camden Council.

'No customer data has been accessed or lost and Camden’s website continues to be secure.

'As soon as the software was taken down nationally it was no longer available via our website, but we still took steps to remove the links to the software from our site.'

Skate parks are not the only fruit image

Skate parks are not the only fruit

On Go Skateboarding Day, Susannah Walker asks councils and their leisure and park departments to think differently about what facilities they provide for teenagers.
For your free daily news bulletin
Highways jobs

Travel Information Data Technician

Essex County Council
Up to £25581 per annum
This is an exciting opportunity to work across all aspects of the Integrated Passenger Transport Unit (IPTU). Working with a passionate and dedicated England, Essex, Chelmsford
Recuriter: Essex County Council

Planning Strategy & Implementation Manager

Essex County Council
£57621 - £61410 per annum
Planning Strategy & Implementation Manager Permanent, Full Time £57,621 to £61,410 per annum Location
Recuriter: Essex County Council

Senior Accountant

Telford & Wrekin Council
£39,571 - £42,614
Are you a qualified Accountant looking to take the next step in your career? Telford, Shropshire
Recuriter: Telford & Wrekin Council

Family Assessment Worker

Telford & Wrekin Council
£25,419 to £27,514
We have a great opportunity for a full time Family Assessment Worker in the Parenting Assessment Team. Telford, Shropshire
Recuriter: Telford & Wrekin Council

Neighbourhood Enforcement Officer

Telford & Wrekin Council
£23,023 - £24,920
The post holder will tackle environmental crimes and unlawful parking. Telford, Shropshire
Recuriter: Telford & Wrekin Council

Partner Content

Circular highways is a necessity not an aspiration – and it’s within our grasp

Shell is helping power the journey towards a circular paving industry with Shell Bitumen LT R, a new product for roads that uses plastics destined for landfill as part of the additives to make the bitumen.

Support from Effective Energy Group for Local Authorities to Deliver £430m Sustainable Warmth Funded Energy Efficiency Projects

Effective Energy Group is now offering its support to the 40 Local Authorities who have received a share of the £430m to deliver their projects on the ground by surveying properties and installing measures.

Pay.UK – the next step in Bacs’ evolution

Dougie Belmore explains how one of the main interfaces between you and Bacs is about to change.