The interim results of the forensic investigation following the cyber-attack on Comhairle nan Eilean Siar (CnES) on Tuesday November 7 has established that data stored on CnES’s operational and backup servers cannot be accessed.
In a statement released today (Monday November 20) the council said the investigative team led by Police Scotland, the National Cyber Security Centre, and the Scottish Government, alongside the CnES IT team, has been able to access the Comhairle’s servers but has not been able to access the stored data.
The statement added that there is currently no indication that any data has been extracted from the server or published.
CnES said it will communicate with those impacted if this situation changes, and continue to engage with and seek advice from expert organisations to monitor and mitigate the impact of this incident. It has also established an incident management team to lead on the response to this incident.
Further to this, the council highlighted two priorities moving forward:
- To identify any information extracted from the server and inform those impacted.
- To rebuild operations and ensure the continued delivery of services to those in our community that need them most.
Malcolm Burr, Chief Executive of CnES, said: “The Comhairle has been the victim of a cyber-crime which has caused significant damage and is having an impact on the delivery of many of our key services.
“Our priority is always the people of the Western Isles, and we will continue to work to ensure that the impact of this crime on everyone is lessened.
“This incident once again demonstrates the vulnerability of all public bodies to the growing threat of cyber-attacks.”