St Helens Borough Council [1] [2] [3], a UK local authority [2], is currently investigating a suspected ransomware attack on its internal systems [1] [3]. This incident highlights the ongoing threat faced by local government authorities and the need for enhanced cybersecurity measures.


The incident was first identified on August 21 [1], prompting the council to immediately seek assistance from a third-party security firm. While some internal systems have been disrupted [2] [3], the council is still able to provide services through its website [2]. In response to the attack, the council has issued a warning to citizens about potential follow-on scams, particularly phishing emails impersonating banks and requesting personal information [2].

It is worth noting that local government authorities in the UK and US are often targeted by ransomware actors due to perceived resource limitations [2]. Previous incidents at Redcar & Cleveland Borough Council and Hackney Council have demonstrated the significant costs associated with remediation and restoration. In fact, in 2022 alone, approximately 106 local governments in the US were affected by ransomware [2], with data stolen in about a quarter of those incidents [2]. These cyberattacks on UK councils have had a substantial financial impact, raising concerns about the outdated approach to cybersecurity in the public sector.

To address these concerns, the UK government has implemented the National Cyber Strategy 2022, which aims to enhance the resilience of the public sector against external threats.

Residents are advised to exercise caution online and remain vigilant against scams. In 2022 [2] [3], UK councils experienced nearly 1500 data breaches and over 600 lost or stolen devices [3]. Furthermore, the cyberattack on Capita, a payroll outsourcing group [3], put personal data at risk for various organizations [3], including local councils [3]. The UK Electoral Commission also fell victim to a cyberattack that compromised voter data and internal systems [3].


The ransomware attack on St Helens Borough Council serves as a reminder of the ongoing threat faced by local government authorities. The financial impact of such attacks, as seen in previous incidents [2], highlights the need for improved cybersecurity measures in the public sector. The implementation of the National Cyber Strategy 2022 by the UK government is a step towards enhancing the resilience of the public sector against external threats. However, residents must also play their part by remaining cautious online and staying alert to potential scams. The recent data breaches and cyberattacks on various organizations, including local councils [3], underscore the importance of proactive measures to protect sensitive information and maintain the integrity of internal systems.