COUNCIL members were advised of threats being posed by hackers in the weeks before the local authority was hit by a cyber attack.

As reported by the Star, St Helens Borough Council has been targeted by a ransomware attack, which has affected its IT systems and networks.

The council is working with cyber security advisors to try and resolve the issue.

The council says some of its internal systems have been affected and described the incident as a "complex and evolving" situation.


Ransomware is a form of cyber attack where criminals break into an organisation’s system and encrypt files, making them inaccessible, and demand a ransom payment in order to release them.

It has been used in a number of high-profile incidents, including the 2017 attack on the NHS.

In the past month, council members were given an update on the strategic risk register at an audit and governance committee meeting.

They were told "robust" measures were in place to combat the "constant" threat of a successful cyber attack against St Helens Council amid the "increasing determination’ of perpetrators".

Increasing threat

A report to the committee said the threat of a successful cyber attack against the council was ongoing and despite adequate defences and training, the "frequency, ingenuity, and determination of cyber criminals is increasing, so we must keep this in view".

It added that if the council does not implement and maintain robust IT security arrangements, there is an increased exposure to external attacks by cyber-criminals leading to "legal, financial, and reputational issues" for the council.

The council has a range of systems in place which help to detect and prevent cyber-attacks against its services.

Security measures

Speaking ahead of the attack on the council's network, a spokesman for the local authority told the Star: "We have now put in place a number of security measures to keep our IT networks running safely.

“Staff receive mandatory training on data protection and cyber security, which is refreshed annually, and we work closely with our public and private sector partners to continually enhance our cyber capabilities and controls.

“These are regularly and thoroughly audited by external agencies to validate our security posture against cyber best practice standards.”

Internal systems

On Tuesday, after news of the cyber attack emerged, St Helens Council said: "We are currently dealing with a suspected ransomware incident on the council's IT systems and networks. 

"The attack was first identified on Monday, August 21 and we immediately alerted our external cyber security contractor to investigate this issue further.

"We are continuing to provide council services via our website. 

"Some internal systems to the council are currently being affected due to the actions we have put in place to prevent any further impact, and whilst a full investigation is undertaken. 

“While we work through this ongoing situation we would recommend that residents are mindful of how to keep themselves safe online and be alert to any communications they may have received from the council.

"You can find out more about keeping safe online here

“Please be reassured that together with our cyber security specialists we are working to resolve this incident, but obviously this is a very complex and evolving situation.”