Title

DATA

A time for vigilance as ransomware threat still looms

Among the many recently identified threat vectors that should concern local government is a malware threat group known as APT12, which has been attributed to China, warns chief executive of the iESE Dr Andrew Larner.

Recent information published by the MITRE ATT&CK knowledge base illustrates that there are increasing threats targeted specifically at government (central and local) from Nation States and organised criminal groups, designed to cause ‘local disruption' and access ‘sensitive data'.

Among the many recently identified threat vectors that should concern local government is a threat group known as APT12, which has been attributed to China. The group has targeted a variety of victims including, media outlets, high-tech companies, and multiple Governments and governmental organisations. They have expertly exploited multiple vulnerabilities for execution, which is particularly concerning at this moment in time with workers operating remotely. There is a fear that malicious code may be ‘injected' into remote workers' machines and remain inactive until that device is reconnected to the central network.

The techniques above are often used to effect ransomware attacks on organisations and a particularly worrying development is the move from requesting a set ransom from the specific council to putting a sample of their data up on auction sites to raise the ransom value to a higher level, selling to the highest bidder. Not only would you be unable to perform your critical functions, but the whole world would immediately know about it and be able to see a sample of stolen data!

In early June, the University of California San Francisco was attacked by the notorious NetWalker ransomware; medical research files were encrypted, and a demand was made for $3m Bitcoin payment. BBC News was anonymously tipped-off about the ransom and was able to follow the demands and negotiations in near real-time. The University ended up negotiating a settlement of $1.14m to stop the data being sold on the dark web.

It is impossible for any anti-virus, EDR, firewall solution to continuously update and increase their signatures to stop all these attacks, many of which have not been seen before. However, there is now a unique and patented zero-day, zero-trust technology. Unlike other malware protection, this technology is capable of defence on day zero when the virus is first released as it does not need to know or have seen previously the signature of the attack. And zero-trust means that it monitors everything and trusts nothing.

We are currently testing this new technology with local authorities, if you are interested in being a trial site please contact annabelle.spencer@iese.org.uk.

Dr Andrew Larner is chief executive of the Improvement & Efficiency Social Enterprise (iESE), which supports public sector transformation

For more information visit www.iese.org.uk

DATA

Making care everyone's business

By Jess McGregor | 17 July 2026

Reform of adult social care will only succeed if it is built through a stronger public understanding of care as something that touches families, communities ...

DATA

Talent 20: Adult Social Care

By Sunita Patel | 09 July 2026

Starfish Search's Lorraine Payne and Sunita Patel celebrate the rising stars of adult social care.

DATA

How councils can help businesses connect with their largest untapped market

By Pippa Mannerings | 07 July 2026

Older consumers continue to be overlooked by many businesses. Pippa Mannerings details the role local authorities can play in convincing businesses they will...

DATA

Steadying the LGA ship

By Heather Jameson | 07 July 2026

As the Local Government Association heads to Bournemouth for its annual conference, can it adapt to political fragmentation and sector reform while staying t...

Dr Andrew Larner

Popular articles by Dr Andrew Larner