Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.

Fears hackers could target Moray Council via Russian antivirus software

Fears have been raised hackers could target Moray Council via Russian antivirus software. Image: Shutterstock
Fears have been raised hackers could target Moray Council via Russian antivirus software. Image: Shutterstock

Fears have been raised that Moray Council could be at risk of cyber attacks from Russian hackers.

The local authority has recently renewed its antivirus protection with Kaspersky, a Moscow-based business.

In March Kaspersky antivirus software was considered an unacceptable threat to the USA’s national security, following Russia’s invasion of Ukraine.

It was added to a risk list along with two Chinese companies. American businesses are now banned from buying its products with federal subsidies.

Also in March Germany’s cyber security agency told people to uninstall Kaspersky software as it left them vulnerable to hacking.

Councillor for Fochabers Lhanbryde Marc Macrae. Image: Jason Hedges/DC Thomson

Councillor Marc Macrae said he has raised concerns several times with chief executive Roddy Burns over the council’s reliance on Kaspersky for its cyber security.

He is also alarmed the local authority is still buying products from a Russian supplier given the war in Ukraine.

However a council spokesperson said the renewal had been carried out in accordance with UK National Cyber Security Centre (UKNCSC) guidance.

Mr Macrae said: “It strikes me as potentially worrying that Russian computer programmers may have back door access through Russian software applications to hack users.

Cyber threat ‘worrying’

“The council has so much data saved for social care, health care and education.

“We don’t want that to fall into the wrong hands or have that deleted.

“It bothers me that big organisations are complacent about this because these are not new issues.”

Last week the council’s audit and risk manager Dafydd Lewis warned a successful cyber attack on a Scottish council was a matter of when not if.

His comments came after shortcomings in the local authority’s cyber security procedures were highlighted.

Moray Council is finding it difficult to return £80,000 to the estates of deceased health and social care clients.
Moray Council has renewed its cyber security software with Russian-based company Kaspersky.

Mr Macrae fears the local authority could be subject to a similar attack to one targeting the Scottish Environmental Protection Agency on Christmas Eve 2020.

More than 4,000 documents were made public after the agency refused to pay a ransom to hackers.

The full financial impact of the attack is still unknown.

Mr Macrae said: “We saw what happened to Sepa. They are still recovering from that attack and they’re a much more impressive government quango.

“What hope has Moray Council if it were to suffer a similar fate?

“It just takes one person in the world and we’re scuppered.”

‘Scuppered’

In 2017 the US Department of Home Security banned Kaspersky products from government departments.

The move came after allegations the company was engaging with the Russian Federal Security Service (FSS).

Businesses have a legal obligation to assist the FSS.

There have also been reports confidential documents were stolen from the home computer of a US national security agent via the software by Russian government hackers.

Kaspersky, which has an estimated 400 million users worldwide, denies all the allegations.

Concerns have been raised Russian hackers could access Moray Council data through its antivirus. Image: Shutterstock

A spokesperson for the council said: “Following the conclusion of our existing antivirus software contract we extended it for the minimum period possible to allow us to explore other options.

“This has been carried out in accordance with guidance published from the UK National Cyber Security Centre and with as little risk to the council as possible.

“The transition to new software will also be carried out with as little risk as possible, while ensuring the cyber security of the organisation, which remains our key focus.”

The UKNCSC has not banned the use of the Russian company’s antivirus.

However in 2017 it issued advice that government departments involved with national security should not use Kaspersky or similar products.

Conversation