Dumfries and Galloway Council prepares for cyber attacks with secret plan
Basic mobile phones ready for deployment against potential cyber threats
A secret stash of basic mobile phones are kept and ready to be deployed by Dumfries and Galloway Council leaders in the event of a major cyber attack.
These extra measures have been taken in readiness for a potential cyber attack on the local authority’s systems, which could put critical services and finances at risk.
This comes after a shock ransomware attack in November 2023 crippled the Western Isles Council (Comhairle nan Eilean Siar) – and the recovery cost around £1 million.
At last week’s meeting of the council’s audit, risk and scrutiny committee, councillors examined the lessons learned from the cyber attack on Western Isles Council and pressed officials on what Dumfries and Galloway has done to protect itself.
Mid and Upper Nithsdale Councillor Tony Berretti questioned what would happen to the council’s telephone systems in the event of an attack.
He said: “I’m just thinking, oh gosh, we’re going to have to get some carrier pigeons and runners and bicycles!
“Because clearly once your telephone system and numbers have been compromised, they can no longer be used.”
READ MORE: New cartoon campaign to tackle low fitness levels in Dumfries and Galloway
Kris Edgar, the council’s cyber security and ICT lead, confirmed that preparations are in place — though he was cautious about revealing too much detail in a public forum.
He continued: “What I can say is we have a stock of handsets, basic mobiles. We have a stock of other devices that we could deploy and we have contracts in place with our suppliers where we could look to raise those in short order should they be needed in a scenario like that.”
Councillor Berretti asked whether there was a hierarchy for who would receive devices first in a crisis.
Mr Edgar confirmed that key staff, systems, and processes have been identified through scenario-based exercises with directorates, with a prioritised recovery plan being developed.
He added that elected members would also be considered in the plans, given that councillors are “often the first port of call for members of the public in a difficult situation.”
Council leader Stephen Thompson asked for a simple explanation of ‘air-gapped backups’ — which have been recommended by Audit Scotland as a technical safeguard against ransomware attacks.
Mr Edgar explained that the council’s most critical data, described as “crown jewels,” is backed up with a third-party provider completely separate from any council infrastructure, whether local or cloud-based.
He added: “Should we then need those backups if the worst would happen, we would contact the third party and bring the backups back.
“It doesn’t sit on the same servers, same infrastructure, same location.”
Council chiefs will bring further detailed reports back to the committee on its cloud migration programme and cyber resilience arrangements, with some members requesting offline briefings to discuss the more sensitive specifics.