Security researcher Scott Helme told PF he estimated that “between 20 and 30 UK government websites” were hit by the hackers on 11 February. More than 4,000 websites were successfully targeted globally.
Government websites in other countries were also affected, Helme noted.
Amongst the affected government websites were the Student Loans Company, the Information Commissioner’s Office, Manchester City Council and Croydon Council.
Croydon and Manchester are the latest in a long list of local authorities whose online security has been compromised by hackers.
The common link between the affected websites was the use of a plug-in called Browsealoud, which helps visually impaired people browse the internet.
The company that designed the plug-in, Texthelp, suffered a breach that made the sites using it vulnerable.
Hackers installed software on the plug-in which meant the computers accessing the affected websites were used to “mine” for a cryptocurrency named Monero.
Helme told PF: “I am hoping that this will serve as a wake up call to the wider public” that the threat of hacks is real and that organisations, including the government, need to do more to guard against hacks.
A Manchester City Council spokesperson said: “The council’s website does use the Browsealoud service but the Manchester.gov site is safe to use and there is no risk to our users’ personal data.”
A spokesperson for the National Cyber Security Centre said: “NCSC technical experts are examining data involving incidents of malware being used to illegally mine cryptocurrency.
“The affected service has been taken offline, largely mitigating the issue. Government website continue to operate securely.
“At this stage there is nothing to suggest that members of the public are at risk.”
