A coordinated cyberattack has struck three major London councils, forcing officials to shut down phone lines and IT networks while activating emergency response protocols. The incident affects Kensington and Chelsea, Westminster, and Hammersmith & Fulham councils, disrupting public services for hundreds of thousands of residents across central London.
A sophisticated cyberattack has struck right at the heart of London's government infrastructure, hitting three major councils that serve some of the capital's most densely populated boroughs. The incident, which prompted immediate emergency response protocols, has forced officials to take the drastic step of shutting down entire IT networks and phone systems.
The Royal Borough of Kensington and Chelsea and Westminster City Council, which share IT infrastructure through a joint arrangement, confirmed they're "focusing on protecting systems and data, restoring systems, and maintaining critical services to the public." Hammersmith & Fulham Council also reported being affected by the same incident.
The timing couldn't be worse - these councils collectively serve over 400,000 residents across some of London's most affluent and tourist-heavy areas, including Hyde Park, Buckingham Palace's neighborhood, and major shopping districts. The attack has disrupted essential services including housing support, social services, and waste collection right as the holiday season ramps up.
What makes this incident particularly concerning is the coordinated nature of the attack. The fact that multiple councils with shared IT infrastructure were hit simultaneously suggests this wasn't a random opportunistic strike, but rather a targeted campaign against London's local government systems. This echoes similar attacks we've seen against municipal governments worldwide, where cybercriminals specifically target public sector organizations knowing they often have limited cybersecurity resources.
The councils aren't revealing much about the attack's specifics - a common tactic during active incidents to avoid giving attackers additional information. However, Kensington and Chelsea's website states the cause is "now established," though they won't release details due to the ongoing investigation with UK law enforcement agencies. This suggests authorities have identified the attack vector, which is typically the first step in containment and recovery.
The silence around whether this is ransomware is telling. Most cyberattacks against government entities in recent years have been ransomware campaigns, where hackers encrypt critical systems and demand payment for restoration. The fact that these councils immediately shut down networks rather than trying to maintain operations suggests they're taking a scorched-earth approach to prevent further damage - a strategy that's become standard practice when facing sophisticated threats.
