Lincolnshire County Council 'will not pay cyber ransom' Published duration 31 January 2016

media caption Technology explained: what is ransomware?

A council whose computer systems were closed down by a cyber attack has said it will not be paying out a ransom.

Lincolnshire County Council's systems were closed on Tuesday after an email was opened that triggered the malware attack.

Initially thought to have been asked for a £1m ransom, the council said it was actually asked to pay $500 (£350).

Judith Hetherington-Smith, from the council, said: "We are not going to pay... we wouldn't pay a ransom fee."

Mrs Hetherington Smith, the council's chief information officer, said: "As of Monday morning, as staff come back to work, we are expecting to be pretty close to normal."

'Pen and paper'

The ransomware attack had asked for an initial $500 in the digital currency Bitcoin and threatened the amount would increase over time if this was not paid, according to Mrs Hetherington Smith.

Ransomware encrypts data on infected machines and only unscrambles it if victims pay a fee.

Mrs Hetherington Smith said the council's systems had been closed down so they could not be compromised.

The council has scanned and checked 458 servers and 70 terabytes of data "to make sure it's clean".

Mrs Hetherington-Smith said: "This was what's termed as a zero-day attack, which means when it hit us the security software providers hadn't seen it before."

The council has checked and all of its anti-virus and other security measures are "up to date", she added.

Since the attack, council staff have been making "lots of phone calls", having "lots of human contact" and making use of pen and paper, Mrs Hetherington-Smith said.

Det Insp Stephen Knubley, of Lincolnshire Police's cyber crime unit, said there was "no evidence any data has been extracted from LCC [Lincolnshire County Council] systems".