An attack on the council website last year could have come from Russia, China or even Ireland, councillors were told at a meeting this week.
The cyberattack, in two waves from November 17 – 19 and 23 – 24, saw the council’s website go down for large periods of time, an Audit, Governance and Standards meeting heard.
The prospect of the so-called denial of service attacks being carried out by a foreign government has previously been raised by a top council official.
The IT service is shared between Southwark, Lewisham and Brent councils.
“We don’t know why Southwark was targeted,” said Steve Tredinnick of Brent Council.
“The origin of the attacker is not known, but there was significant activity from Russia, China, Germany and Ireland.
“But that’s as probably as far as we’re going to get as far as the attacker is concerned.”
Initial responses to the attack – which did not compromise any data on the site – were delayed because of not having the correct circuit provider’s details to hand, councillors were told.
There was no way to guarantee an attack could not happen again, councillors also heard, but “having plans in place to mitigate the effects is a second line of defence,” Mr Tredinnick said.
Last month, the council’s strategic director of housing and modernisation, Michael Scorer, said the “seriously big attack” could have come “from foreign governments.”
A review of all the site’s security patches as a result of the unsuccessful attacks then caused some glitches with other parts of the site, he explained.