Calendar An icon of a desk calendar. Cancel An icon of a circle with a diagonal line across. Caret An icon of a block arrow pointing to the right. Email An icon of a paper envelope. Facebook An icon of the Facebook "f" mark. Google An icon of the Google "G" mark. Linked In An icon of the Linked In "in" mark. Logout An icon representing logout. Profile An icon that resembles human head and shoulders. Telephone An icon of a traditional telephone receiver. Tick An icon of a tick mark. Is Public An icon of a human eye and eyelashes. Is Not Public An icon of a human eye and eyelashes with a diagonal line through it. Pause Icon A two-lined pause icon for stopping interactions. Quote Mark A opening quote mark. Quote Mark A closing quote mark. Arrow An icon of an arrow. Folder An icon of a paper folder. Breaking An icon of an exclamation mark on a circular background. Camera An icon of a digital camera. Caret An icon of a caret arrow. Clock An icon of a clock face. Close An icon of the an X shape. Close Icon An icon used to represent where to interact to collapse or dismiss a component Comment An icon of a speech bubble. Comments An icon of a speech bubble, denoting user comments. Comments An icon of a speech bubble, denoting user comments. Ellipsis An icon of 3 horizontal dots. Envelope An icon of a paper envelope. Facebook An icon of a facebook f logo. Camera An icon of a digital camera. Home An icon of a house. Instagram An icon of the Instagram logo. LinkedIn An icon of the LinkedIn logo. Magnifying Glass An icon of a magnifying glass. Search Icon A magnifying glass icon that is used to represent the function of searching. Menu An icon of 3 horizontal lines. Hamburger Menu Icon An icon used to represent a collapsed menu. Next An icon of an arrow pointing to the right. Notice An explanation mark centred inside a circle. Previous An icon of an arrow pointing to the left. Rating An icon of a star. Tag An icon of a tag. Twitter An icon of the Twitter logo. Video Camera An icon of a video camera shape. Speech Bubble Icon A icon displaying a speech bubble WhatsApp An icon of the WhatsApp logo. Information An icon of an information logo. Plus A mathematical 'plus' symbol. Duration An icon indicating Time. Success Tick An icon of a green tick. Success Tick Timeout An icon of a greyed out success tick. Loading Spinner An icon of a loading spinner. Facebook Messenger An icon of the facebook messenger app logo. Facebook An icon of a facebook f logo. Facebook Messenger An icon of the Twitter app logo. LinkedIn An icon of the LinkedIn logo. WhatsApp Messenger An icon of the Whatsapp messenger app logo. Email An icon of an mail envelope. Copy link A decentered black square over a white square.
Friday, July 11th 2025 Show Links
Politics

Soaring cost of protecting hospital and council computers revealed after wave of cyber attacks

By Derek Healey
July 6, 2025, 6:00 am Updated: July 6, 2025, 5:04 pm
© Shutterstock / NicoElNinoPost Thumbnail

The soaring cost of keeping council and health board computer systems safe can be revealed today in the wake of several major cyber attacks across Scotland.

Public bodies are handing out millions of pounds to protect themselves from hackers tooled with increasingly sophisticated techniques – including an emerging wave of “adversaries” using artificial intelligence (AI) software.

Our investigation found some authorities are being forced to fork out more than six times as much for cyber security as they did just a few years ago.

Meanwhile, health officials told us they are having to block up to 25,000 unauthorised attempts to access their computer networks “on a daily basis”.

Some authorities refused to provide information out of fear that even the smallest details could be seized on by criminal gangs looking to break into their systems.

But those that did revealed a picture of spiralling costs against an increasing onslaught that has wreaked havoc on services in recent months.

Shrinking budgets

Cyber security expert Xavier Bellekens warned public bodies are struggling to keep their networks safe against shrinking budgets.

Bellekens, who is CEO and co-founder of Lupovis – a cyber-deception spin-out of Strathclyde University, said: “Cyber attacks come in waves and some adversaries will target a very specific sector.

“Whether its health boards or councils, the public sector in general is having to do what they can with the money they have.

“Sometimes they have a limited budget and the more cyber attacks and damage being done, the more the budget gets increased.

Dr Xavier Bellekens.

“But often the budget in the public sector is still a lot lower than you would see in industry.

“I think this is being recognised in the public sector and there are efforts being done to strengthen it to get the maximum impact for the budget they have.”

Data reveals soaring bills

Official figures released through Freedom of Information legislation show spending on cyber security by Perth and Kinross Council soared by more than six times, from just over £48,000 in 2021 to more than £303,000 last year.

Spending in West Dunbartonshire almost tripled during the same period, from nearly £99,000 to around £294,000.

Members of the public shouldn’t have to worry whether someone is looking after their sensitive information.

Scottish Conservative MSP Craig Hoy

East Dunbartonshire saw costs for firewalls, locked down servers, intrusion prevention systems and end-point-security rise from £21,000 in 2021 to £115,000 this year.

Meanwhile, the Highlands and East Renfrewshire saw the share of their budgets swallowed up by cyber security balloon to £3.2 million and £1.4 million respectively.

Health chiefs in Dumfries and Galloway saw costs more than double from around £50,000 to £117,000 last year, while NHS Fife saw a rise from £567,000 to £649,000 during the same period.

Local authorities told us their systems are coming under such a barrage of attacks that most are never officially recorded.

NHS Tayside said its firewalls alone detect around 25,000 unauthorised access attempts to its network on a daily basis.

However, the Scottish Borders Council had the highest number of recordable attacks – typically regarded as the most serious – over the past five years, at 568.

A string of major attacks

Glasgow City Council was forced to deal with disruption to digital and online services on Thursday after discovering malicious activity on its servers.

Another major incident in Glasgow last month disrupted multiple online services and led to fears that personal data may have been stolen.

In May, pupils in Edinburgh were cut off from revision resources during the annual exam period after an attempted cyber attack on the council’s education department.

It came on the same week that a suspected criminal ransomware attack in West Lothian forced officials to resort to contingency measures to keep schools open.

Parliament has been hit by a cyber-security attack, said Liberal Democrat peer Baron Rennard. (Dominic Lipinski/PA Wire)
Cyber attacks are on the rise.

And last year, hackers managed to access a huge amount of NHS Dumfries and Galloway information – including confidential details on patients and staff.

Transparency needed

Scottish Conservative local government spokesman Craig Hoy said the latest figures show the considerable lengths public bodies have gone to beat crooks and hackers.

“As attacks on Edinburgh and West Lothian showed us recently, there is a battle being fought over our personal data,” he said.

Craig Hoy. © Duncan Bryceland/Shutterstock
Craig Hoy.

“The amount of public money being spent on this is rocketing, despite year-on-year cuts to councils by the SNP government.

“Troublingly, some local authorities seem not to know how much effort is going into keeping their data safe. Others won’t reveal whether there have been any breaches in security.

“But there should be a basic level of transparency. Members of the public shouldn’t have to worry whether someone is looking after their sensitive information.”