Comhairle nan Eilean Siar

Comhairle nan Eilean Siar, also known as the Western Isles Council, is the local authority responsible for the governance and delivery of public services across the Outer Hebrides in Scotland. Its core function is to administer local government duties for the island communities, encompassing areas such as education, social care, infrastructure, housing, and environmental services. The council operates as a democratically elected body, tasked with representing the interests of residents and maintaining critical community operations within its jurisdiction. The scale of its reach is defined by the geographical expanse of the Western Isles, a distinct and remote island chain where the council's role is central to daily life and regional sustainability. Its positioning is that of a public sector body serving a specific, culturally significant Scottish region, with its operations intrinsically linked to the social and economic fabric of the islands.

In November 2023, the council was the target of a significant cyber attack that compromised both its operational and backup servers, rendering key systems inaccessible and preventing data retrieval. This incident caused widespread disruption to council services, highlighting the acute vulnerability of local public bodies to sophisticated cyber threats. A multi-agency response was mobilised, involving the council's IT team alongside external support from Police Scotland, the National Cyber Security Centre, and the Scottish Government, which established an incident management team. The primary objectives of this response were to investigate potential data breaches, restore essential systems, and prioritise the continuity of critical community services, with temporary communication channels set up for the public. Forensic efforts found no evidence that data was extracted or published, yet the attack inflicted severe operational damage. The council's chief executive characterised the event as deeply damaging, using it to underscore the escalating risk environment facing all public sector organisations and the profound impact such incidents can have on community trust and service delivery. The recovery process involved a sustained effort to rebuild digital infrastructure and reinforce security protocols in the attack's aftermath.