SEPA presented with ransom demand following Christmas eve ransomware attack

SEPA presented with ransom demand following Christmas eve ransomware attack

SEPA, the Scottish Environment Protection Agency, has revealed that cyber criminals are trying to extort a ransom after stealing close to 1.2GB of data that included the personal information of staff as well as data associated with ongoing commercial projects.

The ransomware attack on SEPA took place on Christmas Eve and according to the agency, was likely conducted by “international serious and organised cyber-crime groups” who targeted its contact centre, internal systems, processes and internal communications.

While the ransomware attack was launched to extort a large sum of money from SEPA, it also disrupted public services, including SEPA’s email service which has remained unavailable since the attack took place. The agency has only been able to restore online pollution and enquiry reporting in the past twenty days.

“Whilst having moved quickly to isolate our systems, cyber security specialists, working with SEPA, Scottish Government, Police Scotland and the National Cyber Security Centre confirm we remain subject to an ongoing ransomware attack likely to be by international serious and organised cyber-crime groups intent on disrupting public services and extorting public funds.
“It is now clear is that with infected systems isolated, recovery may take a significant period. A number of SEPA systems will remain badly affected for some time, with new systems required,” SEPA said.

The agency said that ransomware actors stole at least four thousand internal files, amounting to 1.2GB of data, that included the personal information of staff, procurement information, such as publicly available procurement awards, information about current projects, and business information, such as publicly available regulated site permits, authorisations and enforcement notices, and some information related to SEPA corporate plans, priorities and change programmes.

“We will help businesses meet their environmental obligations and prioritise authorising economic activity. We will continue our risk-based approach to regulation, focusing the most effort on sites or sectors which require oversight or where there is a risk of criminality or organisations seeking to take advantage of the ongoing cyber-attack,” it added.

Terry A’Hearn, the chief executive of SEPA, told the BBC that “partners have confirmed that Sepa remains subject to an ongoing ransomware attack likely to be by international serious and organised cyber-crime groups intent on disrupting public services and extorting public funds.”

“Work continues by cyber security specialists to seek to identify what the stolen data was. Whilst we don’t know and may never know the full detail of the 1.2 GB of information stolen, what we know is that early indications suggest that the theft of information related to a number of business areas. Some of the information stolen will have been publicly available, whilst some will not have been,” he added.

ALSO READ: Ransomware hackers demanding millions from Manchester United: Report

Copyright Lyonsdown Limited 2021

Top Articles

RockYou2021 data leak: 8.4 billion passwords compromised

A report shows that 100GB of data which includes 8.4 billion passwords have been recently leaked on the internet, people are being encouraged to secure their accounts.

Hackers Breach Electronic Arts & Steal Game Code

Electronic Arts, one of the world's biggest video game publishers including games such as FIFA, Madden, Sims and Medal of Honor, are the latest company to be hacked.

JBS Foods paid £7.7m in ransom to REvil ransomware gang

JBS Foods, the world’s largest processor of beef and poultry products, has admitted to paying a ransom of $11 million to cyber criminals, a week after it announced that operations…

Related Articles

[s2Member-Login login_redirect=”https://www.teiss.co.uk” /]