2 min read

Scottish environmental agency still struggling after Christmas Eve ransomware attack

Graham CLULEY

January 19, 2021

Ad One product to protect all your devices, without slowing them down.
Free 90-day trial
Scottish environmental agency still struggling after Christmas Eve ransomware attack
  • Cybercriminals struck in early hours of Christmas Eve
  • Organisation says that no public funds will be used to pay ransom

The Scottish Environment Protection Agency (SEPA) has confirmed that it is continuing to respond to an ongoing ransomware attack that has encrypted files, disrupted systems and seen 1.2 GB of data stolen by cybercriminals.

SEPA says it was hit by ransomware at 00:01 on Christmas Eve, December 24 2020 – timing presumably chosen deliberately by the attackers in an attempt to take advantage of what would – within many organisations – be a time when there are fewer staff working.

The organisation’s contact centre, internal systems, processes and internal communications have been impacted by the attack, and it is anticipated that systems will continue to be affected for some time as they are rebuilt from scratch. In the immediate aftermath of the attack, SEPA advised those who needed to report urgent pollution issues to use Twitter or Facebook.

Scottish police and the UK’s National Cyber Security Centre (NCSC) have been informed of the security breach, and are providing assistance.

In an interview with BBC Radio Scotland, SEPA’s chief executive Terry A’Hearn said that the organisation will “not be using public funds to pay a ransom to criminals.”

My impression from the interview is that Terry A’Hearn has a cool head on his shoulders, and I wish him well dealing with what no head of an organisation ever wants to face.

Although it’s obviously not ideal that any data has been stolen from SEPA’s systems by the cybercriminals, it’s worth noting that 1.2GB is not a huge amount.

SEPA describes it as “equivalent to a small fraction of the contents of an average laptop hard drive.”

Determining precisely what information has been stolen, its sensitivity, and who might be impacted by the data breach will be an important part of the response.

In addition it will be important to ascertain how the ransomware attackers might have breached SEPA’s systems and what lessons can be learnt to harden the organisation’s security in future.

SEPA is reassuring the public that priority regulatory, monitoring, flood forecasting and warning services are adapting to the incident, and are continuing to operate.

tags


Author



Right now

Top posts

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

Threat actors impersonate Canadian gas retailer to deliver malicious OneNote phishing campaign, Bitdefender Labs warns

January 26, 2023

2 min read
Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

Spammers phish eager vacationers with travel-themed lures, Bitdefender Antispam Lab warns

January 19, 2023

4 min read
Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

Enhance your cyber resilience and privacy on Computer Security Day in four easy steps

November 29, 2022

2 min read
How to monitor your online privacy during your Thanksgiving trip

How to monitor your online privacy during your Thanksgiving trip

November 22, 2022

3 min read
Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

Just your yearly dose of Black Friday spam: Cybercrooks get ahead of the game to steal shoppers’ info

November 16, 2022

6 min read
Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

Bitdefender VPN in 2022: the new, the improved, and the soon-to-be

November 14, 2022

5 min read

FOLLOW US ON

SOCIAL MEDIA


You might also like

More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet More than 50,000 People Affected by US Cellular Data Breach; Leaked Info Hits the Internet
Silviu STAHIE

February 08, 2023

2 min read
Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns Russian Threat Actor Targets Ukraine Ministry and Polish Police in Similar Campaigns
Silviu STAHIE

February 06, 2023

1 min read
U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine U.S. Department of Health and Human Services Hits ‘Banner Health’ with $1.25 Million Fine
Silviu STAHIE

February 03, 2023

1 min read