Search This Blog

Showing posts with label SEPA. Show all posts

Ransomware Group Published More Than 4,000 SEPA's Files Online

 

Scottish Environment Protection Agency (SEPA) once again fell victim to the threat actors. Hackers published more than 4,000 files on their website after the regulator denied to pay the ransom, it is noteworthy that these hackers were also responsible for attacking SEPA on a Christmas Eve.

Last month, Cybersecurity experts discovered that threat actors have stolen nearly 1.2 GB of data which suggested threat actors may have accessed and stolen 4,000 files. Threat actors locked their emails and contacts centre and were demanding a ransom to unlock it. SEPA said they have to start from scratch and build a whole new system following a ‘significant cyber-attack’. 

Agency is still able to provide essential services regarding food forecasting and warnings, as well as regulation and monitoring services. The Conti ransomware group asserted responsibility for the attack but SEPA hasn’t validated the claims of the Conti ransomware group. Published information includes personal information associated with SEPA employees and information associated with commercial work with international allies.

Terry A’Hearn, chief executive of SEPA stated that “we’ve been clear that we won’t use public finance to pay serious and organized criminals’ intent on disrupting public services and extorting public funds. We have made our legal obligations and duty of care on the sensitive handling of data a high priority and, following Police Scotland advice, are confirming that data stolen has been illegally published online”. 

“We’re working quickly with multi-agency partners to recover and analyze data then, as identifications are confirmed, contact and support affected organizations and individuals”, he further added.

Ransomware groups are quite successful in their tactics of stealing data and threatening the firm to publish online if a ransom isn’t paid in exchange for the decryption key. Every month ransomware gangs are making hundreds of thousands of dollars in bitcoin per attack.

Threat Actors Demand Ransom After Major Cyber Attack on Scottish Environmental Protection Agency

 

Scottish Environment Protection Agency (SEPA) said its digital systems have been severely affected by a ransomware attack since Christmas Eve. Threat actors have locked agency's emails and contact centers and are demanding a ransom to unlock them.

National Cyber Security Centre and Scotland Police are investigating the whole incident and it is believed that the international cybercriminal group is behind the ransomware attack. Cybersecurity experts have unearthed that threat actors have stolen nearly 1.2 GB of data which suggests threat actors may have accessed and stolen 4,000 files.

SEPA said they have to start from scratch and build a whole new system following a ‘significant cyber-attack’. Agency further stated that essential services regarding food forecasting and warnings have not been hit by cyber-attack. Though it remains highly unlikely that 1,300 employees will be able to secure access to their old emails and online documents.

Scotland’s environmental regulator has termed this attack as an “incredibly sophisticated attack” and warned threat actors to face the consequences. We are aware that threat actors are demanding a ransom to unlock the agency's system but they will not succeed in their plan.

SEPA’s Chief Executive Terry A’ Hearn stated that “whilst we don’t know and may never know the full detail of the 1.2 GB of information stolen, what we know is that early indications suggest that the theft of information related to several business areas, some of the information stolen will have been publicly available”. 

The Conti ransomware group asserted the attack and has already leaked sensitive information on its site. The stolen information includes personal information associated with SEPA employees and information associated with commercial work with international allies.