The Scottish Environment Protection Agency (SEPA) says some of the data stolen by what it believes to be “international serious and organised cyber-crime groups” has been illegally published online.
In an update given yesterday (21 January), the environmental regulator said work was underway to analyse the data set.
The ongoing ransomware attack began on 24 December
However, it added it may never know the full details of the 1.2 GB of information stolen in the ongoing ransomware attack that began on 24 December. The information is said to fall into “four broad categories”.
The environmental regulator’s chief executive Terry A’Hearn said: “Supported by Scottish Government, Police Scotland and the National Cyber Security Centre, we continue to respond to what remains a significant and sophisticated cyber-attack and a serious crime against SEPA.
“We’ve been clear that we won’t use public finance to pay serious and organised criminals intent on disrupting public services and extorting public funds.
“We have made our legal obligations and duty of care on the sensitive handling of data a high priority and, following Police Scotland advice, are confirming that data stolen has been illegally published online. We’re working quickly with multi-agency partners to recover and analyse data then, as identifications are confirmed, contact and support affected organisations and individuals.”
SEPA reiterated it would not engage with criminals intent on disrupting public services and extorting public funds, a position it first made clear on 14 January (see letsrecycle.com story).
Regulation
SEPA said that while some of the information stolen will have been publicly available, some will not have been.
“Sadly we’re not the first and won’t be the last national organisation targeted by likely international crime groups”
It confirmed that staff had been contacted based on the information available and provided being support. A dedicated data loss support website, Police Scotland guidance, enquiry form and support line are available to regulated business and supply chain partners.
The agency said priority regulatory, monitoring, flood forecasting and warning services were continuing to adapt and operate and that a broader update on service delivery and recovery would be confirmed next week.
Mr A’Hearn said: “Sadly we’re not the first and won’t be the last national organisation targeted by likely international crime groups. We’ve said that whilst for the time being we’ve lost access to most of our systems, including things as basic as our email system, what we haven’t lost is our twelve-hundred expert staff.
“Through their knowledge, skills and experience we’ve adapted and since day one continued to provide priority regulatory, monitoring, flood forecasting and warning services. Whilst some systems and services may be badly affected for some time, step-by-step we’re working to assess and consider how we recover.”
Data
The stolen data could have included business, procurement and project information, as well as personal information relating to staff.
The agency stressed Police Scotland advice that organisations and individuals should not search for the stolen information, as accessing the host site may place organisations, individuals and their computer infrastructure at risk.
Detective inspector Michael McCullagh of Police Scotland’s Cybercrime Investigations Unit said: “This remains an ongoing investigation. Police Scotland are working closely with SEPA and our partners at Scottish Government and the wider UK law enforcement community to investigate and provide support in response to this incident.
“Enquiries remain at an early stage and continue to progress, including deployment of specialist cybercrime resources to support this response.”
The post Data published online after SEPA cyber attack appeared first on letsrecycle.com.
Source: letsrecycle.com Waste Managment
