SEPA cyber-attack 'likely to be work of global organised crime groups'
Easier access to your trusted, local news. Have a look at our brand new digital subscription packages!
THE Scottish Environment Protection Agency (SEPA) has said a ransomware attack on Christmas Eve is likely to be by international serious and organised cyber-crime groups intent on disrupting public services and extorting public funds.
SEPA has reassured the public that flood forecasting and warning services are continuing to operate during investigations. SEPA was back issuing flood alerts and warnings within 24 hours of the attack.
The agency is working with the Scottish Government, Police Scotland and the National Cyber Security Centre to respond to what it describes as complex and sophisticated criminality.
Cyber security specialists have identified the theft of around 1.2GB of data, which is equivalent to a small fraction of the contents of an average laptop hard drive.
Terry A’Hearn, SEPA chief executive, said: "Whilst having moved quickly to isolate our systems, cyber security specialists, working with SEPA, Scottish Government, Police Scotland and the National Cyber Security Centre have now confirmed the significance of the ongoing incident.
"Partners have confirmed that SEPA remains subject to an ongoing ransomware attack likely to be by international serious and organised cyber-crime groups intent on disrupting public services and extorting public funds."
Mr A’Hearn added: "Whilst the actions of serious and organised criminals means that for the moment we’ve lost access to our systems and had information stolen, what we’ve not lost is the expertise of over 1,200 staff who day in, day out work tirelessly to protect Scotland’s environment.
"Sadly we’re not the first and won’t be the last national organisation targeted by likely international criminals. Cyber-crime is a growing trend."
Detective Inspector Michael McCullagh, of Police Scotland’s Cybercrime Investigations Unit, said: "This remains an ongoing investigation. Police Scotland are working closely with SEPA and our partners at Scottish Government and the wider UK law enforcement community to investigate and provide support in response to this incident. Enquiries remain at an early stage and continue to progress including deployment of specialist cybercrime resources to support this response."