Scottish Environment Agency Continues To Suffer Following Christmas Eve Ransomware Attack

The Scottish Environment Protection Agency (SEPA) has confirmed that it was hit by a ransomware attack last month and is continuing to feel the impact, according to ZDNet. The cyberattack was carried out on Christmas Eve. The government regulator representing Scotland’s government also confirmed that 1.2GB was stolen in the attack. The attack also affect the operation of SEPA in providing flood forecasting and warning services, as well as regulation and monitoring services. While the organisation itself hasn’t confirmed what form of ransomware it has fallen victim to, Conti ransomware has claimed the attack.

Experts Comments

January 19, 2021
Jake Moore
Cybersecurity Specialist
ESET

Nowadays, threat actors specialising in ransomware tend not to stop at the first set of ransom demands. It can be far more lucrative if these criminals also release some of the stolen data on the dark web – and far more damaging to the organisation targeted. 

 

Claiming responsibility can also add weight to further attacks when potential victims research the possible outcome if they are, unfortunately, attacked. Although it is nearly impossible to locate suspects in cyber offences, such a

.....Read More

Nowadays, threat actors specialising in ransomware tend not to stop at the first set of ransom demands. It can be far more lucrative if these criminals also release some of the stolen data on the dark web – and far more damaging to the organisation targeted. 

 

Claiming responsibility can also add weight to further attacks when potential victims research the possible outcome if they are, unfortunately, attacked. Although it is nearly impossible to locate suspects in cyber offences, such a release of data should be treated as a credible threat, which far too often leaves organisations stuck between a rock and a hard place. 

 

We are now seeing a rise in this doubly impactful use of ransomware that can be highly lucrative for criminal gangs. Therefore, companies and individuals must be on even higher alert to phishing attempts, which are still the most likely attack vector.

  Read Less

Submit Your Expert Comments

What do you think of the topic? Do you agree with expert(s) or share your expert opinion below.
Be part of our growing Information Security Expert Community (1000+), please register here.

Write Your Expert Comments *
Your Registered Email *
Notification Email (If different from your registered email)
* By using this form you agree with the storage and handling of your data by this web site.