Cyber Criminals Publish Stolen Files

Uploaded on 2021-01-29 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The Scottish Environment Protection Agency (SEPA), has confirmed that the cyber criminals which carried out a ransomware attack targeting its systems in December have now published 1.2 GB of information online after SEPA refused to pay the  ransom demand.

The data which includes confidential contracts, strategy documents and databases are among a total of 4,000 files dumped on the Dark Web, that invisible part of the internet often associated with criminality and only accessible through specialised software. 

The agency’s job is to protect the Scotland’s environment via national flood forecasting, flood warnings and the stolen data included critical  information related to environmental businesses, including publicly-available regulated site permits, authorisations and enforcement notices, as well as data related to SEPA corporate plans, priorities and change programs. Other compromised data was related to publicly available procurement awards and commercial work with SEPA’s international partners and some personal data of SEPA’s staff was also stolen by the hackers.

When the stolen data is dumped like this, it usually means the hackers has given up hope of being able to extract payment from the victim, or to cash in on it in other ways. 

SEPA chief executive Terry A'Hearn said: "We've been clear that we won't use public finance to pay serious and organised criminals intent on disrupting public services and extorting public funds... We have made our legal obligations and duty of care on the sensitive handling of data a high priority and, following Police Scotland advice, are confirming that data stolen has been illegally published online". 

The attack locked SEPA's emails and contacts centre but the agency said hat priority regulatory, monitoring, flood forecasting and warning services were able to adjust and continued to operate. They also point out that theft of 1.2GB of data was the equivalent to a small fraction of the contents of an average laptop hard drive. Some of the information stolen was already publicly available but other files included data about staff and suppliers was not. Where information has been identified to date, staff have been informed. 

A spokesman of the cyber security company Emsisoft, which specialises in anti-malware commented on the SEPA  the ransomware attack suggesting that is showed common characteristics with a type of ransomware called Ryuk

Police Scotland are working closely with SEPA and our partners at Scottish Government and the wider UK law enforcement community to investigate and provide support in response to this incident. Enquiries remain at an early stage and continue to progress including deployment of specialist cyber crime resources to support their response.

SEPA:    Threatpost:       ITPro:       STV:        BBC:       Open Security:        TEISS

You Might Also Read: 

Beware The Latest  Malware:

 

« Ransomware Is A CISO's Nightmare
Maritime Cyber Security Needs Shipping Companies to Focus »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Jooble

Jooble

Jooble is a job search aggregator operating in 71 countries worldwide. We simplify the job search process by displaying active job ads from major job boards and career sites across the internet.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

ON-DEMAND WEBINAR: What Is A Next-Generation Firewall (and why does it matter)?

Watch this webinar to hear security experts from Amazon Web Services (AWS) and SANS break down the myths and realities of what an NGFW is, how to use one, and what it can do for your security posture.

Clayden Law

Clayden Law

Clayden Law advise global businesses that buy and sell technology products and services. We are experts in information technology, data privacy and cybersecurity law.

Rollbar

Rollbar

Rollbar is a full-stack error monitoring platform for web and mobile applications. We help developers find and fix bugs fast. Built by developers for developers.

Site24x7

Site24x7

Site24x7 is an AI-powered observability platform for DevOps and IT operations.

Allegro Software

Allegro Software

Allegro provide secure software for the Internet of Things.

SMiD Cloud

SMiD Cloud

SMiD encryption technology has been developed following the highest security practices to allow the data availability, integrity and confidentiality.

RIGCERT

RIGCERT

RIGCERT provides training, audit and certification services for multiple fields including Information Security.

Electric Power Research Institute (EPRI)

Electric Power Research Institute (EPRI)

The Electric Power Research Institute’s Cyber Security Research Laboratory (CSRL) addresses the security issues of critical functions of electric utilities.

SessionGuardian

SessionGuardian

SessionGuardian (formerly SecureReview) is the world's first and only technology which ensures second-by-second biometric identity verification of your remote user, from log on to log off.

Blacksands

Blacksands

Blacksands is a leader in network architecture, identity & services management, threat analysis, industrial IoT architecture, and invisible dynamic networks.

Visory

Visory

Great businesses depend on great technology. We make sure our clients go to market with enterprise-level technology and world-class security for their data and infrastructure.

Professional Labs

Professional Labs

Professional Labs specialize in simplifying complex problems for our customers with Cloud Services, Managed Services and Cyber Security.

Red Helix

Red Helix

Red Helix (formerly Phoenix Datacom) is a market leader in network performance and cyber security.

Codezero Technologies

Codezero Technologies

Codezero is at the forefront of microservices development, employing an identity-aware overlay network that delivers zero-trust security to DevOps.

e-Safer

e-Safer

e-Safer's mission is to provide solutions and services that ensure a safer digital environment.

Security4Media

Security4Media

Security4Media is a non-profit association set up to reduce risks and support trust in media, in the face of increasing cybersecurity threat levels.

EK3 Technologies

EK3 Technologies

EK3 Technologies mission is to provide comprehensive cybersecurity and IT solutions that allow our clients to focus on sustaining their business.

Bytium

Bytium

Bytium provides top-tier IT services and solutions designed to empower everyone, from individuals to global corporations. Specializing in cybersecurity and proactive IT management.