Cyber Criminals Publish Stolen Files

Uploaded on 2021-01-29 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The Scottish Environment Protection Agency (SEPA), has confirmed that the cyber criminals which carried out a ransomware attack targeting its systems in December have now published 1.2 GB of information online after SEPA refused to pay the  ransom demand.

The data which includes confidential contracts, strategy documents and databases are among a total of 4,000 files dumped on the Dark Web, that invisible part of the internet often associated with criminality and only accessible through specialised software. 

The agency’s job is to protect the Scotland’s environment via national flood forecasting, flood warnings and the stolen data included critical  information related to environmental businesses, including publicly-available regulated site permits, authorisations and enforcement notices, as well as data related to SEPA corporate plans, priorities and change programs. Other compromised data was related to publicly available procurement awards and commercial work with SEPA’s international partners and some personal data of SEPA’s staff was also stolen by the hackers.

When the stolen data is dumped like this, it usually means the hackers has given up hope of being able to extract payment from the victim, or to cash in on it in other ways. 

SEPA chief executive Terry A'Hearn said: "We've been clear that we won't use public finance to pay serious and organised criminals intent on disrupting public services and extorting public funds... We have made our legal obligations and duty of care on the sensitive handling of data a high priority and, following Police Scotland advice, are confirming that data stolen has been illegally published online". 

The attack locked SEPA's emails and contacts centre but the agency said hat priority regulatory, monitoring, flood forecasting and warning services were able to adjust and continued to operate. They also point out that theft of 1.2GB of data was the equivalent to a small fraction of the contents of an average laptop hard drive. Some of the information stolen was already publicly available but other files included data about staff and suppliers was not. Where information has been identified to date, staff have been informed. 

A spokesman of the cyber security company Emsisoft, which specialises in anti-malware commented on the SEPA  the ransomware attack suggesting that is showed common characteristics with a type of ransomware called Ryuk

Police Scotland are working closely with SEPA and our partners at Scottish Government and the wider UK law enforcement community to investigate and provide support in response to this incident. Enquiries remain at an early stage and continue to progress including deployment of specialist cyber crime resources to support their response.

SEPA:    Threatpost:       ITPro:       STV:        BBC:       Open Security:        TEISS

You Might Also Read: 

Beware The Latest  Malware:

 

« Ransomware Is A CISO's Nightmare
Maritime Cyber Security Needs Shipping Companies to Focus »

CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Go Cyber

Training that transforms behaviours

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

Syxsense

Syxsense

Syxsense brings together endpoint management and security for greater efficiency and collaboration between IT management and security teams.

Perimeter 81 / How to Select the Right ZTNA Solution

Perimeter 81 / How to Select the Right ZTNA Solution

Gartner insights into How to Select the Right ZTNA offering. Download this FREE report for a limited time only.

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

Blueliv

Blueliv

Blueliv is a leading provider of targeted cyber threat information and intelligence. We deliver automated and actionable threat intelligence to protect the enterprise and manage your digital risk.

QNAP Systems

QNAP Systems

QNAP Systems, Inc. delivers world class network attached storage (NAS) and network video recorder (NVR) solutions.

softScheck

softScheck

softScheck is an IT security consultancy. Services range from pentesting and compliance testing to security auditing of software and IT infrastructure.

Tiro Security

Tiro Security

Tiro Security is a boutique company specializing in information security and IT audit recruitment and solutions.

Owl Cyber Defense

Owl Cyber Defense

Owl patented DualDiode Technology enables hardware-enforced network segmentation and deterministic, one-way transfer of all data types and file sizes.

Engineering Group

Engineering Group

Engineering is the Digital Transformation Company, a leader in Italy and with over 80 offices across Europe, the United States, and South America.

ElcomSoft

ElcomSoft

ElcomSoft is a global leader in computer and mobile forensics, IT security and forensic data recovery.

TechVets

TechVets

TechVets is a non-for-profit helping UK veterans and service leavers retrain into Cyber Security and Technology jobs.

ResponSight

ResponSight

ResponSight is a data science company focusing specifically on the challenge of measuring risk and identifying changes in enterprise/corporate networks using behavioural analytics.

Council to Secure the Digital Economy (CSDE)

Council to Secure the Digital Economy (CSDE)

CSDE brings together companies from across the ICT sector to combat increasingly sophisticated and emerging cyber threats through collaborative actions.

Startup Capital Ventures

Startup Capital Ventures

Startup Capital Ventures is an early stage venture capital firm with a focus on FinTech, Cloud/SaaS, Security, Healthcare IT, and IoT.

SECUINFRA

SECUINFRA

SECUINFRA has been supporting companies in detecting, analyzing and defending against cyber attacks since 2010.

Getronics

Getronics

Getronics guides customers through their own transformation journeys, leveraging an integrated and secure-by-design IT portfolio.

McKinsey & Company

McKinsey & Company

McKinsey & Company is a global management consulting firm. We are trusted advisor to the world's leading businesses, governments, and institutions.

ELLIO Technology

ELLIO Technology

ELLIO Technology is a cybersecurity company that reduces alert overload, improves incident response, and helps security teams target serious attackers who pose a real threat.

Socura

Socura

Socura helps make the digital world a safer place; changing the way organisations think about cyber security through a dynamic, innovative, and human approach.