Scottish Environment Protection Agency (SEPA) once again fell victim to the threat actors. Hackers published more than 4,000 files on their website after the regulator denied to pay the ransom, it is noteworthy that these hackers were also responsible for attacking SEPA on a Christmas Eve.
Last month, Cybersecurity experts discovered that threat actors have stolen nearly 1.2 GB of data which suggested threat actors may have accessed and stolen 4,000 files. Threat actors locked their emails and contacts centre and were demanding a ransom to unlock it. SEPA said they have to start from scratch and build a whole new system following a ‘significant cyber-attack’.
Agency is still able to provide essential services regarding food forecasting and warnings, as well as regulation and monitoring services. The Conti ransomware group asserted responsibility for the attack but SEPA hasn’t validated the claims of the Conti ransomware group. Published information includes personal information associated with SEPA employees and information associated with commercial work with international allies.
Terry A’Hearn, chief executive of SEPA stated that “we’ve been clear that we won’t use public finance to pay serious and organized criminals’ intent on disrupting public services and extorting public funds. We have made our legal obligations and duty of care on the sensitive handling of data a high priority and, following Police Scotland advice, are confirming that data stolen has been illegally published online”.
“We’re working quickly with multi-agency partners to recover and analyze data then, as identifications are confirmed, contact and support affected organizations and individuals”, he further added.
Ransomware groups are quite successful in their tactics of stealing data and threatening the firm to publish online if a ransom isn’t paid in exchange for the decryption key. Every month ransomware gangs are making hundreds of thousands of dollars in bitcoin per attack.
