Cyber Criminals Publish Stolen Files

Uploaded on 2021-01-29 in TECHNOLOGY--Hackers, NEWS-Cybersecurity News, FREE TO VIEW

The Scottish Environment Protection Agency (SEPA), has confirmed that the cyber criminals which carried out a ransomware attack targeting its systems in December have now published 1.2 GB of information online after SEPA refused to pay the  ransom demand.

The data which includes confidential contracts, strategy documents and databases are among a total of 4,000 files dumped on the Dark Web, that invisible part of the internet often associated with criminality and only accessible through specialised software. 

The agency’s job is to protect the Scotland’s environment via national flood forecasting, flood warnings and the stolen data included critical  information related to environmental businesses, including publicly-available regulated site permits, authorisations and enforcement notices, as well as data related to SEPA corporate plans, priorities and change programs. Other compromised data was related to publicly available procurement awards and commercial work with SEPA’s international partners and some personal data of SEPA’s staff was also stolen by the hackers.

When the stolen data is dumped like this, it usually means the hackers has given up hope of being able to extract payment from the victim, or to cash in on it in other ways. 

SEPA chief executive Terry A'Hearn said: "We've been clear that we won't use public finance to pay serious and organised criminals intent on disrupting public services and extorting public funds... We have made our legal obligations and duty of care on the sensitive handling of data a high priority and, following Police Scotland advice, are confirming that data stolen has been illegally published online". 

The attack locked SEPA's emails and contacts centre but the agency said hat priority regulatory, monitoring, flood forecasting and warning services were able to adjust and continued to operate. They also point out that theft of 1.2GB of data was the equivalent to a small fraction of the contents of an average laptop hard drive. Some of the information stolen was already publicly available but other files included data about staff and suppliers was not. Where information has been identified to date, staff have been informed. 

A spokesman of the cyber security company Emsisoft, which specialises in anti-malware commented on the SEPA  the ransomware attack suggesting that is showed common characteristics with a type of ransomware called Ryuk

Police Scotland are working closely with SEPA and our partners at Scottish Government and the wider UK law enforcement community to investigate and provide support in response to this incident. Enquiries remain at an early stage and continue to progress including deployment of specialist cyber crime resources to support their response.

SEPA:    Threatpost:       ITPro:       STV:        BBC:       Open Security:        TEISS

You Might Also Read: 

Beware The Latest  Malware:

 

« Ransomware Is A CISO's Nightmare
Maritime Cyber Security Needs Shipping Companies to Focus »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Directory of Cyber Security Suppliers

Directory of Cyber Security Suppliers

Our Supplier Directory lists 8,000+ specialist cyber security service providers in 128 countries worldwide. IS YOUR ORGANISATION LISTED?

CSI Consulting Services

CSI Consulting Services

Get Advice From The Experts: * Training * Penetration Testing * Data Governance * GDPR Compliance. Connecting you to the best in the business.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

SSH Communications Security

SSH Communications Security

SSH Communications Security is a leading provider of enterprise cybersecurity solutions for controlling trusted access to information systems and data.

NetExtend

NetExtend

NetExtend services include backup and recovery, endpoint protection, network monitoring, cloud portal and billing and payment solutions.

Telesoft Technologies

Telesoft Technologies

Telesoft Technologies is a global provider of cyber security, telecom and government infrastructure products and services.

Information Systems Security Partners (ISSP)

Information Systems Security Partners (ISSP)

ISSP is a specialized system integrator focused on the information security needs of its corporate clients and providing best in class products and services for securing organizational information.

InterVision

InterVision

InterVision is a leading Strategic Services Provider, assisting businesses in driving value and gaining a competitive edge by helping IT Leaders solve the most crucial challenges they face.

Quantstamp

Quantstamp

Quantstamp are experts in Smart Contract Security Audits. We provide verification that your decentralized system works as intended.

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC)

Vietnamese Security Network (VSEC) is an information security company providing website vulnerability scanning and monitoring services.

Defscope

Defscope

Defscope is an Azerbaijani company entirely focused on cybersecurity offering training, security consulting, and other professional services.

Progress Partners

Progress Partners

Progress Partners is a corporate advisory firm that works with buyers and sellers of emerging growth companies to complete M&A or private placement transactions. Our sectors include cybersecurity.

SHI International

SHI International

SHI International deliver against your IT and business needs, helping you build strategies and solutions that will drive innovation, collaboration and security.

Corona IT Solutions

Corona IT Solutions

At Corona IT Solutions, our team of specialists in networking, wireless and VoIP are dedicated to providing proactive monitoring and management of your IT systems.

Vault Cloud

Vault Cloud

Vault Cloud, Australia's National Cloud, is an Australian owned and operated company specialising in secure, sovereign, hyperscale cloud infrastructure.

Badge

Badge

Badge authenticates you on-demand for every application, on any device, without storing any secrets.

Continent 8 Technologies

Continent 8 Technologies

Continent 8 Technologies is the leading provider of managed hosting, connectivity, cloud and cybersecurity solutions to the global online gambling industry.

Cyber Husky

Cyber Husky

Cyber Husky is an agile technology company that specializes in cloud solutions, cybersecurity, and managed IT services.

Unosecur

Unosecur

Unosecur is a comprehensive identity security platform that addresses identity-related threats in multi-cloud and on-premise environments.