Sepa systems disrupted in ransomware attack
The attack has disabled some functions (pic: Terry Murden)
Environmental regulator, the Scottish Environment Protection Agency, has seen its IT systems disrupted by cyber criminals demanding a ransom.
Sepa said international and organised groups are likely to be behind the ransomware attack that has locked its emails and contacts centre since Christmas Eve.
It said the criminals are intent on disrupting public services and extorting public funds.
More than 1.2GB of data has been stolen, including information about staff, though this equivalent to a small fraction of the contents of an average laptop hard drive.
Sepa is working with the Scottish Government, Police Scotland and the National Cyber Security Centre to respond to what it describes as “complex and sophisticated criminality”.
A number of SEPA systems (including email) will remain badly affected for some time, with new systems required.
Priority regulatory, monitoring, flood forecasting and warning services are adapting and continuing to operate.
Terry A’Hearn, chief executive of the Scottish Environment Protection Agency, said: “Whilst having moved quickly to isolate our systems, cyber security specialists, working with SEPA, Scottish Government, Police Scotland and the National Cyber Security Centre have now confirmed the significance of the ongoing incident.
“Partners have confirmed that SEPA remains subject to an ongoing ransomware attack likely to be by international serious and organised cyber-crime groups intent on disrupting public services and extorting public funds.”