January 2021

Scottish Environmental Protection Agency (SEPA) 

Hackers behind the ransomware attack on the Scottish Environmental Protection Agency (SEPA) have published about 4,000 stolen files, as the Agency continues to resist demands to pay.

In an update on its website, SEPA confirmed that the data stolen from the agency’s systems has been published on the web by cyber criminals.

The Agency first identified the ransomware attack on Christmas Eve. The attack was so serious that it knocked many of the agency’s critical IT systems offline, and disrupted public services. SEPA’s email systems were also affected, and are still down.

An initial investigation concluded that a highly organised, international cyber-crime group cyber attack launched the attack, with an intention to extort public funds. Soon after, the operators of the Conti ransomware claimed the responsibility.

Conti was first noticed in May 2020. The operators claim that their ransomware has successfully been used to breach more than 150 victims in the past seven months, generating profits of several million dollars.