Friday, July 23, 2021

Ongoing ransomware attack leaves systems badly affected, says Scottish Environmental Regulator

Must Read

Attackers Targeting Unpatched Exchange Servers With DearCry Ransomware

Ransomware attackers are now targeting Exchange servers that haven’t received the patches that Microsoft released last week. According to the...

Critical ThroughTek vulnerability attackers access Millions of Connected Cameras

The U.S. Cybersecurity and Infrastructure Security Agency (CISA), on Friday, Issued an advisory about a critical vulnerability in the...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on...

About a month after the first attack, the Scottish Environmental Protection Agency (SEPA) systems remained offline – and stolen information from the organization was leaked by hackers.

The Scottish Environment Protection Agency (SEPA) has warned that it may take “significant time” before programs and services can be fully restored after being hit by ransomware the night before Christmas.

The SEPA communications center, internal systems, processes, and internal communications were all affected by the attack, which struck the day before Christmas.

The organization, which is the Scottish government’s director of environmental protection, also confirmed that 1.2GB of data had been stolen as part of the attack – including information about SEPA staff.

In a lengthy renovation late last week, the agency said the “bulk” of its IT systems would remain “badly affected for some time,” and in some cases would have to be completely replaced.

“The agency has confirmed that email, staff schedules, multiple reporting tools, systems, and information remain unavailable and access to a series of programs and tools that have not been available for a long time,” it continued.

In addition to the ransomware attack, SEPA’s ability to provide flood forecasting and warning services, as well as control and monitoring services, continues.

One of these programs is an online reporting service with questions about pollution. Although it has now been restored, any information added to the service during the first days of attack is not available.

But while the infected programs have been sorted out, the latest review of SEPA on the Hareoware attack states that the recovery will take “significant time” and that many programs “will remain badly affected for some time” with completely new programs needed.

SEPA has blamed ransomware attacks on “critical and organized criminals” cybercriminals.

However, the attackers also seized 1.2GB of data from the company including purchase details, commercial projects, and SEPA staff, as well as its business plans, essentials, and exchange plans. Some, but not all, are thought to be publicly available.

“While we have quickly divided our plans, security experts, working with SEPA, the Scottish Government, the Scottish police, and the National Cyber ​​Security Center, have now confirmed the significance of this incident,” said Terry A’Hearn, Chief Executive of SEPA.

While the organization itself has not confirmed what type of ransomware it has been its victim, the cybercriminal group behind Contonhlengware has published what it calls stolen information to a Scottish government ambassador.

Priyanshu Vijayvargiya
Founder and Editor-in-Chief of 'Virtualattacks Inc' Priyanshu Vijayvargiya is a cybersecurity analyst, Information Security professional, developer, and a white hat hacker.


Please enter your comment!
Please enter your name here

Latest News

OAIC: Uber found to have interfered with the privacy of over 1.2 million Australians

The Office of the Australian Information Commissioner (OAIC) has determined that Uber Technologies, Inc. and Uber B.V. have interfered...

Over 80 US Municipalities data are exposed due to Misconfigured Amazon S3

A team of Cybersecurity researchers at Wizcase found major data exposure of Over 80 US Municipalities due to the Misconfigured Amazon S3 Bucket. This happened...

Formbook malware Upgraded as an XLoader malware to Attack macOS Systems

Researchers have spotted an upgraded malware variant of Formbook malware which is now Upgraded as an XLoader malware to Attack macOS Systems. Cybersecurity researchers on...

Millions of HP, Samsung, Xerox Printers are Vulnerable to 16 year old bug

A 16-year-old security vulnerability affects Millions of HP, Samsung, Xerox Printers Driver allows attackers to gain admin rights on systems using the vulnerable driver...

MosaicLoader malware targets cracked software via SEO poisoning

New MosaicLoader malware targets users that are searching to download cracked software. Cybercriminals run ad campaigns in search engine results to boost their malicious...

More Articles Like This