International crime group behind SEPA hack
An international serious organised crime group was behind the SEPA hack late last year, Police Scotland has concluded.
The cyber attack saw more than 4,000 digital files stolen from the environment agency.
An independent audit said the attack “displayed significant stealth and malicious sophistication”.
A second hacking attempt was also made in a bid to sabotage SEPA’s attempt to fix the problem caused by the first.
The audits also found that while SEPA had “sophisticated defence and detection mechanisms”, two of its backups had been effected by the hack.
Chief executive Terry A’Hearn said: “The audits make it clear we were well protected but that no cyber security regime can be 100 per cent secure.
“A number of learnings have been identified that will help SEPA further improve its cyber security. All have been accepted.”
The ransomware attack was detected at 00:01 on Christmas Eve last year.
Some of the stolen information was published online, including business and staff information.
The environment watchdog did not respond to the ransom request.
Detective Inspector Michael McCullagh said: “Recent attacks against SEPA, the Irish Health Service and wider public, private and third sector organisations are a reminder of growing threat of international cyber-crime and that no system can be 100 per cent secure.
“They’re also a reminder of the growing importance of organisations being ready, resilient, and responsive.
“SEPA’s work in standing up to, and speaking openly about international serious and organised cyber-crime, shows real leadership.”
Holyrood Newsletters
Holyrood provides comprehensive coverage of Scottish politics, offering award-winning reporting and analysis: Subscribe