Scottish Environment Protection Agency says it will not use public funds in ransomware attack

Scottish Environment Protection Agency hit with ransomware attack

The Scottish Environment Protection Agency (SEPA) has been dealing with an ongoing data breach and ransomware attack since Christmas Eve 2020. The agency previously confirmed the theft of around 1.2 GB of data or around 4,000 files.

The files include business and staff information, some of it already publicly available and some of it internal, though the agency says it may never know the full details of the breach. While the cyberattack and ransomware is still currently active, SEPA has told reporters that it will not engage with criminals or use public funds to pay for the ransomware.

Some of the information stolen from the agency has since been published online, but Scotland Police have told individuals and organizations not to search for it, as accessing the host site may place their computer infrastructure at risk.

"We are continuing to respond to the ongoing ransomware attack likely to be by international serious and organized cyber-crime groups. The matter is subject to a live criminal investigation," the agency said on its website.

ON DEMAND: Business-impacting events such as severe weather, man-made disasters, and supply chain disruption are increasing in frequency and making impacts around the globe.

In today's rapidly evolving security landscape, organizations face an ever-growing array of disruptive events, security threats and risks. Traditional reactive approaches to security intelligence often leave businesses vulnerable and ill-prepared to anticipate and mitigate emerging threats that could impact the safety of their people, facilities or operations.