Scottish Agency Still Recovering from 2020 Ransomware Attack
A ransomware attack on a Scottish regulator in 2020 continues to significantly impact operations, with the true cost of the incident still unknown, an audit has found.
The double extortion attack hit the Scottish Environment Protection Agency (SEPA) on Christmas Eve 2020, forcing IT services offline.
According to a new report from Audit Scotland, the initial attack vector appears to have been a phishing email, although it’s still not 100% clear.
Despite following best practice backup guidelines, with one copy stored offline, the “sophisticated nature of the attack” meant online copies were quickly targeted, and there was no way of accessing historical records quickly, the spending watchdog claimed.
As a result, the “majority” of SEPA’s data was encrypted, stolen or lost.
Despite claiming the agency had a “high” level of cyber-maturity, independent reviews since the attack have also made 44 recommendations for enhancing the agency’s cyber-readiness and resilience.
According to Audit Scotland, it will be particularly alarming to Scottish taxpayers that more than a year on from the attack, the agency is still reinstating some of its systems.
The auditor took the rare step of issuing a “disclaimer of opinion” on SEPA’s annual accounts for 2020/21, claiming it couldn’t access enough evidence to substantiate £42m of income from contracts.
The agency still doesn’t know the total financial impact of the cyber-attack, although it has already been forced to write off over £2m in bad debts because of records lost to the incident.
“Based on management forecasts during the year, the Scottish Government gave SEPA authority to overspend by £2.5m to cover the impact of Covid19 and the cyber-attack if required,” the report claimed.
“SEPA recognizes that the cyber-attack has increased the medium to longer-term financial pressures on the organization. Its financial strategy 2020-24 had already identified potential variability in future income and expenditure streams of up to £17.9m as a worst-case scenario.”
More Stories
Friday Squid Blogging: Squid Sticker
A sticker for your water bottle. Blog moderation policy. Read More
Italy’s Data Protection Watchdog Issues €15m Fine to OpenAI Over ChatGPT Probe
OpenAI must also initiate a six-month public awareness campaign across Italian media, explaining how it processes personal data for AI...
Ukraine’s Security Service Probes GRU-Linked Cyber-Attack on State Registers
The Security Service of Ukraine has accused Russian-linked actors of perpetrating a cyber-attack against the state registers of Ukraine Read...
LockBit Admins Tease a New Ransomware Version
The LockBitSupp persona said LockBit 4.0 will be launched in February 2025 Read More
Webcams and DVRs Vulnerable to HiatusRAT, FBI Warns
The FBI has issued a warning about the Hiatus RAT malware targeting Xiongmai and Hikvision web cameras and DVRs, urging...
CISA Urges Encrypted Messaging After Salt Typhoon Hack
The US Cybersecurity and Infrastructure Security Agency recommended users turn on phishing-resistant MFA and switch to Signal-like apps for messaging...