Scottish Environment Protection Agency falls victim to ransomware

The Scottish Environment Protection Agency (SEPA), the main environmental regulator for the improvement and protection of the Scottish environment, has confirmed a complex and sophisticated ransomware cyberattack that has resulted in the unavailability of its public services.

The security incident, detected last Christmas Eve, has affected its contact centre and various internal systems, processes and communications. A loss of at least 1,2Gb of data has been identified and at least 4.000 files containing business, procurement, project and personal information are also suspected of being accessed and stolen.

SEPA reacted immediately to this event, isolating the infected computers and activating its business continuity plan. Priority regulation, monitoring, flood forecasting and warning services were kept operational.

An investigation is currently under way, and it is confirmed that some internal systems and servers are still offline, and that restoration of normal activity will take time. All affected users will also be gradually contacted.