MRW (Materials Recycling World) is the market-leading business title for the recycling and waste management industry, reaching our audience in print and online.
An investigation by police into the cyber-attack on the Scottish Environment Protection Agency (Sepa) in December 2020 revealed it was “most likely” carried out by an international organised crime group.
Sepa refused to pay a ransom after around 1.2GB of data was stolen and sensitive information illegally published online. It struggled to keep key services running during the attack.
Audits into the incident were carried out by Police Scotland, Scottish Business Resilience Centre (SBRC) and business advice firm Azets.
Police Scotland said the attack “displayed significant stealth and malicious sophistication with a secondary and deliberate attempt to compromise Sepa systems as the team endeavoured to recover and restore back-ups”.
It added Sepa had a “strong culture of resilience” and had carried out emergency exercises to prepare for attacks.
SBRC said Sepa had implemented “sophisticated defence and detection mechanisms” before the attack but recommended it could increase its “offline storage capacity and speed”.
Sepa chief executive Terry A'Hearn (pictured) said the agency had been victim of a “hideous, internationally orchestrated crime”.
He added: “Unfortunately, our story is not unique. Cybercrime has rapidly expanded around the world. Major organisations such as Apple, the Irish Health Service, LinkedIn, Colonial Pipeline, CitiBank, Sony and many more have been hit by cyber-attacks.
“In the face of this awful crime, I am immensely proud of the way our team has coped and responded. We have delivered high-priority services to protect Scotland’s environment and started building all our services up in new and better ways. In the end, we will have fast-tracked major reforms we had set out to do anyway."
A'Hearn said Sepa's decision to speak openly about the attack had helped it to recover services quickly.
He added: “The audits make it clear we were well protected but that no cyber security regime can be 100% secure. A number of learnings have been identified that will help Sepa further improve its cyber security. All have been accepted.”
Detective inspector Michael McCullagh, cybercrime investigations, Police Scotland, commended Sepa for showing leadership in speaking about the incident openly.
He said: “Police Scotland has been consistently clear that Sepa was not and is not a poorly protected organisation. It had a strong culture of resilience, governance, incident and emergency management and worked effectively with Police Scotland and others.
“Recent attacks against Sepa, the Irish Health Service and wider public, private and third sector organisations are a reminder of growing threat of international cyber-crime and that no system can be 100% secure. They are also a reminder of the growing importance of organisations being ready, resilient and responsive.”
Have your say
or a new account to join the discussion.