Scotland’s environmental watchdog has spent nearly £800,000 on its response to a serious cyberattack, new figures show.
The Scottish Environment Protection Agency (Sepa) had quite 4,000 of its digital files stolen by hackers on Christmas Eve.
The files were released on the web when Sepa refused to pay a ransom.
The public body has warned it might be next year before its systems have fully recovered from the attack.
Figures released to a news channel in Scotland under freedom of data laws show a complete of £790,000 has been spent on Sepa’s response and recovery actions thus far.
This includes £458,000 on stabilizing the watchdog’s business IT platform.
Sepa has restored the bulk of its key services, like flooding forecasting, but it’s expected a full recovery from the attack will take up the rest of 2021-22.
Terry A’Hearn, Sepa’s chief executive, said: “Whilst we initially lost access to our data and systems, what we didn’t lose was the expertise of our 1,200 staff.
“Since Christmas Eve, teams across the agency are working flat-out to support our people, partners, and customers and to revive our system’s services as quickly as possible.
“Our clear recovery strategy is gradually seeing systems being restored. By Easter, over 70% of staff are going to be back online and we’re engaging data recovery specialists and are confident that we’ll recover the foremost important data.”
Sepa rejected a ransom demand for the attack, which was claimed by the international Conti ransomware group.
Contracts, strategy documents, and databases were among the 4,000 files released.
The data has been placed on the dark web – a neighborhood of the web related to criminality and only accessible through specialized software.
Some of the knowledge stolen was already publicly available but other files, including data about staff and suppliers, were not.
Sepa told that a complete of 54 people had been in-tuned to ask if their data was among the files stolen. This includes 27 current and former staff members.
Police Scotland is investigating the crime and has previously indicated the likely involvement of international serious and arranged crime.
Det Insp Michael McCullagh said: “Police Scotland is constant to figure closely with Sepa to research and supply support in response to the present incident.
“The actions of the criminals behind this crime show a blatant disregard for public safety, evident during this sickening attack on a corporation like Sepa. this sort of crime and its impacts are often significant.
“I would urge caution within the viewing and downloading of any data published by cybercriminals. The likelihood of these files being infected and making you their next victim is high.”