Vinchin News & Events
News List SEPA Still Fixing 2020 Cyberattack 13 Months on, Ransomware Continue to Hang Over

SEPA Still Fixing 2020 Cyberattack 13 Months on, Ransomware Continue to Hang Over

2022-03-25 | Vinchin Official

The Scottish Environment Protection Agency (SEPA) was subjected to a phishing e-mail attack on 24 December 2020 and now, they still pay the consequence 13 months later.

 phishing-6573326__480.webp

1.  What happened?

SEPA suffered from a ransomware attack on Christmas Eve 2020, with criminals demanding payment for the stolen around 1.2 GB data, at least 4,000 files.

The investigation result Police Scotland had was it’s possibly human error due to the fact the SEPA’s cyber defenses were good and the staff mistakenly clicked phishing e-mail masqueraded as a genuine email.

2.  What’s the upshot?

SEPA CEO Terry A’Hearn resigns

Terry A’Hearn has been in post since 2015 and announced his resignation after the allegations.

The Chief Officer, Jo Green took over his job temporarily before the recruitment.

Huge economic loss

“SEPA had to recreate accounting records from bank and HMRC records. This made it difficult for the auditor to gain sufficient evidence to substantiate around £42m of its income from contracts." said Auditor General Stephen Boyle. He also mentioned the backups were also lost or hacked and the “The full financial impact is not yet known.”

As of March, 2021, this attack is believed to cost SEPA £1.2 million.

SEPA had to written off about £2 million because it would be unable to collect in fees due to loss of underlying records and £42 million income from contracts for the environmental regulator.

The latest financial documents from Quango’s estimate a budget deficit between £6 million and £17 million by 2024 with 50 full time equivalent jobs at risk.

Recovery could take years

SEPA didn’t pay the ransom and it basically kept the key services.

Then CEO Mr A’Hearn said building a new IT system from scratch would take a year or two and 13 months gone, the agency is still rebuilding its digital infrastructure.

3.  What’s the advice?

“This incident highlights how no organization can fully defend itself against the threat of today's sophisticated cyber-attacks.”Auditor General Mr Boyle said. However, it's crucial that organizations can never be too well-prepared. “SEPA was in a solid position but it will continue to feel the consequences of this attack for a while to come. Everyone in the public sector can, and should, learn from their experience." Mr Boyle suggested.

It seems that no matter how much preparation the companies have done, cyberattack incidents do happen, even they are well prepared organizations with high maturity. But there are always strategies and plans against these cyber criminals or hackers.

First thing first, back up your data for fear of ransomware.

Then, bolster IT security.

Last but not least, be alert to potential threats and conduct regular disaster drills.

As we can tell by experience, a complete data protection plan provides a solid basis for later IT operations, and software like Vinchin Backup & Recovery can help enterprise-grade users get the goal in a streamlined way. Having frequent data backups and offsite backup copies stably run under the help of the reliable features the software provides, the data loss caused by cyberattacks can be minimized since you’ve got early prepared before they come.

1. On-premises Backup with Smart Backup Scheduling

Vinchin Backup & Recovery provides automated, agentless full backup, (forever) incremental backup and differential backup combinations on daily, weekly, monthly basis for virtual machines, catering to different backup needs. You can customize the backup strategy based on the actual production environment, such as scheduled full backup with incremental backup or full backup with differential backup.

2.  Anti-Ransomware Backup Storage Protection

Vinchin Backup & Recovery uses real-time IO monitoring technology, protecting backup data stored in Vinchin backup storages by promptly denying backup data modification requests made by unauthorized applications. The visit will be denied if ransomware or other malware attempts to change the backup. In case cyberattack hits your data center, you can make sure most parts of the backed-up data are still highly recoverable.

3.  Offsite Backup Copy

Vinchin Backup & Recovery safeguards data against cyberattack in several ways. With Vinchin Offsite Backup Copy, you can copy your backup data to a remote DR center or your branch office's backup data to HQ. If your primary production system crashes, you can restore the VM to an offsite production system using the offsite backup copy. By transferring the well-protected backup copy from the remote site to the local production environment, you can restore the VM to the onsite production system.

Ransomware attack continues to hang over all walks of life and never die down as time goes by. One human misoperation or a nature accident could crash the production system and conduce to brand image damage and economic loss. The best we can do is to protect our data comprehensively and learn lessons from incidents like SEPA cyberattack.

  • Tag:

60-DAY FULL-FEATURED FREE TRIAL

  • No credit card required
  • Get started in 10 minutes
Free Trial Now close-icon