SEPA cyber attack recovery could take ‘two years’, says organisation’s boss
The recovery of IT systems for Scotland’s environment watchdog could take ‘two years’, according to the organisation’s chief executive.
Terry A’Hearn, who runs the Scottish Environment Protection Agency (SEPA), has told BBC news that it may be another 24 months before the full restoration of the agency’s computer systems.
Sepa was locked out of its network on Christmas Even after falling victim to ransomware gang Conti, and has been in recovery mode ever since.
Mr A’Hearn, who chaired emergency meetings in the aftermath of the cyber attack, and was supported by police and cyber agencies, has spoken publicly several times about the incident.
In his latest interview he told the BBC: “I think this a process that will take a year or two.
“We had reform aims anyway, we were going to build a new IT system progressively over five or six years.
“This is an opportunity we didn’t want provided by criminals, but we’ve decided to fast-track that and will build that in one or two years.”
Sepa refused to cooperate with the hackers – who are thought to be Russia-based and have a string of other victims including Aspire, a homeless and housing support agency in Glasgow. The health service in Ireland also recently fell prey to the gang. As a ‘punishment’, the gang dumped a cache of Sepa’s commercial data on its dark web blog, which included private conversations between senior management and some staff grievances.
Mr A’Hearn added: “If we had paid then we would have increased the risk for everyone else.”
The public body’s core services – including flood forecasting and protection – have been reinstated and a Microsoft 365-based system has been implemented.
However the organisation also spent £800,000 on trying to recover data from the cyber incident, but Mr A’Hearn has acknowledged that although the vast majority of it will be recoverable some of it will not be. He questioned whether some of the data was actually that essential to the work the agency has done in the past; Sepa has also relied on external help from trade associations that collected their data as part of their work.
Police Scotland is still investigating the incident but the time lag between identifying the ransomware gang and issuing criminal proceedings suggests there may be significant challenges in bringing anyone to justice.
Keeping the human connection in general practice
When it comes to healthcare, I’m a firm believer that technology should support the user, not replace the user. There can be no doubt about the vital role technology has…
Tapping into neurodivergent talent could close tech skills gap, says ScotlandIS CEO
In the second column brought to you by Skills Development Scotland about recruiting neurodivergent talent, chief executive of ScotlandIS Karen Meechan gives us her perspective on the subject. In Scotland,…
How blockchain technology could revolutionise the construction industry
Non-fungible tokens – or NFTs – have been around for a while, however their use remains untapped in the construction and architectural sector. Most people will have heard of cryptocurrencies…
Remote learning at university: is it here to stay?
Remote learning – or what we call hybrid learning at the University of the West of Scotland (UWS) – has quickly adapted throughout the pandemic, and it has presented both…
Empowering women to lead digital transformation
The Scottish Government and ScotlandIS – the digital technologies cluster management organisation – have conceived an amazing course to nurture future female talent in the IT industry titled, Empowering Women…
Charting a safe pathway through echo chambers
Teaching young people to navigate
virtual bubbles and life in a ‘digital
bazaar’ is now of critical importance
The rise of ransomware and what to do
It’s no longer just the responsibility
of organisations’ IT departments to
keep business systems safe