On Christmas Eve, the Scottish Environment Protection Agency confirmed that it was responding to a significant cyber-attack affecting its contact centre, internal systems, processes and communications. SEPA will not engage with likely international serious and organised criminals intent on disrupting public services and extorting public funds. The matter is subject to a live criminal investigation.
Following the attack, business continuity arrangements were immediately enacted and our Emergency Management Team is working with Scottish Government, Police Scotland and the National Cyber Security Centre to respond to what is complex and sophisticated criminality.
Whilst the attack significantly impacted our organisation and infrastructure, we’re working to clear external priorities:
• Protecting Scotland’s environment.
• Providing priority services to individuals and businesses across Scotland.
Our approach continues to be to take the best professional advice from multi-agency partners, including Police Scotland and cyber security experts, with the multi-agency response focused on eradication, remediation and recovery.
We’ve said that whilst for the time being we’ve lost access to most of our systems, including our email system, what we haven’t lost is the knowledge, skills and experience of our twelve-hundred expert staff.
Through their work we’ve adapted and continue to provide priority regulatory, monitoring, flood forecasting and warning services. In addition, our approach will continue to prioritise supporting Scotland’s recovery.
Whilst some systems and services may be badly affected for some time, step-by-step we’re working to assess and consider how we recover. On our website you’ll find the latest information on our current service status and recovery.
We’ll update this on a weekly basis so that we’ve clear on what those we work with can expect and how we’ll prioritise progress.