The loss of back-up data in the cyberattack on Scotland’s environment watchdog has been “debilitating”, the Auditor General has told MSPs
A Holyrood committee heard the ransomware attack on the Scottish Environment Protection Agency (Sepa) took place despite it having good cybersecurity in place.
The agency fell victim to a sophisticated attack on Christmas Eve 2020, leading to much of its critical data being lost.
Earlier this month, Audit Scotland published a report which said Sepa was still working to rebuild its system 12 months on from the attack, the full cost of which is still not known.
Auditors gave further details to the Public Audit Committee on Thursday.
Auditor General Stephen Boyle said no organisation can fully mitigate the risk of cyberattacks, and the loss of back-up data shows the sophistication of the attackers.
He said: “Sepa didn’t pay the ransom, so public money wasn’t used to that effect.
“But not having access to the back-ups has really been debilitating to the organisation in terms of the availability of its records, recreating its accounts and so forth.”
Sepa now has an action plan which includes strengthening its back-up arrangements, the committee was told.
Committee member Willie Coffey said it is dangerous to have a link between main servers and their back-ups.
Mr Coffey told the committee: “In my days working with computing, we used to take the back-up in a case and take it to the bank on a server.
“We’d actually take a hard drive away and make sure it was physically protected.
“So there’s a lesson from the past there as well.”
