Scottish Environment Protection Agency (SEPA) continues weekly service status updates following cyber-attack

  12 February 2021
The Scottish Environment Protection Agency (SEPA) has published the third in a series of weekly service status updates in response to the Christmas Eve cyber-attack which continues to significantly impact the agency’s internal systems and services.

• Scottish Environment Protection Agency (SEPA) keeps Scottish business informed on service status following ransomware attack
• Weekly service status updates available at sepa.org.uk/servicestatus
• Agency has also set out overarching Approach to the delivery of services for the first half of 2021

The Scottish Environment Protection Agency (SEPA) has published the third in a series of weekly service status updates in response to the Christmas Eve cyber-attack which continues to significantly impact the agency’s internal systems and services.

In addition to five updates on the attack, the agency has now issued the third in a series of weekly service status updates aimed at keeping Scottish businesses informed on its progress on service recovery.

The agency’s also recently published its Approach to the delivery of services for the first half of 2021, outlining how the organisation will prioritise the protection of Scotland’s environment and the provision of priority services across the period in response to COVID-19, the post EU system, the climate and nature emergencies and the ongoing cyber-attack.

SEPA was clear it will not engage with likely international serious and organised criminals intent on disrupting public services and extorting public funds, and the matter is subject to a live criminal investigation.

Priority regulatory, monitoring, flood forecasting and warning services are continuing to adapt and operate.

Terry A’Hearn, Chief Executive of SEPA, said:

“As Scotland’s environmental regulator, SEPA plays an important role in protecting and enhancing Scotland’s environment, supporting Scottish businesses doing the right thing and holding to account those who seek to do the wrong thing.

“Whilst confronted by a sophisticated criminal cyber-attack we’ve been clear that we won’t use public finance to pay serious and organised criminals intent on disrupting public services and extorting public funds.

“We know that Scottish businesses, communities and citizens depend on us to do our job which is why, even on Christmas Eve, we prioritised critical frontline services including flood warnings to safeguard families, communities and businesses.

“Sadly cyber-crime is an increasing challenge for Scotland’s businesses and public sector partners and service recovery takes time. Whilst, for the time being, we’ve lost access to our data and systems, what we haven’t lost is the expertise of our 1,200 staff. Since Christmas Eve, teams across the agency have been working flat-out to restore our services as quickly as possible. We’ve made good progress in the first few weeks and we’re already seeing more come back online.

“We’re issuing weekly updates on our recovery and service status to be clear on what those we work with can expect and how we’ll prioritise progress and we’re continuing to speak with and listen to regulated businesses and other stakeholders.”

Information of SEPA’s service status is available at sepa.org.uk/servicestatus

EARLIER RELEASES: