The parent firm of Cambridge Water and South Staffs Water emphasizes that it continues to provide consumers with clean drinking water.
The corporation has revealed that South Staffordshire Water has been the subject of a criminal computer attack.
In a statement, the company emphasized that it was “continuing to provide safe water to all Cambridge Water and South Staffs Water customers.”
“This is a result of the rigorous systems and controls over water supply and quality that we have in place at all times, as well as the swift effort of our staff to respond to this occurrence and apply the additional precautionary steps we have implemented.”
The announcement was issued after a ransomware organization known as Cl0p claimed to have breached the networks of another water provider.
The organization posted what seemed to be stolen identification documents on its darknet site as part of a botched attempt at cyber extortion.
It is unclear how the crooks misidentified the victim organization.
In addition to publishing files, the group criticized the company’s security and indicated that other hackers may penetrate the network and wreak substantial damage.
Typically, Cl0p encrypts the files on victims’ computer networks to render the IT systems inoperable unless the victims pay an extortion fee, which can reach millions of dollars.
Cl0p asserts that it has decided not to encrypt the company’s files in this instance. Instead, it is requesting an extortion payment to prevent the distribution of the stolen data and to disclose how it breached the network.
The organization claims to have access to the company’s SCADA (supervisory control and data acquisition) systems, which are used to handle industrial processes such as those at water treatment facilities.
In another unsubstantiated allegation that is contested by South Staffs Water, the extortionists assert, “It would be simple to alter the chemical composition of their water, but we are not interested in harming people.”
Highly developed systems
The majority of water corporations have sophisticated systems in place to maintain the quality of their water, including several checks and balances that are resilient to the failure of individual subsystems.
For the sake of extortion, ransomware gangs frequently exaggerate their access to victims’ networks, anticipating that their claims will be repeated in negative news articles.
The National Cyber Security Centre (NCSC) of the United Kingdom warns businesses against making extortion payments because they do not guarantee any action from the attackers and contribute directly to the development of criminal activity.
Ransomware is the “greatest online menace”
Lindy Cameron, the CEO of the NCSC, stated earlier this year, “Ransomware remains the greatest online threat to the United Kingdom, and we do not promote or condone paying ransom demands to criminal organizations.
Unfortunately, ransomware payments have increased recently, and the legal system has a crucial role to play in reversing this trend.
Cyber security is a communal endeavor, and we urge the legal profession to collaborate with us as we continue to fight ransomware and keep the United Kingdom’s online infrastructure secure.
South Staff stated in a statement, “We are experiencing disruptions to our corporate IT network, and our staff is trying to repair the issue as soon as possible. It is essential to note that our customer service teams are operating normally.”
“We are aware that South Staffordshire Plc has been the target of a cyber attack,” stated a government official. Defra and NCSC are in close contact with the business.
After significant contact with South Staffordshire Plc and the Drinking Water Inspectorate, we are reassured that there will be no impact on the continued safe supply of drinking water, and the firm is taking all required procedures to examine this event.”
