The South Staffordshire PLC, which owns South Staffs’ Water supplies, confirmed that they had indeed suffered a cyber attack on August 15th. This attack disrupted the internal network.
A spokesperson for the South Staffordshire PLC said, “As you’d expect, our number one priority is to continue to maintain safe public water supplies. This incident has not affected our ability to supply safe water, and we can confirm we are still supplying safe water to all of our Cambridge Water and South Staffs Water customers.”
The perpetrator has claimed to have large amounts of data of South Staffordshire PLC that has been threatened to be released if the ransom is not paid. They have also claimed they had access to a SCADA System that controls industrial processes at the treatment plants and other facilities.
The Ransom group also claimed, “It would be easy to change chemical composition for their water, but it is important to note we are not interested in causing harm to people.”
Although it is not clear how the group gained access to the network, a report was released with thousands of exposed Virtual Network Computing instances managed by a Global Critical Infrastructure. This included organisations within the water treatment organisation.
It is vital to ensure all aspects of your organisation are protected and up to date. Network segmentation can also create barriers to specific areas of your network, further protecting your network from lateral movement and the spread of ransomware.