Ransomware: hackers miss their chance by mistaking the company

This is quite an unusual story that is happening in the London area. Indeed, a large company is experiencing some difficulties due to computer disruptions while a group of hackers is demanding a ransom from another company in the same sector. Course of the case:

South Staffordshire Water releases statement confirming cyberattack

South Staffordshire Water is a relatively large English company from the West Midlands, having acquired Cambridge Water in 2011. It also operates through its subsidiary South Staff water. The areas served are Staffordshire, Derbyshire, Leicestershire, Warwickshire and Worcestershire and we count among the towns served: Uttoxeter, Burton upon Trent, Rugeley, Cannock, Lichfield, Brownhills, Burntwood, Tamworth, Aldridge, Walsall, Sutton Coldfield, West Bromwich, Kinver, Tipton, Dudley, Rowley Regis, Willington, Etwall …
It is not a small company, far from it, since every day it serves 1.6 million users for an average volume of 330 million liters of drinking water.

The company acknowledges, in a press release published on August 15 on its website south-staffs-water.co.uk, that it is the target of a group of cyber criminals who are disrupting their computer network. However, they announce that they are fully able to continue supplying water thanks, in part, to the robust equipment and quality procedures in place. All of this has enabled them to deal with the cyber attack and respond appropriately.

Thames Water targeted by the Clop hacker gang

But at the same time, the hacker group Clop published a statement on the Dark Web incriminating Thames Water as a company with bad practices and not providing a reliable service. The hackers say they spent months on Thames water’s system but decided not to encrypt the data. Instead, the group claims to have recovered 5TB of data and claims to provide evidence of this by releasing screenshots and previews of the data.

Thames Water cries conspiracy and hoax while totally refuting the accusations against it. Indeed, some of the email addresses in the previews seem to belong to South Staff water which could explain the whole story.

So did the Clop group really infiltrate the Scada system of Thames Water? Or did they get the wrong victim when they made the ransom demand? Should we underestimate them or rather be wary of them because they are capable of attacking again and fining Thames Water?

The future will certainly tell us…

Related Articles

Back to top button