The company has confirmed that South Staffordshire Water “has been the target of a criminal cyber attack”.
In a statement, they stressed that they “remain providing safe water to all Cambridge Water and South Staffs Water customers”.
“This is thanks to the robust water supply and quality control and systems we have in place at all times and the swift work of the teams to respond to this incident and take additional measures. supplement that we have given on a precautionary basis.”
The statement came after a ransomware group called Cl0p claimed to have hacked the network of another water utility company.
Using its darknet site as part of a cyber extortion effort, the group posted what appeared to be stolen identity documents.
It is not clear how the criminals managed to misidentify the victim company.
Along with the release of the files, the group also criticized the company’s security and suggested that other hackers could break into the network and cause significant damage.
Cl0p typically encrypts files on victims’ computer networks to make IT systems unusable unless those victims make an extortion payment, which often stretches into the millions of dollars.
In this case, Cl0p claims to have decided not to encrypt the company’s files. Instead, it demanded an extortion payment to prevent the release of the stolen data and to explain how it managed to break into the network.
The team claims to have access to the company’s SCADA (supervisory control and data acquisition) system, which is software used to manage industrial processes, such as at process facilities. country.
In another unverified statement disputed by South Staffs Water, the blackmailers said: “It would be very easy to change the chemical composition of their water but it is important to note that they I don’t care about harming people.”
Most water utilities have complex systems in place to ensure their water quality, including several checks and balances that are resistant to individual subsystem failures.
Ransomware groups often overstate their access to victims’ networks for the purposes of extortion, expecting that their claims will be amplified in damaging news headlines.
The UK’s National Cyber Security Center (NCSC) advises organizations do not make extortion payments as they do not guarantee any action from the attackers, and also directly contribute to the success of the criminal enterprise.
NCSC chief executive, Lindy Cameron, said earlier this year: “Ransomware remains the single biggest online threat facing the UK and we do not encourage or tolerate ransom demands for ransoms. organized crime.
“Unfortunately, we’ve seen a recent increase in payments to ransomware criminals, and the legal sector has an important role to play in helping to reverse that trend.
“Cybersecurity is a collective effort and we urge the jurisdiction to work with us as we continue to work against ransomware and keep the UK safe online.”
In its statement, South Staffs said: “We are experiencing disruptions to our corporate IT network and our teams are working to resolve this as quickly as possible. It is important to emphasize that our customer service teams are operating as usual.”
A government spokesman said: “We are aware that South Staffordshire Plc was the target of a cyber incident. Defra and NCSC are in close contact with the company.
“Following extensive engagement with South Staffordshire Plc and the Drinking Water Ombudsman, we are assured there is no impact on the continued supply of safe drinking water and the company is taking all necessary steps to investigate this incident.”