South Staffordshire Water victim of cyber attack, customers not at risk

The UK is under drought conditions and water companies are already being criticised for under-investment in infrastructure

Image:
The UK is under drought conditions and water companies are already being criticised for under-investment in infrastructure

Gang claims to have a policy against harming critical infrastructure

South Staffordshire Water, which mainly supplies water across Staffordshire and the West Midlands, has been the victim of a cyberattack - although those responsible originally claimed victory over the wrong company, and drinking water is not at risk.

The Cl0p gang posted a trove of documents on its darkweb site yesterday, including personal data like passport scans, screenshots of user interfaces and spreadsheets, which it falsely claimed belonged to Thames Water. This is despite the documents clearly showing their link to South Staffs Water (SSW).

Claiming to have access to more than 5TB of data, the group said, 'Thames Water supply much of critical water services to people and companies. Companies like this have much responsibility and we contact them and tell them that they have very bad holes in their systems. All systems.

'We spent months in the company system and saw first-hand evidence of very bad practice. This company is all for money and not deliver reliable service. It is better to save one pound so management can make bonuses and stock price do well. They lost way when only concentration on finance.'

As well as its apparently socialist leanings, CI0p has a policy against harming critical infrastructure. Because of this, it has not locked files to ransom them back; instead it is focused on extorting SSW, demanding money for the files' return (quite how this differs from direct harm is probably in the fine print of CI0p's doubtlessly iron-clad and benevolent hacking policy).

The group has also criticised SSW's security, saying other hackers could break into the company's network. It claims to have access to the company's supervisory control and data acquisition (SCADA) systems: the software used to manage industrial processes, such as those at water treatment facilities. SSW disputes the claim.

For its part, SSW says it is 'still supplying safe water to all of our Cambridge Water and South Staffs Water customers,' a total of about 1.6 million people.

'This is thanks to the robust systems and controls over water supply and quality we have in place at all times as well as the quick work of our teams to respond to this incident and implement the additional measures we have put in place on a precautionary basis.'

Ed Macnair, CEO of Censornet, said:

"Preventing sensitive data and intellectual property from leaking into the hands of cyber criminals is vital to ensuring the safe supply of water, particularly in a drought. Attackers are always looking for ways to cause maximum damage, disruption and of course, gain valuable personal information. And they're increasingly bringing the fight into the public domain."