Tens of thousands of email accounts belonging to public sector organizations and its users have been located on the dark web following a breach targeting the Scottish public service.
According to reports, an excess of 42,000 leaked credentials and hacked online accounts have been shared across hacker forums in the dark web. Cybersecurity officials are now afraid that the event may result in a potentially disastrous cyberattack on public services.
Investigators have mirrored their concerns on the reality that dark web platforms continue to serve as dumping sites for data that has been stolen through brazen breaches. Typically, stolen data is normally used by threat actors to target oblivious organizations and users via social engineering schemes.
The Israeli dark web threat intelligence firm Kela is credited with discovering the large dump of data from dark web sources. The organization intimated that the trove of data entails sensitive information that was traced to other cyber events.
An article by Futurescot confirmed Kela’s findings about the stolen credentials being associated with multiple data breaches – 24 of the leaked email accounts had been shared more than 100 times in numerous cyber events.
Scottish Public Organizations Affected
A scan that was conducted across the dark web pointed out that more than 50 Scottish public sector entities had been affected. Among the organizations that were implicated included the National Health Service (NHS), local councils and the central government.
The purpose of the scan was to find out whether the organizations had service users or workers whose sensitive information from past cyber events may have been published on the dark web.
Nonetheless, as investigators sought to match email addresses and passwords in the case, concerns were raised regarding the potential attraction of cybercriminals to use the stolen data in executing cyberattacks.
Otherwise, the investigators believed that many of the affected organizations had already been aware of the leaked credentials and possibly conducted the necessary clean-up exercise. This assumption follows the expectation that most of the Scottish public sector employ their own dark web monitoring service that scan hacking forums.
A Wake-Up Call
According to a survey by the Scottish Business Resilience Center (SBRC), about 4 out of 10 (38 percent) of Scottish firms are ill-prepared for a cyberattack.
The findings of the study conflicted with the fact that two thirds of the sample businesses acknowledged the potential impact of a cyber attack to their operations.
The latest data leak has come in the wake of ransomware attacks that have caused significant mayhem across the UK public sector. Discovery of the leaked data and several compromise points serve as an important warning call to all public stakeholders.
In recent times, Scotland’s Environmental Protection Agency (SEPA) spent about £800,000 in response to a major cyber attack that involved more than 4,000 of its files.
The high profile cyberattack was reportedly orchestrated by the Conti hacker group that locked 1,200 staff from the environmental watchdog’s network in a classic ransomware attack.
As reported by the BBC, the files were leaked by the cybercriminals after SEPA declined to pay the ransom. The published files included contracts, strategy documents and databases that were critical to the organization.
The figures announced on the media painted a rather dramatic cascade of events that have led to SEPA’s massive financial cost in pursuing recovery of its system. For instance, about £458,000 has been spent on fixing the organization’s business IT platform.
Nonetheless, although SEPA has reportedly recovered most of its critical services, such as flooding forecasting, it is estimated that the environmental agency suffered a severe cyberattack that will see it take up the rest of 2021/2022 to fully resolve
