Question reference: S5W-35882
- Asked by: Finlay Carson, MSP for Galloway and West Dumfries, Scottish Conservative and Unionist Party
- Date lodged: 10 March 2021
-
Current status: Answered by Roseanna Cunningham on 17 March 2021
Question
To ask the Scottish Government what safety measures have been introduced by (a) it and (b) its agencies following the recent cyber-attack that was experienced by SEPA.
Answer
The Scottish Government's Cyber Security Operations Centre continues to proactively monitor the SCOTS network for indicators of compromise related to the SEPA attack. Additional work will be undertaken as necessary to review security arrangements as lessons from the SEPA incident are identified.
In terms of wider public sector, organisations are responsible for their own IT security arrangements. However, the Scottish Government advised public sector organisations on 27 December 2020 to block specific IP addresses associated with this attack. Further recommendations were issued on 8 January to:-
1. highlight phishing guidance and advice on staying safe online,
2. ensure cyber protection technologies were being updated appropriately; and
3. increase vigilance and protective monitoring on all platforms and systems
Any further advice and lessons resulting from the SEPA attack, investigation and recovery will be shared across the public sector organisations by the Scottish Government at the earliest opportunity.