This comment was posted today on my post of 27 January about the Woodland Trust website being hacked and I reproduce it here because I think it’s interesting (and sounds plausible);
It’s the same virus that hit SEPA (see https://www.sepa.org.uk/about-us/cyber-attack/), who to be honest are being a lot more forthcoming with informing the public about it. Both attacks are very likely to be part of the international Solarwinds exploit (https://en.wikipedia.org/wiki/SolarWinds#2019%E2%80%932020_supply_chain_attacks).
If you look into it, you’ll find quite a few UK public institutions were hit during the attack. Neither the WT nor SEPA (or any other targets, as far as I know) have received any demand for ransom, despite similarities between the software tools used by the attackers and those used by conventional data ransomers.
The Solarwinds hack is the single biggest incident of cybercrime / espionage to date, and both these organizations really are small fry compared to some of the central government bodies that were also hit.
That’s not to say that data belonging to SEPA and the Trust, including personal and employee data, hasn’t been compromised and copied to unknown servers, because that’s (part of) what’s happened – for certain with SEPA, most likely with the Trust as well. It’s just to say that the motivations for the theft weren’t necessarily financial or ideological, and many other organizations are also affected.
[registration_form]