Image: Andy Mabbett/Creative Commons
Hacking. Disinformation. Surveillance. CYBER is Motherboard's podcast and reporting on the dark underbelly of the internet.
As proof, the hackers dumped the company’s internal data, which included screenshots that appeared to show interfaces used to control the water supply.Now, security researchers who specialize in industrial control systems cybersecurity (ICS) and who have analyzed the data published by Cl0p think the gang could potentially have interfered with the systems of South Staff Water (SSW), a UK water supply provider. “They appear to have had sufficient access in the environment to conduct further operations in the environment, if desired,” Mark Plemmons, senior director of threat intelligence at the ICS cybersecurity company Dragos, told Motherboard in an email. “Two separate images serve as evidence of Cl0p’s claim of access to SSW’s operational technology (OT) and appear to be genuine screenshots of an Opus SCADA Master station Human Machine Interface (HMI) taken two days after the start of Cl0p’s data exfiltration,” Plemmons added.SCADA, or Supervisory Control and Data Acquisition, is a system that comprises graphical interfaces to control and monitor machines and processes in an industrial environment.
The hackers who are part of Cl0p said that “yes, there was access, but we made only screenshots.”“We do not harm people and treat critical infrastructure with respect,” the hackers wrote in an email to Motherboard. “We didn’t really go into it because we didn’t want to harm anyone.”
Advertisement
Do you have information about ransomware attacks or ransomware groups? We’d love to hear from you. You can contact Lorenzo Franceschi-Bicchierai securely on Signal at +1 917 257 1382, Wickr/Telegram/Wire @lorenzofb, or email lorenzofb@vice.com
Advertisement