Clop Ransomware Pwns Water Supplier…. Just The Wrong Water Supplier

Clop ransomware has claimed to have breached Thames Water supplier by accessing their SCADA systems, which would give them the ability to cause harm to 15 million customers. However, as Clop published evidence of stolen files, the spreadsheet presented featured South Staff Water and South Staffordshire email addresses. South Staffordshire Water, a company which supplies 330 million liters of drinking water, issued a statement confirming an IT disruption from a cyberattack.


Dr. Darren Williams, CEO and Founder of BlackFog has this to say:

     “With the rise of ransomware as a main attack method, criminals are running rampant to find any vulnerable systems they can take over. Whilst Clop did successfully breach South Staffordshire Water’s systems, they totally missed the mark here, claiming responsibility for a breach that didn’t happen (Thames Water being in South England, and Staffordshire being up North…)

Nevertheless, whilst misidentification of their target is somewhat embarrassing, the very fact that a water board is their latest victim is quite harrowing: severe drought conditions currently preside over the UK, with millions of households facing strict water usage restrictions. Clearly, attackers want to hit us where it hurts the most…

All organizations must remember how crucial it is to secure your environment and prevent data exfiltration at the endpoint if we are to prevent cataclysmic scarcities in our critical infrastructure supply chain.

On a lighter note, we must remember that such attack vectors are not any more dangerous than the usual, just uniquely targeted.”

Even accidentally pwning someone is still pwning someone. And it still has far reaching effects that the victim will still have to deal with.

Leave a Reply

%d bloggers like this: