Amey targeted in cyber-attack

“The incident was addressed promptly, and we have been working with world-leading cyber-security experts throughout this incident and continue to work with clients to keep any disruption to a minimum.

“This incident has not impacted our Amey Defence IT environment (and Amey Defence data is stored separately in the Defence IT Environment).”

Security news specialist, Security Report stated that the group behind the breach, Mount Locker, began leaking data on its website on Boxing Day.

Ray Walsh, digital privacy expert at ProPrivacy, said: “This attack is the latest in a string of ransomware attacks on international infrastructure providers – including Bouygues, which was hit earlier in 2020. These attacks reveal that vital infrastructure providers have become a key target for cybercriminals seeking to use ransomware to defraud large sums of money.

“According to data forensic experts, the Bouygues attack was carried out by a cybercriminal group called Maze – whereas the recent Amey attack has been attributed to a hacking collective known as MountLocker. What is interesting is that Maze recently claimed to have stopped its operations. However, those hackers are considered a primary influence behind Mount Locker’s attack style, which could signal a link between the hacking groups that has yet to be uncovered.

“It will now be down to cyber-security and data forensic experts – including the UK’s National Cyber Security Centre – to look closely at the attack in an attempt to discover digital fingerprints that can shed light on the true nature of the perpetrators, as well as any links between the sophisticated attacks.”