Ransomware Group with a Penchant for Critical Infrastructure Attempts to Extort UK Water Entity

Multiple news outlets reported yesterday that the Cl0p ransomware group was claiming responsibility for a ransomware attack at a UK water utility. While Cl0p actors claim to have access to Thames Water, South Staffordshire PLC set the record straight (for the attackers) in a statement. Cl0p is a notable threat to the water and wastewater sector because it primarily targets critical infrastructure organizations. Prior reports cite that Clop has most targeted the industrial sector, with 45% of its ransomware attacks hitting industrial organizations. This incident fosters food for thought regarding extreme weather conditions and threat actor target selection and seems reminiscent of the ransomware incident at Onslow Water and Sewer Authority (ONWASA) in October 2018 in the wake of Hurricane Florence.