 ransom to restore its systems. Details of the attack and payoff were revealed in a successful employment tribunal case brought by Edmund Witney, Sterling's former IT manager who was wrongly fired over the incident. The cyber criminals forcibly encrypted, or scrambled, Sterling's networks before demanding the ransom to undo the damage they caused. Documents shown to Watford Employment Tribunal suggested that two weeks after paying off the criminals, Sterling had restored '99pc' of its data - but at a total cost of nearly £87,000 once legal fees and 'breach reporting' services were paid for. No information about the criminals' identities was disclosed in the tribunal's judgment, which was handed down earlier this year. Ransomware mainly comes from Russian cyber gangs such as the Clop organisation, which recently went on a spree that saw hundreds of thousands of Britons' data stolen from the BBC, British Airways, Boots and tens of other companies. Both Sterling and the MoD were approached for comment. The ransomware attack comes to light as the MoD is poised to unveil its flagship 'secure by design' initiative this month in the hope of convincing suppliers and commanders alike to take cyber security seriously. Christine Maxwell, a director of cyber security with the ministry, said in May: 'Cy){kind=link}
Supplier to British fleet was hit by ransomware at height of lockdown
A company that makes vital equipment for the Royal Navy fleet paid off cyber criminals who attacked it with ransomware at the height of lockdown.
Hackers carried out a “devastating” cyber assault in July 2020 against Ministry of Defence supplier Sterling Thermal Technologies, which produces parts for Britain’s surface and submarine fleets.
The revelation comes as the MoD prepares to launch a new “secure by design” approach for its suppliers to stop them treating cyber security as something to be “bolted on at the end of a programme”.
Sterling, which makes heat exchangers for most of the Navy’s frontline vessels including aircraft carrier HMS Prince of Wales, paid a $6,000 (£4,600) ransom to restore its systems.