Sheppard Robson Suffers Ransomware Attack by Donut Leaks Group

Sheppard Robson, a prominent UK-based architectural firm, recently fell victim to a ransomware attack orchestrated by the Donut Leaks group. This incident was publicly disclosed by the firm on August 4, 2022, via a LinkedIn announcement. As the fifth largest architectural practice in the UK, Sheppard Robson employs 374 staff across its offices in Manchester, Glasgow, and London. The firm is well-regarded in the construction sector for its commitment to innovative and sustainable design solutions.

The cyberattack led to the disconnection of the company's systems from the internet, forcing Sheppard Robson to undertake measures to regain access to its servers. Despite the attackers' demands for a ransom, Sheppard Robson chose not to comply and instead reported the incident to law enforcement. This situation underscores the escalating threat of cyberattacks in an era where businesses increasingly adopt hybrid working models, thereby intensifying the demands on cybersecurity frameworks.

The Modus Operandi of Donut Leaks

The Donut Leaks group, notorious for its data extortion schemes, has been implicated in several recent ransomware attacks targeting entities such as the Greek natural gas company DESFA, UK architectural firm Sheppard Robson, and the multinational construction company Sando. The group is reported to have leaked around 2.8 TB of data stolen from these organizations. It remains ambiguous whether Donut Leaks employs ransomware in its operations or if its activities are exclusively centered around data extortion.

Implications for Cybersecurity in Hybrid Work Environments

The susceptibility of Sheppard Robson to this ransomware attack can be partly attributed to the firm's increased reliance on digital infrastructures and the inherent challenges of upholding stringent cybersecurity measures in a hybrid work setting. Despite possessing government-endorsed security protocols and certifications, the firm's defenses were breached, highlighting the sophisticated nature of modern cyber threats.

This incident acts as a cautionary tale for businesses, emphasizing the importance of maintaining vigilance against cyber threats and establishing comprehensive strategies for mitigating and recovering from potential cyberattacks.

Sources

• "Ransomware Attack on UK-based Architectural Firm Sheppard Robson" - LinkedIn
• "Understanding Ransomware Attacks in the Construction Sector" - Canadian Centre for Cyber Security
• "Hybrid Work and Cyber Security Challenges" - National Institute of Standards and Technology