SCOTLAND'S public bodies and educational institutions have been hit by dozens of cyber attacks in the last three years, figures show.

The Scottish Government said it has been notified of 27 separate attacks since a reporting system was launched in December 2017.

Scotland's environmental watchdog previously said it could take more than a year to fully recover from a devastating attack it suffered on Christmas Eve.

The Scottish Environment Protection Agency (Sepa) had thousands of digital files stolen by hackers, which were then published on the internet.

The public body spent nearly £800,000 responding to the incident.

Scottish Tory MSP Tess White said the public would be "alarmed" at the latest figures.

She said: “There is absolutely no room for complacency on this issue from the Scottish Government.

"The public will be alarmed that such a significant number of cyber-attacks have taken place against public bodies in recent years.

“The SNP-Green Government must ensure that every robust measure is in place going forward to ensure key infrastructure systems are safe from skilled hackers.”

The figures were published following a written question submitted by Ms White in Holyrood.

She asked the Scottish Government, in light of the cyber attack on Sepa in December 2020, whether it was aware of any other cyber attacks on public bodies in the last three years.

In response, Deputy First Minister John Swinney said the Government "works closely with Scottish public sector bodies in improving their cyber resilience capabilities".

He said: "As a consequence of this work, in December 2017, we introduced a reporting system for public sector bodies to notify the Scottish Government, Police Scotland and the National Cyber Security Centre of serious cyber incidents with the purpose of providing as much support to those affected as quickly as possible.

"During the last three years we have been notified of 27 separate attacks, some of which have been in the public sector or educational institutions."

Asked by The Herald, the Government said it could not disclose which public bodies were affected by the attacks.

A spokesman said: “In the last three years we have been informed of 27 public sector cyber security incidents with the majority not being regarded as serious enough to require national coordinated support.

"We continue to work closely with Police Scotland and the National Cyber Security Centre to ensure Scotland is resilient to cyber threats.

“In the public sector, we have a cyber-incident notification process with Police Scotland and the NCSC to provide support and share threat intelligence, where required.”

Terry A'Hearn, chief executive of Sepa, previously told the BBC it is now building a new IT system from scratch.

He said:  "As the police have said, Sepa isn't an organisation that was poorly protected.

"We were accredited to the government standard, and we'd actually taken extra steps beyond that to put some protections in."

He added: "We had reform aims anyway, so we were going to build a new IT system progressively over five or six years.

"This is an opportunity we didn't want provided by criminals, but we've decided to fast-track that and will build that in one or two years rather than five or six years."

Mr A'Hearn said the cyber attack on Sepa was so severe it no longer knew who it employed.

He told the BBC: "I said to our chief financial officer – we normally pay around the end of the month – and I said have we paid people?

"And he said we always bring the payment forward before Christmas so we have.

"And I said, so we've got a month to work out how to pay people in January, and someone said well, we've got a month to work out who works for us."

Sepa refused to pay a ransom and more than 4,000 stolen files were published online.

A Police Scotland investigation into the attack is ongoing.

Detective Inspector Michael McCullagh previously said: "The actions of the criminals behind this crime show a blatant disregard for public safety, evident in this sickening attack on an organisation like Sepa.

"This type of crime and its impacts can be significant.

"I would urge caution in the viewing and downloading of any data published by cyber criminals.

"The likelihood of those files being infected and making you their next victim is high."