Image courtesy 123rf
Schneider Electric has reported a ransomware incident on its Sustainability Business division.
The company said In a statement that the cyberattack impacted division-specific systems, including its Resource Advisor software, which provides energy data monitoring services.
The Resource Advisor platform is used by over 2,000 companies to interpret their energy and sustainability data.
Specifically, Resource Advisor enables customers to centrally manage their ESG, sustainability and energy data, aiming to simplify the process of tracking and interpreting data, reporting and identifying areas of opportunity.
The company stated that its Global Incident Response team was immediately mobilised to respond to the attack, contain the incident and reinforce existing security measures.
Have you read:
Sandworm unveiled as October 2022 Ukraine infrastructure hackers
UK and Australian energy trading portfolios in attempted hack
According to cybersecurity news website BleepingComputer, Cactus Ransomware has claimed responsibility for the attack.
Launched in March 2023, Cactus ransomware sees threat actors breach corporate networks through purchased credentials, partnerships with malware distributors, phishing attacks or by exploiting vulnerabilities.
Once network access is gained, explains BleepingComputer, they quietly spread to other systems while stealing corporate data on servers.
The incident comes as cybersecurity in the energy sector is increasingly recognised as a key priority in need of higher levels of safeguards.
Both for third party software and service providers as well as utilities, attacks have been on the increase across the sector.
According to International Energy Agency commentary, cyberattack trends pose “an unprecedented threat to critical infrastructure, such as electricity systems.”
The IEA adds that as utilities increasingly use digital tech to better manage infrastructure, risks abound.
Digital systems, telecommunication equipment and sensors throughout the grid increase utilities’ exposure, as each element provides an additional entry point for cybercriminal organisations.