One of Slovenia’s major power providers, HSE, has recently fallen victim to a significant cyberattack.
The security and control system, along with the fire alarms, were breached by the criminal who caused significant damage.
It has been reported that the attack was carried out by the Ransomware gang, which resulted in the encryption of files and rendered them inaccessible to the rightful owners.
Is Your Storage & Backup Systems Fully Protected? – Watch 40-second Tour of SafeGuard
StorageGuard scans, detects, and fixes security misconfigurations and vulnerabilities across hundreds of storage and backup devices.
Timeline of Incidents
The IT systems’ control functionalities have been successfully restored by the organization.
Between November 22nd and 25th, an incident occurred. However, I want to assure you that it did not impact the production or supply of electricity.
“Key power station operation and trading systems are operational, the connection to the national grid operator has been restored and there are good prospects that a smooth operation of the entire communications and IT infrastructure will be restored without major negative consequences,” HSE said on 27 November.
It has been reported in the media that there were issues with a high water level alarm system and the ability to trade electricity, which are both crucial activities of the company, besides generating electricity. However, the company has denied such reports and clarified that there were no temporary disruptions in these functions.
According to the HSE director general, Tomaž Štokelj, the recent cyber attack did not cause any disruption to the electricity trading and outgoing services. However, as a precautionary measure, there were slight changes made to the execution of individual transactions.
As per the latest reports, the attackers have demanded a ransom of 1 million Euros from the company. Fortunately, there has been no new development in the situation, and the incident has not affected other sectors.
However, the company is still reeling from the financial impact of the attack, which is significant. We will keep you updated on any further developments.
HSE is actively addressing the issue with the help of both internal teams and external specialists. As energy is classified as critical infrastructure, the police and the National Security Council have been notified of the situation.
In response to the news, please see below comments from Ryan McConechy, CTO of Barrier Networks:
“When critical national infrastructure organizations suffer a cyberattack, there is a strong possibility they will disconnect the services they provide into society, which can have devastating effects on citizens”.
He also recommended industrial “organizations have visibility across their assets and have implemented segmentation, they must then run a regular security programme where they monitor for threats, run scheduled patch updates, and practice incident response training to help minimise risks”.
Experience how StorageGuard eliminates the security blind spots in your storage systems by trying a 14-day free trial.
.webp "New Wavestealer Spotted in Wild Stealing Login Credentials & Credit Card Data"){kind=small}
