Slovenia’s largest power provider, HSE, has been hit by a ransomware attack that disrupted its business operations and forced it to shut down some of its systems. The attack occurred on Sunday, November 26, 2023, and affected the company’s IT network, email servers, and website1. HSE said that it activated its emergency response plan and notified the relevant authorities. The company also assured that the power supply to its customers was not affected and that it was working to restore its normal operations as soon as possible. The ransomware group behind the attack is believed to be Darkside, a notorious cybercriminal gang that has targeted several high-profile organizations in the past, such as Colonial Pipeline, Toshiba, and Brenntag1. Darkside operates as a ransomware-as-a-service (RaaS) platform, where it provides the malware and infrastructure to other hackers who share a cut of the ransom payments. Darkside is known for stealing data from its victims before encrypting their files and threatening to leak or sell the data if the ransom is not paid. HSE has not disclosed the amount of the ransom demand or whether it intends to pay it1. The company said that it was cooperating with law enforcement and cybersecurity experts to investigate the incident and prevent further damage1. HSE also apologized to its customers, partners, and employees for any inconvenience caused by the attack. This is the latest in a series of ransomware attacks that have targeted critical infrastructure and energy sectors around the world. Ransomware is a growing threat that can cause significant financial and operational losses, as well as reputational damage, to the affected organizations. Therefore, it is important for businesses to implement robust security measures and backup strategies to protect their data and systems from ransomware attacks. Additionally, businesses should also educate their staff on how to recognize and avoid phishing emails and malicious attachments that can deliver ransomware payloads. https://lnkd.in/d859gkNp #industrialcybersecurity #IIoT #IndustrialIoT #SCADA #OTsecurity #NERC #scadahacking #cybersecurity #infosec #hacking #malware #ransomware #vulnerabilities
