Energy (Includes Power and Utilities)

Industry

Ukranian Oil and Gas Company Naftogaz Hit by Cyberattack

January 25, 2024

State-owned critical infrastructure companies in Ukraine fell victim to cyberattacks on Thursday, with the largest oil and gas company, Naftogaz, being among the targets. The cyber assailants targeted Naftogaz’s data center, leading to the complete inactivity of the company’s website and call centers.

As of the latest update, specialists from Naftogaz are actively working to resolve the incident, promising further comments on the nature of the attack. Naftogaz, a cornerstone of Ukraine’s energy industry employing 100,000 people and supplying gas to over 12 million households, faces a critical situation, and the motive and identity of the attackers remain unclear.

read more

Cyberattack at Macedonian Electricity Transmission Operator (MEPSO)

March 7, 2024

The Electricity Transmission System Operator of the Republic of North Macedonia (MEPSO) said it is dealing with a cyberattack, but stressed in a press release Thursday that the integrity of the power grid and the supply of electricity have not been threatened.

The state-owned company said its critical energy infrastructure was not the target of the attack and it remains secure and fully functional.

read more

Ransomware Attack at German PSI Software, Critical Infrastructure Vendor

February 15, 2024

PSI Software SE, a German software developer for complex production and logistics processes, has confirmed that the cyber incident it disclosed last week is a ransomware attack that impacted its internal infrastructure. The IT systems and the extent of the impacts are currently being checked.

The company operates at a global level with a staff of more than 2,000 and specializes in software solutions for major energy suppliers.

read more

Natanz and Fordo Facilities closed down “Automation Network” after New Worm Targeted Iran’s Nuclear Program

July 1, 2010

Two of Iran’s uranium-enrichment plants were struck by a cyberattack earlier this week that shut down computers and blared AC/DC songs, according to reports from Bloomberg News and others. The virus closed down the automation network at the Natanz and Fordow facilities, according to an e-mail received by F-Secure, a Finnish cybersecurity Web site, from Iran’s Atomic Energy Organization.

F-Secure Security Labs said that while it was unable to verify the details of the attack described, it had confirmed that the scientist who reported them was sending and receiving the e-mails from within Iran’s Atomic Energy Organization.

read more

Virun Infection in turbo Control System at US Electric Utility

October 1, 2012

In early October 2012 a power company contacte ICS-CERT to report a virus infection in a turbine control system which impacted approximately ten computers on its control system network. 10 plant PCs were infected by Mariposa malware variant, transmitted through a USB stick. Occurred during scheduled shutdown for maintenance.

read more

Attack on Kyiv Power Substation Shut Down Remote Terminals

December 17, 2016

The attack on the Pivnichna transmission facility shut down the remote terminal units that control circuit breakers. Oleksii Yasynskyi, head of research for Information Systems Security Partners in Ukraine, said the attackers belonged to several different groups that worked together. Among other things, they gathered passwords for targeted servers and workstations and created custom malware for their targets. Sandworm suspected in deploying Industroyer (also: CrashOverride) malware, by exploiting a vulnerability in Siemens SIPROTEC relays.

The hack was less severe than the one used in the 2015 attack, which rendered the devices inoperable and prevented engineers from remotely restoring power.

read more

Targeted Cyberattack on Ukranian Critical Energy Infrastructure Facility

September 5, 2023

The Computer Emergency Response Team of Ukraine (CERT-UA) recorded on Tuesday a targeted cyber attack against a critical energy infrastructure facility in the country. The advisory added that the described activity is carried out by the Russian state-sponsored APT28 hacker group. The agency confirmed that they were able to prevent any intrusion.

read more

Iranian Oil Terminals Offline after Malware Attack

April 22, 2022

Iran has been forced to disconnect key oil facilities after suffering a malware attack on Sunday, say reports.

The computer virus is believed to have hit the internal computer systems at Iran’s oil ministry and its national oil company. Equipment on the Kharg island and at other Iranian oil plants has been disconnected from the net as a precaution. Oil production had not been affected by the attack, said the Mehr news agency. However, the attack is believed to have been responsible for knocking offline the websites of the Iranian oil ministry and national oil company.

read more

Renewable Energy Company hep global Target of Cyberattack

June 5, 2023

hep global GmbH recently became the target of a cyber attack. This was detected immediately. Cooperating closely with authorities and external IT security experts, hep was able to ensure business continuity. The investigation into the cyber attack is still ongoing.

Darkrace ransomware group has claimed responsibility for the hep Global data breach, listing the German renewable energy company as its latest victim

read more

Cyberattack at Electricity Supply Company in Peru

April 17, 2023

The electricity supply company Sociedad Eléctrica del Sur Oeste (SEAL), in Arequipa, suffered a cyber attack this Monday, April 17. In response to this, the entity reported that the customer service area, virtual channels, collections and parts table; They were suspended until further notice.

SEAL general manager Paul Rodríguez indicated that those who carried out the attack sought to capture and retain information. However, the security system in place did not allow this.

read more