Energy (Includes Power and Utilities)

Industry

Karlsruhe Public Utility Company Claims to Successfully Fend Off Cyberattack.

February 1, 2023

Hackers have managed to break into the Karlsruhe public utilities network. The perpetrators are said to have read passwords and spied out other data. The Karlsruhe public utility company claims to have successfully fended off the cyber attack.

The attackers successfully broke into the computer of a high-ranking municipal utility employee on February 1st and searched the system for hours. This was apparently preparations for a ransomware attack, as the criminals left a note mentioning a three-digit million sum. The Karlsruhe public utility company confirms the attack to Spiegel, but claims that its supply-related IT was not affected. According to a company spokesman, the malware was unable to spread. The separate systems of the critical infrastructure were also not infiltrated. There was no encryption by ransomware.

read more

Filstal Energy Supply (EVF) Affected by DDoS Attack on IT Supplier

March 13, 2023

The Filstal energy supply (EVF) has been struggling with IT problems for several days. The cause is said to be DDoS attacks on their IT service provider imos. “Unfortunately, since March 13th, there have been recurring temporary restrictions and even outages of our services,” says the Göppingen IT service on March 27..

read more

German Biogas Register Offline Due to Cyberattack

May 26, 2023

The hosting service provider of the German Energy Agency Dena has fallen victim to a ransomware attack. This led to a failure of the biogas register. All systems were immediately switched off.

Dena has decided to set up the biogas register system on the servers of another external data center operator. “This serves as a safeguard in case the existing server structure could no longer be used,” it says.

read more

German Hochsauerland Water and Energy Utilities Ward off Consequences of Cyberattack

October 5, 2023

The utilities HochsauerlandWasser and HochsauerlandEnergie were hit by a hacker attack. Customer service “out of operation” for several days. The monthly payments for drinking water, electricity and natural gas deliveries due in October will be collected at a later date.

Neither the supply of drinking water nor the supply of electricity and gas were affected or endangered by the hacker attack at any time.

read more

Largest Recorded Cyberattacks at Danish Energy Infrastructure

May 11, 2023

This past May, Danish critical infrastructure suffered the most extensive cyber-related attack it ever experienced in Denmark to date. In all, 22 companies that operate parts of the Danish energy infrastructure ended up compromised in a coordinated attack, according to a report by SektorCERT. The result was the attackers gained access to some of the companies’ industrial control systems and several companies had to go into island mode operation.

The attacks began on May 11, followed by 10 days of inactivity. A second wave of attacks began on May 22 when SektorCERT received an alert that one of its members had downloaded new firewall software over an insecure connection. Whether the attack came from servers associated with a unit of Russian military hackers popularly known as Sandworm cannot be said with certainty. Individual indicators of this have been observed, but we have no opportunity to neither confirm nor deny it, states the SektorCERT report.

read more

Russian Sandworm Behind Operational Disruption of Ukraine Energy Facility in October 2022

October 1, 2022

According to Google-owned US cybersecurity firm Mandiant, Russia-linked hacking group Sandworm were behind hacks on Ukraine energy infrastructure during the October 2022 blackouts. The attack is a rare example of a cyber incident disrupting the physical operation of a targeted facility, according to Mandiant. The techniques used during the attack show a growing maturity of Russia’s operational technology-oriented offensive cyber capabilities and overall approach to attacking such systems, Mandiant said.

read more

MOVEit Hack affects US Waste Isolation Plant in NM

June 15, 2023

The Department of Energy “took immediate steps” to mitigate the impact of the hack after learning that records from two department “entities” had been compromised, the department spokesperson said. “The Department has notified Congress and is working with law enforcement, CISA, and the affected entities to investigate the incident and mitigate impacts from the breach,” the spokesperson said in a statement.

One of the Department of Energy victims is a contractor affiliated with the department’s Waste Isolation Pilot Plant in New Mexico, which disposes waste associated with atomic energy. The other victim is Oak Ridge Associated Universities, a not-for-profit research center, a department spokesperson told CNN.

read more

MOVEit hits US Department of Energy Research Universities in TN

June 15, 2023

The Department of Energy “took immediate steps” to mitigate the impact of the hack after learning that records from two department “entities” had been compromised, the department spokesperson said.

“The Department has notified Congress and is working with law enforcement, CISA, and the affected entities to investigate the incident and mitigate impacts from the breach,” the spokesperson said in a statement.

One of the Department of Energy victims is Oak Ridge Associated Universities, a not-for-profit research center, a department spokesperson told CNN. The other victim is a contractor affiliated with the department’s Waste Isolation Pilot Plant in New Mexico, which disposes waste associated with atomic energy, the spokesperson said.

read more

Norwegian Energy Company Investigating Cyberattack at Brazil Subsidiary

February 15, 2023

Norwegian energy services company Aker Solutions said a subsidiary company in Brazil has been subjected to a cyber attack on its IT systems.Aker Solutions said it does not yet know the full extent of the situation, and that a dialogue is being established with the authorities in Brazil about the incident.

In addition, its global IT organisation is working to resolve the situation with external expertise. “The attack is currently directed at CSE, and the attackers claim that they have entered the IT systems, encrypted digital files and locked access to data,” said the company, led by chief executive Kjetel Digre.

CSE is a fully-owned Aker Solutions subsidiary with 450 employees in Brazil. Its main business is providing maintenance and modifications services to oil and gas installations offshore Brazil.

read more

Encino Energy Says Operations Not impacted by Cyberattack

February 27, 2023

Major U.S. private natural gas and oil producer Encino Energy has disclosed that its operations were not impacted by a cyberattack, which it has already remediated, days after it was added by the ALPHV ransomware operation, also known as BlackCat, to its data leak site, reports The Record. Encino Energy spokesperson Jackie Stewart would not say if the cyberattack was a ransomware incident, if the company paid a ransom or if it had examined the 400GB of data on ALPHV’s site. The post by the cybercrime group does not mention a dollar figure or a deadline for payment.

ALPHV had exposed 400 GB of data claimed to be stolen from Encino Energy, which is Ohio’s primary oil producer, but company spokesperson Jackie Stewart refused to confirm the nature of the cyberattack and whether the demanded ransom was paid, as well as the veracity of the data leaked by the ransomware group.

Such an attack against Encino Energy comes after the ransomware gang’s intrusions against two Luxembourg-based energy firms, as well as German oil companies Mabanaft and Oiltanking.

read more