Energy (Includes Power and Utilities)

Industry

DDOS Hacktivist Attack at Quebec’s Power Utility

April 13, 2023

A pro-Russian hacking group has claimed responsibility for a cyberattack against Quebec’s state-owned electricity provider. Hydro-Québec said on Thursday it was hit with a denial-of-service attack at approximately 3 a.m. ET and was working to try to get its website up and running again. Hydro-Québec’s website, app and Info-Panne website for verifying power outages went offline.

“No critical Hydro-Québec systems were attacked and users’ personal data was not compromised,” said Philippe Archambault, head of media and government affairs for the utility. He said the cybersecurity team is working on restoring service.

“This is not a case of hacking and getting access to the information at the back end, at least not at this time, not with this type of tech,” Waterhouse said. “It’s really just to protest against Canada’s involvement with Ukraine.”

read more

Qullig Energy Corporation Servers in Nunavut Territory Hit by Wide-ranging Cyberattack

January 15, 2023

A wide-ranging cyberattack on the Qulliq Energy Corporation (QEC) in Canada’s Nunavut territory has crippled the company’s administrative offices. Officials with the company said the attack started on January 15 and while power plants are still operating normally, computer systems at the corporation’s customer care and administrative offices are unavailable.
The company cannot accept bill payment through credit cards but customers can pay using cash or through bank transfers. Customers are warned to watch their bank and credit card accounts regularly for unusual activity. They are also being told to consider changing personal passwords for sensitive applications such as email and online banking.

read more

A Year After Devastating Ransomware Attack, Electric Utility Company NV GEBE is Still Recovering

March 16, 2022

On March 12, 2022 NV GEBE, its customers, and the entire St. Maarten community faced a devastating ransomware attack. As a result of the hack, the entire customer database, financial data and other business data was encrypted. GEBE closed its doors temporarily on March 17.

A year later it is reported that NV GEBE has been steadily rebuilding its customer databases and billing systems. These processes have required more time than initially anticipated because of the complexity and intricate attention to detail required.

read more

Cyberattack at Czech Institute of Nuclear Research Did Not Threaten Reactor Operations

December 12, 2022

The Institute of Nuclear Research Řež was attacked by a hacker group. It only attacked economic systems, which caused, for example, a delay in sending wages. The technological systems remained intact, the operation of the reactors was not threatened by the attack.

Hackers penetrated the institute’s internal system using the Ransomware program, which blocks the computer system and encrypts the data stored in it. It demands a ransom from the user for data recovery.
Zdroj: https://www.idnes.cz/zpravy/domaci/ustav-jaderneho-vyzkumu-kyberutok-hackeri.A221207_135851_domaci_vajo

read more

Large Australia Energy Provider Hit by a “Cyber Incident” Impacting Small Percentage of Customers

November 30, 2022

One of Australia’s largest energy providers has been hit by a “cyber incident” as a wave of data breaches impact big companies across the nation. AGL reported “elevated levels of suspicious activity” on its “My Account” platform on December 1. 9News understood a small percentage of customers – about 6000 – have been impacted. “Based on current analysis it appears malicious actors have used stolen credentials acquired externally (such as usernames and passwords used elsewhere by customers) to log into a number of customer accounts,”

read more

Cyberattack at Eesti Energia, Estonia

November 19, 2022

The website and online channels of state electricity generator Eesti Energia and some of its related companies are offline following a large-scale denial of service attack thought to have been conducted by pro-Kremlin hackers. The attack has affected Eesti Energia’s site and mobile app, and also grid maintenance firm Elektrilevi’s website, and its MARU mobile app, ERR reports.

At a little before 10.15 a.m. Saturday morning the State Information System Authority (RIA) discovered that the online services of five Estonian companies had started malfunctioning, including those of Eesti Energia. “Due to these attacks, in addition to the Eesti Energia’s site, websites included those of Elektrilevi and [Eesti Energia subsidiary] Enefit Green.” The incidents coincided with similar and simultaneous attacks on key sites in Latvia, Poland and Ukraine.

read more

Systems at German Wind Turbine Servicing company Windtechnik Targeted

April 11, 2022

On April 11 systems of Deutsche Windtechnik, a German wind turbine servicing company, were targeted by a cyberattack. The company was able to reactivate the remote data monitoring connections to the wind turbines after 1-2 days. The system had been switched off for security reasons. “We are very happy that the wind turbines that we look after did not suffer any damage and were never in danger. Deutsche Windtechnik’s operational maintenance activities for our clients resumed again on April 14 and are running with only minor restrictions. We were able to assess all IT systems in a secure environment and to identify and isolate the problems.” the company stated on their website.

The company disclosed that the attackers used ransomware only after Black Basta added Windtechnik to their victim list, which is posted on their Tor site.

read more

Third-Party Attack Hits Hitachi Energy

March 17, 2023

Hitachi Energy fell victim to an unauthorized access to employee data in some countries after an attack by the Clop ransomware group that leveraged a Zero Day vulnerability in a third-party software provider, Fortra GoAnywhere MFT (Managed File Transfer), company officials said.
The vulnerability exploited in the attack is CVE-2023-0669, a remote code execution flaw disclosed by Fortra on February 1, after attacks exploiting it were detected. The company issued a patch a week after discovery.

read more

Ransomware Attack at Electric Company of Ghana Left Customers Without Power for Days

September 26, 2022

Customers of the largest electricity seller in Ghana have been unable to buy power and others have had their power off for days. Hackers have changed the source code and taken control of parts of the Electricity Company of Ghana (ECG) server. The situation is widespread and has left both domestic and commercial customers stranded. It is not known yet how the hacker or hackers got access to the ECG servers.

Mr Charles Nii Ayiku Ayiku, General Manager in charge of external communications at the ECG told Ghana Business News on September 30, that the ECG has stabilized its district offices and they are able to sell power to consumers. The systems for third-party vendors however, he says are still unstable. ECG has extended its working hours to ensure that all customers who have been affected by the situation can buy power.

Ten operational regional areas of the ECG in the Volta, Kumasi, Accra, Takoradi, Tema, Cape Coast, Kasoa, Winneba, Swedru, Koforidua, Nkawkaw, and Tafo were all affected, according to a statement issued by the ECG.

read more

Entire System of Global Energy Provider ista International Hacked in Two Days

August 1, 2022

ista International GmbH announced a cyber attack on its website. All affected IT systems were initially taken offline, resulting in various functions and services being unavailable. The company’s customer portal and email functionality are switched off. ista asks to refrain from contacting them. “We will inform them immediately via our website when the contact options are available again .. you will temporarily be limited or unable to use certain functions and services.”

ista describes the company: “..we already have 400,000 gateways in use for our customers that link over 25 million connected devices to each other”. Daixin Team states they went through one of those gateways and took control of the entire system in two days.

ista International takes care of about 30 million networked devices in 22 countries in the field of sub-metering.

read more