Download PDF version Contact company
Related Links

Stephen Robinson, Senior Threat Intelligence Analyst at WithSecure, comments on the Schneider Electric ransomware attack, says, “The attack on Schneider Electric follows a trend of cyberattacks against the energy sector."

He adds, "The energy sector is a popular target for ransomware due to playing a vital role in society's daily functioning – disruption can have far-reaching consequences. Schneider Electric themselves were victims of Lockbit's MoveIT ransomware campaign in 2023, so it is concerning to see them compromised again so soon."

Leveraging data

Stephen Robinson continues, "Energy companies hold huge amounts of PII which not only has value on the dark web but is excellent leverage for cyber attackers when demanding a ransom."

He said, "In addition to this, it was Schneider Electric's Sustainability Business enterprise consulting arm that was compromised. Its customers include mega-companies such as Hilton, Pepsico, and Walmart, and they likely hold sensitive data belonging to these companies."

Cactus ransomware brand

TTPs follow the standard ransomware playbook, making use of well-known tooling and methods"

Stephen Robinson adds, "Schneider Electric is yet to confirm if the Cactus ransomware brand was responsible for the attack, and they have not as yet been listed on the group's leak site, however, Cactus has become increasingly active in recent months."

He continues, "They are a multipoint extortion group that first appeared in March 2023, and their TTPs follow the standard ransomware playbook, making use of well-known tooling and methods. During multiple of their initial attacks in 2023, Cactus gained access to victim networks via vulnerable VPN gateways, often Fortinet VPN instances."

Risk assessments

Stephen Robinson concludes, "The energy sector and other, similar Critical National Infrastructure (CNI) will continue to be a regular target for cyberattacks, especially with the current, heightened geopolitical tensions. In its Annual Review, the UK NCSC warned about the increasing threat towards CNI."

He further said, "Therefore, energy organizations must invest in regular risk assessments and advanced security measures to minimize their attack surface.

Download PDF version Download PDF version

Related videos

Join The Biggest Hour For Earth

Join The Biggest Hour For Earth
Unveiling Wavestore 6.36: Elevate The Security Experience

Unveiling Wavestore 6.36: Elevate The Security Experience
Hikvision Introduces CGSA-Access Control And Functions

Hikvision Introduces CGSA-Access Control And Functions

In case you missed it

Comprehensive K12 Security
Comprehensive K12 Security

For K12 education pioneers, embarking on a journey to upgrade security controls can present a myriad of questions about finding the best-fit solutions and overcoming funding hurdle...

Choosing The Right Fingerprint Capture Technology
Choosing The Right Fingerprint Capture Technology

Choosing the appropriate fingerprint technology for a given application is dependent on factors including the required level of security and matching accuracy, the desired capabili...

How Do New Security Technologies Transform Retail And Loss Prevention?
How Do New Security Technologies Transform Retail And Loss Prevention?

When it comes to preventing theft and ensuring overall safety, technology offers a robust toolkit for retail stores to enhance security in several ways. From intelligent surveillan...

Featured white papers
Multi-Residential Access Management And Security

Multi-Residential Access Management And Security

Download
Guide For HAAS: New Choice Of SMB Security System

Guide For HAAS: New Choice Of SMB Security System

Download
Precision And Intelligence: LiDAR's Role In Modern Security Ecosystems

Precision And Intelligence: LiDAR's Role In Modern Security Ecosystems

Download
Hikvision: Solar Powered Product Introduction + HCP

Hikvision: Solar Powered Product Introduction + HCP

Download
Facial Recognition

Facial Recognition

Download
More corporate news
First Response Group Announces Appointment Of New Group Operations Director

First Response Group Announces Appointment Of New Group Operations Director
Arrow Electronics Expands Centre Of Excellence In Egypt For Next-Gen Automotive Capabilities

Arrow Electronics Expands Centre Of Excellence In Egypt For Next-Gen Automotive Capabilities
Thibaut Galland Appointed Chief Operating Officer (COO) Of The Vitaprotech Group In The UK

Thibaut Galland Appointed Chief Operating Officer (COO) Of The Vitaprotech Group In The UK
Featured products
Verkada TD52 Cloud-Based Video Intercom

Verkada TD52 Cloud-Based Video Intercom
Climax Technology TouchPanel-3 7” Color Graphic Touchscreen Panel

Climax Technology TouchPanel-3 7” Color Graphic Touchscreen Panel
Eagle Eye Networks 911 Camera Sharing Gives Instant Access To Security Cameras

Eagle Eye Networks 911 Camera Sharing Gives Instant Access To Security Cameras