A quick reaction thwarted a ransomware attack on a significant energy organization of Queensland last weekend. The corporate network of Brisbane-based CS Energy was targeted by hackers on Saturday, November 27th. The attack could easily disrupt the energy supply of millions of corporations and residences.
The damage was confined to a few disrupted email systems by the IT workers of CS Energy, who instantly segregated the internal networks from the company’s networks. Media investigations and research suggest that the cybercriminals were away by only 60 minutes from accessing the critical networks of the organization.
According to the Australian newspaper, The Daily Telegraph, China was behind this attempted ransomware attack.
— Stilgherrian (@stilgherrian) December 9, 2021
The declarations by News Limited emerged to be unfounded, thank to CS Energy, who emerged on a leak site and listed targets of the Conti ransomware run by the Wizard Spider Group for double extortion.
According to the statement made by US Cybersecurity and Infrastructure Security Agency in September, the group uses the RaaS model. But, it pays a wage to the deployers of the ransomware instead of paying the affiliates a cut.
According to the CEO of CS Energy, Andrew Bill:
“Unfortunately, cyber events are a growing trend in Australia and overseas,”
“This incident may have affected our corporate network, but we are fortunate to have a resilient and highly skilled workforce who remain focused on ensuring CS Energy continues to deliver electricity to Queenslanders.”
He further stated that the attack was explicitly known to be a ransomware attack. However, it did not affect the generation of electricity at the power stations of Kogan Creek and Callide.
Bills declared that they took the issue quite seriously and said:
“Upon becoming aware of the incident, we took immediate preventative action to contain the corporate network and maintain security to our other networks.”
He further notified that the National Electricity Market of Australia is designed in such a way as to provide adequate power generation to meet consumer demand even with unforeseen generators and transmission lines outages.
The director of NSA’s cybersecurity said that the hacking group has targeted crucial infrastructure before.
According to the Director of National Intelligence (DNI)’s office in Washington DC, China has significant cyberattack abilities and is a major cyber-espionage threat to the United States.
The latest report by DNI says:
“China’s cyber-espionage operations have included compromising telecommunications firms, providers of managed services and broadly used software, and other targets potentially rich in follow-on opportunities for intelligence collection, attack, or influence operations”
According to the Thursday report by The Daily Telegraph, the cyberattacks were close to closing down the power stations of Callide and Kogan Creek, which was thwarted when the operational network was disconnected from the corporate network.
As per a statement by CS Energy, they are working with cybersecurity experts, national agencies, and states and progressively restoring the affected systems.