Information about the power systems of major corporations can be used in subsequent attacks.
Schneider Electric, one of the world's largest manufacturers of automation systems and energy solutions, has fallen victim to a Cactus ransomware attack. The incident occurred on January 17 and affected the company's division responsible for developing solutions in the field of sustainable development.
As a result of a cyberattack, terabytes of confidential data were stolen from the Schneider Electric corporate network. For returning the stolen information and not publishing it in the public domain, the attackers demanded a cash ransom from the company, the amount of which is not specified.
In addition, the virus attack resulted in disruptions to the Resource Advisor cloud platform, which provides Schneider Electric customers with tools for monitoring and analyzing energy consumption. Failures in its work are still observed.
According to available information, among the clients of the attacked Schneider Electric division are such large international corporations as Clorox, DHL, Hilton, PepsiCo and Walmart.
The data stolen by hackers may contain confidential information about the infrastructure and energy consumption systems, as well as production automation solutions implemented at the company's customer enterprises.
Representatives of Schneider Electric officially confirmed the fact of hacking the corporate network and the access of intruders to certain data. At the same time, the company stressed that the attack affected only the sustainability division and did not spread to other systems and infrastructure of Schneider Electric.
Currently, with the involvement of leading cybersecurity experts, restoration work is being carried out on the affected systems. Full access to them is expected to resume within two business days.
The Cactus group, which claimed responsibility for the attack on Schneider Electric, is known for its ransomware attacks on large international corporations. It launched its illegal activity in March 2022.
Methods of attack of malefactors from Cactus consist in penetration into corporate networks by means of phishing mailings, cracking of passwords or exploitation of vulnerabilities. After gaining access, hackers steal and encrypt confidential data, and then demand payment of ransom for providing decryption tools and for non-disclosure of the stolen information.
Schneider Electric, one of the world's largest manufacturers of automation systems and energy solutions, has fallen victim to a Cactus ransomware attack. The incident occurred on January 17 and affected the company's division responsible for developing solutions in the field of sustainable development.
As a result of a cyberattack, terabytes of confidential data were stolen from the Schneider Electric corporate network. For returning the stolen information and not publishing it in the public domain, the attackers demanded a cash ransom from the company, the amount of which is not specified.
In addition, the virus attack resulted in disruptions to the Resource Advisor cloud platform, which provides Schneider Electric customers with tools for monitoring and analyzing energy consumption. Failures in its work are still observed.
According to available information, among the clients of the attacked Schneider Electric division are such large international corporations as Clorox, DHL, Hilton, PepsiCo and Walmart.
The data stolen by hackers may contain confidential information about the infrastructure and energy consumption systems, as well as production automation solutions implemented at the company's customer enterprises.
Representatives of Schneider Electric officially confirmed the fact of hacking the corporate network and the access of intruders to certain data. At the same time, the company stressed that the attack affected only the sustainability division and did not spread to other systems and infrastructure of Schneider Electric.
Currently, with the involvement of leading cybersecurity experts, restoration work is being carried out on the affected systems. Full access to them is expected to resume within two business days.
The Cactus group, which claimed responsibility for the attack on Schneider Electric, is known for its ransomware attacks on large international corporations. It launched its illegal activity in March 2022.
Methods of attack of malefactors from Cactus consist in penetration into corporate networks by means of phishing mailings, cracking of passwords or exploitation of vulnerabilities. After gaining access, hackers steal and encrypt confidential data, and then demand payment of ransom for providing decryption tools and for non-disclosure of the stolen information.
