Electrica Group, one of the prominent energy service providers in Romania, has confirmed that it is facing a ransomware incident. The cyber attack has led the company to activate its emergency protocols and closely cooperate with national cybersecurity authorities to minimize the repercussions.
Having a customer base of around 4 million in Romania, Electrica Group has indicated that its critical systems, such as SCADA (Supervisory Control and Data Acquisition) systems responsible for overseeing and managing electricity distribution, have not been impacted.
Nevertheless, temporary disruptions in customer engagements have been encountered due to precautionary measures taken to protect internal infrastructure. These interruptions form part of the corporate approach to ensure the overall security of its systems.
In a public announcement, Electrica emphasized that the attack has not jeopardized the continuous delivery or availability of electricity. Alexandru Aurelian Chirita, CEO of Electrica Group, stated, “Our primary focus remains on upholding uninterrupted electricity services and safeguarding personal and operational data managed by the group.”
The Romanian Ministry of Energy confirmed that the incident was indeed a ransomware attack. Preliminary inquiries indicate that although there were efforts to encrypt sensitive data, network components and vital systems remained unharmed.
“The SCADA systems are fully operational and isolated,” stated Energy Minister Sebastian Burduja. He assured the public that there is no immediate threat to energy services and praised the prompt response of the technical teams.
Ransomware assaults usually involve malevolent software encrypting a victim’s data, with the attackers demanding payment—oftentimes in cryptocurrency—for data restoration access.
Despite Electrica not revealing specific details concerning the perpetrators or their requests, intelligence analysts suspect potential associations with pro-Russian factions. This suspicion arises following recent reports of extensive cyber assaults targeting the electoral infrastructure in Romania.
To handle the situation, Electrica has deployed specialized teams collaborating with cybersecurity experts at the national level to pinpoint the attack source and prevent further harm.
The company has also encouraged consumers to maintain vigilance against phishing efforts or dubious messages falsely asserting representation of Electrica.
Recognizing the pressing need for heightened cybersecurity measures in the energy domain, Romania’s Ministry of Energy underscored the necessity of establishing a dedicated Cyber Security Incident Response Center.
Electrica Group has assured customers and stakeholders of regular updates as the situation evolves. Simultaneously, endeavors are ongoing to restore full functionality while establishing robust defenses against prospective threats.
The article titled “Romania’s Leading Energy Provider Electrica Group Hit by Ransomware Attack” was originally published on Cyber Security News.