Russian hackers claim credit for CS Energy ransomware attack

A notorious Russian hacking group has claimed credit for the ransomware attack on Queensland generator company CS Energy.

Dec 09, 2021, updated Dec 09, 2021
Italian authorities have raised the alarm about a major global ransomware attack. (file image).

Italian authorities have raised the alarm about a major global ransomware attack. (file image).

The attack, which occurred late last month, got as far as the company’s corporate system. There had previously been reports that the attack was from China, but CS Energy said there was no evidence it was a state-based attack.

Reuters reported that experts saying the attack on CS Energy was another in a long list of ransomware attacks using Conti, which is a cyber-crime action thought to be led by a Russia-based group that goes under the name of Wizard Spider.

While based in Russia it is not a formal part of the Russian Government, although there is speculation that it is often assisted by Russia and does not launch any attacks within the country.

Conti is described as “an extremely damaging malicious actor” because it of the speed with which it encrypts data and spreads to other systems. The operation relies on phishing, by putting to use an email that claims to come from a sender the victim trusts and uses a link to point the user to a maliciously loaded document.

Conti ransomware also uses a “double-extortion” technique, which not only encrypts the victims’ data and demands payment but also takes copies of the victims’ data, which the attackers will expose or sell if the victim refuses to pay.

Canadian companies this week paid about $500,000 after a Conti ransomeware attack.

CS Energy chief executive Andrew Bills said the company’s ICT systems and safeguards had layers of separation and protection, which enabled it to contain and protect its critical infrastructure.

InQueensland in your inbox. The best local news every workday at lunch time.
By signing up, you agree to our User Agreement andPrivacy Policy & Cookie Statement. This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

“We continue to progressively restore our systems and are working closely with cyber security experts and relevant state and federal agencies,” he said.





Local News Matters
Copyright © 2024 InQueensland.
All rights reserved.
Privacy Policy