HQ/EMEAFind out how we can help your business
Slovenia’s primary power provider, Holding Slovenske Elektrarne (HSE), fell victim to a ransomware campaign that was felt throughout the nation.
HSE is responsible for approximately 60% of Slovenia’s power production and is vital to the country’s critical infrastructure. Despite the assault, the power-providing operations of this government-owned agency remained unfazed by the attack, emphasising the strength of Slovenia’s power infrastructure cyber defences.
A local news outlet uncovered the cyber incident earlier this week. The outlet also reported that HSE successfully contained the breach before the week ended (November 24). In addition, the Director of the Information Security Office affirmed that the cyberattack had no impact on the actual production of electric power. However, the ransomware successfully encrypted files and crippled the company’s IT systems, prompting immediate countermeasures from HSE.
Holding Slovenske Elektrarne has quickly coordinated with the authorities to address the attack.
As a critical infrastructure entity, Holding Slovenske Elektrarne has immediately collaborated with the national cyber incident response authorities and law enforcement agencies. The National Office for Cyber Incidents at Si-CERT and the Ljubljana Police Administration promptly received a notification from the affected entity after discovering the attack.
Furthermore, HSE has employed a third-party security provider to help them neutralise the threat and prevent its spread across the country’s systems. Despite the severity of the attack, HSE has yet to receive a ransom demand.
An expert claimed that it might be premature for such requests to surface since the ongoing efforts to cleanse and secure the compromised systems are operational. A joint statement also reassured Slovenians that the situation was under control and there were no anticipated operational disruptions or substantial economic damage from the incident.
The impact of the ransomware assault appears localised, primarily affecting the websites of Šoštanj Thermal Power Plants and the Velenje Coal Mine. The resilience of the power generation infrastructure, coupled with prompt and coordinated response measures, has effectively mitigated the potential fallout.
In this instance, the resilience demonstrated by HSE shows the importance of robust cybersecurity measures for safeguarding essential services. Hence, organisations and government-owned agencies should adopt what HSE has done to mitigate or prevent a similar incident that could cause catastrophic events.
