HQ/EMEAFind out how we can help your business
One of the world’s most prominent energy management and automation corporations, Schneider Electric, currently faces a recent Cactus ransomware attack that struck its Sustainability Business division that occurred earlier this year.
Based on reports, the cyberattack resulted in terabytes of corporate data theft, disrupting some of Schneider Electric’s Resource Advisor cloud platforms that could put the company in a bad spot. The ransomware group threatens to leak the stolen data if they do not comply with the attackers’ financial demands.
The Cactus ransomware group’s main target is the sustainability business division of Schneider Electric.
The Sustainability Business division of Schneider Electric is responsible for consulting enterprise organisations on renewable energy solutions and navigating complex climate regulatory requirements globally. The importance of this company sector is why the Cactus ransomware group made it their primary target for their cyberattack.
Currently, Schneider Electric’s most prominent clients include Allegiant Travel Company, Clorox, DHL, DuPont, Hilton, Lexmark, PepsiCo, and Walmart. Unfortunately, the attackers may have compromised sensitive information from these entities.
Speculations revealed that the attackers could compromise stolen data, such as customers’ power utilisation, industrial control and automation systems, and compliance with environmental and energy regulations.
These details pose a significant risk to both Schneider Electric and its clients since the exposure of such information could have severe implications regarding regulatory compliance and business operations.
On the other hand, Schneider Electric has yet to disclose whether they intend to comply with the ransom demands proposed by the ransomware group. However, the possibility of the ransomware gang leaking the stolen data could be apparent since they have a reputation for spreading records in their previous incidents.
Schneider Electric confirmed these cyberattack claims and acknowledged that the threat actors accessed data. Still, the company insisted that the impact was limited to the Sustainability Business division and did not extend to other parts of the organisation.
This incident is another example of the escalating threats faced by companies operating in the energy and automation industry. Therefore, organisations in this field should invest in potent cybersecurity measures to protect sensitive data and protect against potential disruptions to essential services.
