Get all your news in one place.
100’s of premium titles.
One app.
Start reading
TechRadar
TechRadar
Sead Fadilpašić

Energy giant Schneider Electric hit by huge ransomware attack

An abstract image of a lock against a digital background, denoting cybersecurity.

Schneider Electric has revealed it suffered a major ransomware attack that resulted in the disruption of certain services and the theft of confidential data. 

On January 17, the company’s Sustainability Business division was targeted by a threat actor deploying the Cactus ransomware variant, it was said. 

The encryptor disrupted the company’s Resource Advisor cloud platform, which is allegedly still not working as we go to press.

Terabytes stolen

Cactus is a known threat actor that was first spotted in May 2023, when researchers discovered a ransomware variant that evades detection by encrypting itself. What also makes Cactus interesting is that it has multiple modes of encryption, including a quick mode. If the operators decide to run both modes one after the other, the files will be encrypted twice and will get two file extensions. 

The attackers stole “terabytes of corporate data”, which they’re now threatening to release, unless a ransom payment is met, reports have claimed.

 We don’t know how much money the hackers are asking for, or actually what the data is, or whose it is, but this division apparently services companies such as DHL, Hilton, PepsiCo, and Walmart, offering consulting on renewable energy, sustainability regulations, and more. 

"From a recovery standpoint, Sustainability Business is performing remediation steps to ensure that business platforms will be restored to a secure environment. Teams are currently testing the operational capabilities of impacted systems with the expectation that access will resume in the next two business days,” the company told BleepingComputer.

“From a containment standpoint, as Sustainability Business is an autonomous entity operating its isolated network infrastructure, no other entity within the Schneider Electric group has been affected.” 

Via BleepingComputer

More from TechRadar Pro

Sign up to read this article
Read news from 100’s of titles, curated specifically for you.
Already a member? Sign in here
Related Stories
Top stories on inkl right now
Our Picks
Fourteen days free
Download the app
One app. One membership.
100+ trusted global sources.