Security News > 2021 > February > Ransomware Attacks Hit Major Utilities
Two state-owned utility companies in Brazil suffered separate ransomware attacks in the past week, forcing them to shut down some operations and services temporarily, In one case, sensitive data was stolen and dumped online, including network access logins and engineering plans.
Centrais Eletricas Brasileiras and Companhia Paranaense de Energia both reported attacks, the latter of which appears to be the work of Darkside, which flogged data stolen from the attack online, according to a published report.
The attack hit the administrative network of its Eletronuclear subsidiary, which runs two nuclear power plants-Angra1 and Angra 2.
The Copel attack was not publicly disclosed but mentioned in an SEC filing on Monday, according to Bleeping Computer, which appears to have had contact with Darkside about its hand in the attack.
Ransomware gangs don't appear to be letting up in 2021 either, with new variants of ransomware already detected - such as Babuk Locker, which is targeting corporations.
In an unrelated effort, authorities in Canada charged a suspect believed to be responsible for NetWalker ransomware attacks, and seized $454,500 in cryptocurrency from ransom payments made by three separate victims.
News URL
https://threatpost.com/ransomware-attacks-major-utilities/163687/
Related news
- UK health services call-handling vendor faces $7.7M fine over 2022 ransomware attack (source)
- McLaren hospitals disruption linked to INC ransomware attack (source)
- Six ransomware gangs behind over 50% of 2024 attacks (source)
- CISA warns of Jenkins RCE bug exploited in ransomware attacks (source)
- CISA Warns of Critical Jenkins Vulnerability Exploited in Ransomware Attacks (source)
- Most Ransomware Attacks Occur When Security Staff Are Asleep, Study Finds (source)
- Most ransomware attacks occur between 1 a.m. and 5 a.m. (source)
- New Qilin Ransomware Attack Uses VPN Credentials, Steals Chrome Data (source)
- Lateral movement: Clearest sign of unfolding ransomware attack (source)
- BlackByte Ransomware Exploits VMware ESXi Flaw in Latest Attack Wave (source)