Security News > 2023 > November > Slovenia's largest power provider HSE hit by ransomware attack

Slovenian power company Holding Slovenske Elektrarne has suffered a ransomware attack that compromised its systems and encrypted files, yet the company says the incident did not disrupt electric power production.

HSE is Slovenia's largest power generation company, accounting for roughly 60% of domestic production, and it is considered critical infrastructure in the country.

As first reported by local news outlet 24ur.com on Saturday, HSE suffered a ransomware attack last Wednesday, with the company finally containing it on Friday, November 24.

The Director of the Information Security Office, Uroš Svete, told the media that all power generation operations remained unaffected by the large-scale cyber attack.

The organization immediately informed the National Office for Cyber Incidents at Si-CERT and the Ljubljana Police Administration and engaged with external experts to mitigate the attack and prevent the virus from spreading to other systems across Slovenia.

Unofficial information shared with local media attributes the attack to the Rhysida ransomware gang, which has been active lately, prompting the FBI and CISA to issue a warning highlighting the group's TTPs. If Rhysida is behind the attack, it would also explain why HSE is stating they did not receive a ransom demand, as Rhysida ransom notes only contain an email address to contact the threat actors without specifying any monetary demands.

News URL

https://www.bleepingcomputer.com/news/security/slovenias-largest-power-provider-hse-hit-by-ransomware-attack/