One of the most prolific Russian-speaking ransomware gangs has claimed credit for a weekend attack on an Australian electric utility serving millions of people.
Australian media reported on Monday that Chinese government hackers were behind the breach at CS Energy, which is owned by the state government of Queensland.
Those reports, which came amid high tensions between Beijing and Canberra, prompted the utility to issue a statement on Tuesday. There is “currently no indication that the cyber incident was a state-based attack”, the statement said.
The ransomware group known as Conti, meanwhile, named CS Energy on its website for shaming victims and sometimes leaking their data.
“Conti listed CS Energy on its leak site which, obviously, would indicate that one of its affiliates was responsible for the attack,” said Brett Callow, a threat analyst at security firm Emsisoft.
Russian Cybercrime Operation
Callow said that “Conti is believed to be a Russia-based cybercrime operation … so it would appear that the attack on CS Energy is simply an addition to the ever-expanding list of financially motivated ransomware attacks.”
Infrastructure cyberattacks are becoming increasingly common, with the CS episode coming seven months after hackers shut down a major US petrol supply artery.
“The future of national pipeline cybersecurity remains largely unresolved, as government and industry grapple with hurdles to securing the nation’s fuel backbone,” S&P Global Ratings concluded.
Cyberattacks are considered the number two risk to Asia-Pacific business, according to a recent Aon survey.
“With more emphasis and reliance on technology, cyber risk topped the list as the number one current and predicted future risk globally,” Lambros Lambrou, Aon’s CEO of commercial risk solutions, said.
In Asia Pacific, pandemic-related business interruption topped the list, followed by cyberattacks.
The cyberattack is the latest setback for the Queensland power group. In May, its Callide Power Station was shut down after an explosion and fire led to 477,000 Queensland customers losing power.
- Reuters with additional editing by George Russell
Cyber Attacks Could Lead to War, Says Biden: FT
China Rejects ‘Fabricated’ Cyber Attacks Claim by US and Allies
China suspected in US defence industry cyber attack