Unknown assailants attacked the country's largest electricity supplier.
Last week, the IT systems of the energy company HSE, the largest electricity supplier in Slovenia, were hacked. According to official data, the cause of the incident was an encryption virus that encoded files on the corporate network, and also blocked employees ' access to internal services.
The scale of the attack was impressive – as it turned out, the attackers were able to penetrate the security and process control systems. Signs of hacking were first detected on Wednesday evening, November 22.
Then everything was under control, so the incident was investigated by internal specialists.
But by November 24, the situation had worsened. The malware became more active and began to spread rapidly across the corporate network. By this time, the Slovenian government has already joined in the elimination of the consequences of the cyberattack.
According to HSE, despite the severity of the problem, production facilities, including thermal and hydroelectric power plants, continue to operate normally. There is currently no threat of disruptions in the country's energy supply.
However, the source of infection has not yet been identified. And the fact that the attackers managed to gain access to confidential HSE data indicates the potential danger of blackmail and extortion in the future.
According to experts, cybercriminals often do not initially make ransom demands, but wait for the most appropriate moment.
HSE controls about 60% of the country's energy supply systems. The company's assets include the largest Shoshtan thermal power plant in the republic, as well as a network of hydroelectric power plants on the Drava, Sava and Socha rivers.
Uros Svete, Director of the Slovenian Government Information Security Center, thanked the specialists for their responsible work: "In my opinion, the entire process, including threat detection, reporting and involvement of all participants – at the level of experts, IT engineers, companies and government agencies-fully corresponded to the national cyber incident response plan."
At the same time, he stressed that it is too early to draw final conclusions about the scale and consequences of the attack for HSE and the Slovenian energy system as a whole. The investigation and infrastructure restoration work are continuing.
Last week, the IT systems of the energy company HSE, the largest electricity supplier in Slovenia, were hacked. According to official data, the cause of the incident was an encryption virus that encoded files on the corporate network, and also blocked employees ' access to internal services.
The scale of the attack was impressive – as it turned out, the attackers were able to penetrate the security and process control systems. Signs of hacking were first detected on Wednesday evening, November 22.
Then everything was under control, so the incident was investigated by internal specialists.
But by November 24, the situation had worsened. The malware became more active and began to spread rapidly across the corporate network. By this time, the Slovenian government has already joined in the elimination of the consequences of the cyberattack.
According to HSE, despite the severity of the problem, production facilities, including thermal and hydroelectric power plants, continue to operate normally. There is currently no threat of disruptions in the country's energy supply.
However, the source of infection has not yet been identified. And the fact that the attackers managed to gain access to confidential HSE data indicates the potential danger of blackmail and extortion in the future.
According to experts, cybercriminals often do not initially make ransom demands, but wait for the most appropriate moment.
HSE controls about 60% of the country's energy supply systems. The company's assets include the largest Shoshtan thermal power plant in the republic, as well as a network of hydroelectric power plants on the Drava, Sava and Socha rivers.
Uros Svete, Director of the Slovenian Government Information Security Center, thanked the specialists for their responsible work: "In my opinion, the entire process, including threat detection, reporting and involvement of all participants – at the level of experts, IT engineers, companies and government agencies-fully corresponded to the national cyber incident response plan."
At the same time, he stressed that it is too early to draw final conclusions about the scale and consequences of the attack for HSE and the Slovenian energy system as a whole. The investigation and infrastructure restoration work are continuing.
