CS Energy hit by ransomware attack

Callide Power Station (CS Energy ransomware)
CS Energy's Callide Power Station

Queensland’s CS Energy has fallen victim to a ransomware attack on its corporate network, the company has confirmed to Energy Source & Distribution.

“The incident occurred on CS Energy’s corporate network and has not impacted electricity generation at our Callide and Kogan Creek power stations. Our power stations are continuing to generate and dispatch electricity into the National Electricity Market,” CS Energy said in a statement.

CEO Andrew Bills said CS Energy’s focus was on restoring the security of its network and supporting employees, customers and business partners with any questions they may have.

Related article: Dr Sean Brady to lead independent investigation into Callide incident

“CS Energy moved quickly to contain this incident by segregating the corporate network from other internal networks and enacting business continuity processes,” Bills said.

“We immediately notified relevant state and federal agencies, and are working closely with them and other cyber security experts.

“We have contacted our retail customers to reassure them that there is no impact to their electricity supply and we have been regularly briefing employees about our response to this incident.

“Unfortunately, cyber events are a growing trend in Australia and overseas. This incident may have affected our corporate network, but we are fortunate to have a resilient and highly skilled workforce who remain focused on ensuring CS Energy continues to deliver electricity to Queenslanders.”

This is the second major incident for the energy company this year, with an explosion at CS Energy’s Callide Power Station in May cutting power to 477,000 homes and businesses throughout Queensland.

Cyber attacks have become a major concern for utilities and hospitals, with a major ransomware attack bringing UnitingCare’s Queensland hospitals to their knees in April this year.

In June, former ASIO chief David Irvine warned Australia’s energy infrastructure was growing vulnerable to ransomware attacks.

Related article: Cybersecurity in energy ‘more than just tech’

Irvine said energy was one of a number of Australian sectors insufficient in cyber resilience, with many organisations are not “caring enough” about cyber attacks.

He said while boards now understood the threat of ransomware attacks, most were still “grappling” with how to handle an attack if it were to occur. Governments, too, he said, had improved their cyber posture but needed to do more.

“Until we enhance our national security resilience in all segments of the energy sector, from supply through to end user, we’re going to be vulnerable to the sorts of attacks that we’ve seen,” he said.