Russian ransomware group Conti has claimed responsibility for the CS Energy corporate network cyberattack that took place on November 27—news broken by Energy Source & Distribution.
Conti—thought to have amassed ransom payments worth over US$25 million from its corporate victims, has announced the news on its website.
Other media outlets including The Daily Telegraph have erroneously reported Chinese hackers to be responsible for the attack.
CS Energy released the following updated statement this morning regarding the cyberattack:
CS Energy’s power stations have continued to generate and dispatch electricity into the National Electricity Market since the ransomware incident on our corporate ICT network on November 27.
CEO Andrew Bills said CS Energy’s ICT systems and safeguards had layers of separation and protection, which enabled it to contain and protect its critical infrastructure to ensure continuity of power to Queenslanders.
“Upon becoming aware of the incident, we quickly took further assertive action to physically separate the two environments,” Bills said.
He said there was currently no indication that the cyber incident was a state-based attack.
Related article: The key cybersecurity challenges facing utilities
“We continue to progressively restore our systems and are working closely with cyber security experts and relevant state and federal agencies.”
Australia’s National Electricity Market is designed to ensure there is enough power generation and network capacity to securely meet customer demand, even in the event of unexpected outages of transmission lines and generators.