Schneider Electric is a world leader in industrial manufacturing, be it equipment for industrial automation and control systems, building automation, energy storage, and more.
According to a press release from the industrial giant, the damage from its Jan. 17 breach was limited to only its sustainability division, which provides software and consulting services to enterprises, and affected no safety-critical systems.
Still, the company faces potential repercussions if its clients' business data gets leaked.
According to Bleeping Computer, the Cactus ransomware gang - a relatively young yet prolific group - has claimed the attack.
What Happened to Schneider Electric Schneider Electric has not yet revealed the scope of data which may have been lost to its attackers, but did acknowledge one affected platform: Resource Advisor, which helps organizations track and manage their ESG, energy, and sustainability-related data.
The company also noted that it has already informed affected customers, and it expects business operations to return to normal by Jan. 31.
That may not be the end of the story, since Schneider Sustainability serves a broad swath of organizations in more than 100 countries, including 30% of the Fortune 500, as of 2021.
Having so many potentially impacted customers may bear on how the company addresses a ransom demand.
What You Need to Know About Cactus Ransomware Cactus isn't even a year old yet, having first arrived on the ransomware scene last March.
Already it is one of the planet's most prolific threat actors.
According to data from NCC Group, shared with Dark Reading via email, Cactus has been claiming double-digit victims nearly every month since last July.
Its busiest stretches thus far have been September when it took 33 scalps, and in December, 29 scalps, making it the second busiest group during that period, behind only LockBit.
Its 100 or so victims have thus far spanned 16 industries, most commonly the automotive sector, construction and engineering, and software and IT. But it isn't for any discernible technical reason that it has achieved so much so fast, says Vlad Pasca, senior malware and threat analyst for SecurityScorecard, who wrote a whitepaper about the group last fall.
In general, Cactus just relies on known vulnerabilities and off-the-shelf software.
This Cyber News was published on www.darkreading.com. Publication date: Tue, 30 Jan 2024 22:40:15 +0000