Slovenia's major power generation company, Holding Slovenske Elektrarne (HSE), has fallen victim to a ransomware attack, causing concern about the security of critical infrastructure in the country.
State-owned HSE is responsible for approximately 60% of Slovenia's domestic power production.
Uroš Svete, Director of the Information Security Office at HSE, confirmed that the ransomware attack had encrypted files and compromised the company's systems. However, he assured the public that all power generation operations remained unaffected, emphasizing that the impact was limited to IT systems and files.
Immediately after detecting the attack, HSE reported the incident to the National Office for Cyber Incidents at Si-CERT and the Ljubljana Police Administration. The company also enlisted the help of external experts to contain the attack and prevent the spread of the virus to other systems within Slovenia.
HSE said it has yet to receive a ransom demand. While the organization did not reveal what ransomware operation was responsible for the cyberattack, some media reports suggest the Rhysida ransomware gang may be behind the incident.
Earlier this month, the FBI and CISA released a joint alert detailing Rhysida’s techniques, tactics, and procedures (TTPs).
