Slovenia’s largest power generation company hit with ransomware

Slovenia’s largest power generation company hit with ransomware

Slovenia's major power generation company, Holding Slovenske Elektrarne (HSE), has fallen victim to a ransomware attack, causing concern about the security of critical infrastructure in the country.

State-owned HSE is responsible for approximately 60% of Slovenia's domestic power production.

Uroš Svete, Director of the Information Security Office at HSE, confirmed that the ransomware attack had encrypted files and compromised the company's systems. However, he assured the public that all power generation operations remained unaffected, emphasizing that the impact was limited to IT systems and files.

Immediately after detecting the attack, HSE reported the incident to the National Office for Cyber Incidents at Si-CERT and the Ljubljana Police Administration. The company also enlisted the help of external experts to contain the attack and prevent the spread of the virus to other systems within Slovenia.

HSE said it has yet to receive a ransom demand. While the organization did not reveal what ransomware operation was responsible for the cyberattack, some media reports suggest the Rhysida ransomware gang may be behind the incident.

Earlier this month, the FBI and CISA released a joint alert detailing Rhysida’s techniques, tactics, and procedures (TTPs).


Back to the list

Latest Posts

Russian hackers target Microsoft accounts with ‘Device code’ phishing attacks

Russian hackers target Microsoft accounts with ‘Device code’ phishing attacks

The Russian threat actors leveraged social engineering techniques to impersonate individuals from prominent institutions.
17 February 2025
Cyber Security Week in Review: February 14, 2025

Cyber Security Week in Review: February 14, 2025

In brief: Microsoft patches actively exploited zero-days, Chinese hackers Salt Typhoon exploit Cisco flaws, the US and partners sanction Zservers, and more.
14 February 2025
Russian Sandworm APT targets critical sectors in BadPilot multi-year campaign

Russian Sandworm APT targets critical sectors in BadPilot multi-year campaign

The 'BadPilot' campaign involves a series of targeted cyberattacks leveraging bugs in widely used IT infrastructure software.
13 February 2025