Cyber-Incident at Australian Utility Firm Energy One Extends to UK Systems
Cyber-Incident at Australian Utility Firm Energy One Extends to UK Systems

Sigmund (unsplash)

A cyber-incident targeting the Australian utility enterprise, Energy One Limited (EOL), might extend its reach internationally as the company’s corporate systems in the UK have also shown signs of impact.

This multinational enterprise, renowned for providing software and services to the wholesale energy market, announced that they had implemented measures to minimize the consequences of this event. In addition, they have communicated with the Australian Cyber Oversight Centre and select UK governing bodies.

Based on a document endorsed by Andrew Bonwick, the Board Chairman of EOL, it became clear that the company’s corporate infrastructure was impacted on August 18, 2023. This information was released on August 21 and made public on the Australian Securities Exchange website (ASX).

At present, EOL is rigorously analyzing the incident’s extent and is in the process of determining if any other systems may have been compromised.

In Bonwick’s release, it was mentioned that a focal point of their ongoing inquiries revolves around establishing the potential breach of personal data and/or client-oriented systems, and pinpointing the attacker’s initial access point.

Rob Bolton, VP EMEA at Versa Networks, emphasized the importance of both clients and staff maintaining a calm demeanor. He advised vigilance against potential phishing emails or any unsolicited messages. Furthermore, Bolton commended EOL on their efficient response, noting the significance of prompt action in minimizing damage. He mentioned that prompt containment strategies can be the distinguishing factor between ensuring services and systems remain accessible to clients or not and avoiding the unauthorized access of sensitive data.

In his reflections on the event, Darren Guccione, CEO and co-founder of Keeper Security, shared that while Energy One is in the process of scrutinizing, rectifying, and gauging the incident’s reach, it has temporarily disabled certain connections between its main and customer-oriented systems. He added a word of caution for energy providers who are clients of EOL’s software and services to remain extra vigilant during this period and scrutinize any irregularities.

Several security aficionados have highlighted that this episode seems consistent with the modus operandi of cyber criminals who have the energy sector and pivotal national establishments in their crosshairs.

Simon Chassar, CRO, Claroty, articulated that the situation with Energy One is symptomatic of the escalating cyber incidents targeting the energy sector. Reflecting on alerts from UK’s NCSC and a renowned International Security Agency, he shared that industries like energy, due to their indispensable role in daily societal functions, are under elevated threat. Any disturbances in these areas might bear extensive repercussions, ranging from affecting the national fiscal landscape, triggering shortages, to pausing societal progression.

It’s worth noting that EOL has been a prominent entity on the Australian Stock Exchange since 2007 and has a significant presence in both the Asia-Pacific region and the UK and Europe.