Schneider Electric, a French-based company specializing in automation and energy management, recently fell victim to a Cactus Ransomware attack, resulting in the unauthorized access and theft of corporate data. The breach targeted Schneider Electric’s Electric Resource Advisor Cloud Platform, leading to the compromise of terabytes of sensitive information. This particular strain of ransomware, known as Cactus, has been operational since March 2023 and has gained notoriety for infiltrating various corporate networks through the illicit purchase of credentials on the dark market, phishing attacks, and exploitation of software vulnerabilities.
In a related incident, the Freehold Township schools had to be closed on Monday due to disruptions in their IT infrastructure, suspected to be caused by a ransomware attack. The Assistant Superintendent, Dianne Martello, revealed on Sunday that the closure was prompted by technical difficulties arising in the early hours of Sunday. The exact nature of the cyber attack is yet to be officially confirmed.
Meanwhile, Fulton County in Georgia also experienced a debilitating attack from file-encrypting malware over the past weekend. The digital services, including court filings, tax payments and processing, websites, and communication systems, were all targeted by hackers. Interestingly, this incident occurred concurrently with the legal prosecution of Donald Trump by District Attorney Fani Willis. However, evidence linking the attack to the 2020 election subversion case is yet to be established.
Furthermore, Huber Heights, which faced a ransomware attack in November of the previous year, has conducted an investigation into the breach. The findings suggest that information belonging to over 6,000 individuals may have been accessed and stolen by the hackers. Notably, the IT staff has invested nearly $350,000 in recovery efforts, and it remains unclear whether they acceded to the ransomware hackers’ demands. The insurance firm involved asserts that additional financial assistance is required within a three-month time-frame to rebuild the compromised cyber network.