Safeguarding critical infrastructure
We often take our basic services like energy for granted until they're disrupted. Providing energy and other important services to homes and businesses in Queensland is crucial for keeping everything running smoothly. That's why it's important for energy companies, network operators, and other essential service providers to be ready for cyber attacks and know how to respond.
CS Energy Ltd (owned by the Queensland Government) generates about 10% of the electricity used in the National Electricity Market, mostly for homes and businesses in southeast Queensland. In 2021, CS Energy was hit by a ransomware attack. If they hadn't responded quickly and strategically, it could have affected the electricity supply to homes and businesses.
The attackers, known as the Conti ransomware group, have been active since 2020 and have targeted more than 400 organisations worldwide. Energy suppliers and healthcare providers are especially vulnerable to these attacks because they can cause major disruptions. Attackers know these organisations can't afford to be down for long, so they're more likely to pay ransoms.
In CS Energy's case, the ransomware attack tried to lock files, steal important data, and disrupt operations by targeting the corporate network and email systems. However CS Energy discovered the attack quickly and immediately isolated the affected servers from the rest of their network. They also made sure their systems running the power stations weren't affected, so they could keep supplying electricity.
CS Energy acted fast by using their plans for dealing with emergencies and getting help from cyber security experts like the Australian Cyber Security Centre (ACSC) and other Queensland government agencies.
This situation showed how important it is to have strong IT systems, work closely with cyber security experts, like the ACSC, and have good plans for dealing with emergencies. Even though CS Energy handled the situation well, they learned from it and used the lessons to improve their ongoing efforts to protect against cyber attacks, following the Australian Energy Sector Cyber Security Framework.