The BlackCat ransomware gang claimed responsibility for a attack that resulted in the theft of data from a Luxembourg power company.
The attack targeted Encevo S.A. electricity and gas pipeline subsidiary Creos Luxembourg S.A. between July 22 and 23 that had resulted in network intruders exfiltrating data.
The link to BlackCat, also known as ALPHV, emerged on when the group threatened to publish 180,000 stolen files totaling 150 GB in size if a ransom was not paid. The stolen data allegedly includes contracts, agreements, passports, bills and emails. As of now, the data has not been published.
The details of how the attack took place have not been disclosed. Encevo said it had filed a complaint with police in Luxembourg and notified relevant government authorities.
Security teams lack the high accuracy needed not only to establish a threat but also to understand the entire attack campaign versus just individual threats.
The ability to collect a full set of telemetry across different sources, link together the various indicators of compromise and build the puzzle automatically is critical to providing the full context needed by security teams to get ideally prevent the attack, be able to respond appropriately and quickly.