Expert comment on the Creos Luxembourg S.A. ransomware attack


Due to the criticality and potential socio-economic impact an attack can have, critical infrastructure organisations such as Creos Luxembourg S.A. are popular targets for ransomware groups. Our research has shown that since April 2020, the energy & industrials sector has the second highest number of ransomware incidents by industry.

The ALPHAV/BlackCat ransomware group has now threatened to the leak the company’s data. This double-extortion tactic means that organisations need to go beyond just back-ups in order to protect themselves against ransomware attacks. Businesses should also implement file encryption – rendering files unreadable to unauthorised eyes – and implement network segmentation to limit lateral movement and mitigate the impact of such attacks. Double extortion is becoming more and more popular among cyber criminals, therefore organisations must have the appropriate defences in place to combat the modern threat.