Schneider Electric faces ‘Cactus’ Ransomware

January 31, 2024
1 min read

Schneider Electric, a world leader in industrial manufacturing, has fallen victim to a cyber attack affecting its Sustainability Business division. The attack has been attributed to a rising ransomware operation called “Cactus,” a relatively young but prolific group. The attack was limited to Schneider’s sustainability division, which provides software and consulting services to enterprises, and affected no safety-critical systems. However, the company faces potential repercussions if clients’ business data is leaked. Schneider Electric has not yet revealed the scope of the data that may have been lost, but one affected platform is Resource Advisor, which helps organizations track and manage their ESG, energy, and sustainability-related data. The Cactus ransomware gang has claimed responsibility for the attack, though Schneider Electric has not confirmed this attribution. Cactus is a relatively new ransomware group that relies on known vulnerabilities and off-the-shelf software for its attacks. Schneider Sustainability serves a broad range of organizations across more than 100 countries, including 30% of the Fortune 500. The company has already informed affected customers and expects business operations to return to normal soon. However, the incident highlights the risk posed by basic vulnerabilities, even among organizations with substantial cybersecurity budgets.

Latest from Blog

EU push for unified incident report rules

TLDR: The Federation of European Risk Management Associations (FERMA) is urging the EU to harmonize cyber incident reporting requirements ahead of new legislation. Upcoming legislation such as the NIS2 Directive, DORA, and