RansomHub Strikes Empresa de Energía del Bajo Putumayo: A Cybersecurity Threat in Colombia's Energy Sector

Incident Date: Apr 16, 2024

Attack Overview

VICTIM

Empresa de energía del Bajo Putumayo

INDUSTRY

Energy, Utilities & Waste

LOCATION

Colombia

ATTACKER

Ransomhub

FIRST REPORTED

April 16, 2024

Request Removal

RansomHub Targets Empresa de Energía del Bajo Putumayo in Ransomware Attack

Attack Overview

Empresa de Energía del Bajo Putumayo (EEBP), a key player in Colombia's energy sector, has fallen victim to a ransomware attack orchestrated by the cybercriminal group RansomHub. The attack led to the theft of approximately 20.2 gigabytes of data. Details about the specific nature of the stolen data remain undisclosed, but a sample has been publicly leaked by the attackers as proof of the breach.

Company Profile

Founded in 1997, EEBP operates primarily in the Lower Putumayo region, where it is instrumental in the generation, transmission, and distribution of electricity. With an installed capacity of 19.2 MW predominantly from hydroelectric sources, EEBP serves several municipalities including Mocoa and Puerto Asís. The company is a mixed-ownership entity, involving both departmental government and private investors.

Industry Standout

EEBP is notable for its integration into the National Interconnected System of Colombia, playing a crucial role in the regional energy infrastructure. Its focus on hydroelectric power highlights its commitment to sustainable energy solutions. As a regulated entity under the Energy and Gas Regulation Commission (CREG), EEBP adheres to stringent standards, underscoring its importance in the national energy landscape.

Vulnerabilities to Cyber Threats

The nature of EEBP's operations and its critical role in the energy supply chain make it a potential target for cybercriminals looking to cause significant disruption or extract hefty ransoms. The involvement of both governmental and private sectors in its ownership can also complicate the cybersecurity governance structure, potentially leading to vulnerabilities in its cyber defenses.

About RansomHub

RansomHub, a relatively new player in the ransomware arena, operates on a Ransomware-as-a-Service model, attracting affiliates with a high share of ransom proceeds. The group's tactics resemble those of established Russian cybercrime syndicates, although it claims to avoid targeting certain countries and non-profit organizations.

Sources

See Halcyon in action

Interested in getting a demo?
Fill out the form to meet with a Halcyon Anti-Ransomware Expert!

Let's get started

First Name

Last Name

Phone Number

Buying Timeframe

halcyon.ai is committed to protecting and respecting your privacy, and we’ll only use your personal information to administer your account and to provide the products and services you requested from us. From time to time, we would like to contact you about our products and services, as well as other content that may be of interest to you. If you consent to us contacting you for this purpose, please tick below to say how you would like us to contact you:

I agree to receive other communications from halcyon.ai and acknowledge Halcyon's privacy policy.

You may unsubscribe from these communications at any time. For more information on how to unsubscribe, our privacy practices, and how we are committed to protecting and respecting your privacy, please review our Privacy Policy.

By clicking submit below, you consent to allow halcyon.ai to store and process the personal information submitted above to provide you the content requested.

Back

Thank you! Your submission has been received!

Oops! Something went wrong while submitting the form.