Suncall Energy, a major Canadian integrated energy company, announced earlier this week that its subsidiary, PetroCanada, had suffered a cybersecurity incident that caused technical problems.
As a result, more than 1,500 gas stations across the country no longer accept credit card payments, and customers can no longer use points.
Suncor Energy ranks as the 48th largest publicly traded company in the world and is one of Canada’s leading synthetic crude oil producers with annual revenues of $31 billion.
“Attacks on critical infrastructure systems can not only directly disrupt a particular business, but can have wide-ranging ramifications for entities throughout the economy,” said Drew, software engineering group director for the Synopsys Software Integrity Group. Mr Streve said.
“Targets like Suncor and other energy providers are particularly attractive targets for malicious attackers who desire a high degree of destructive power, and many security experts believe that infrastructure entities are vulnerable to attacks by sophisticated attackers. We agree that it is ripe for exploitation.”
Read more about similar attacks: NCSC warns against Chinese cyber attacks on critical infrastructure
The company reportedly took immediate steps to mitigate the attack and hired third-party experts to investigate and resolve the situation. Authorities have also been notified, and Suncor is cooperating fully with the investigation.
“While we are working to resolve the incident, it may affect some of our transactions with customers and suppliers,” the company said in a statement.
At the same time, the company assured the public that there is no current evidence to suggest that customer, supplier or employee data has been compromised or misused in a cybersecurity incident.
“There are few details about the cyber incident, but it seems like a targeted attack on POS systems as the organization is unable to accept and process credit/debit card transactions,” said Stephen, Horizon3’s lead security SME. Gates comments. .ai.
The executive said most ransomware outbreaks lock workstations and data stores, but rarely target what is considered the Internet of Things (IoT).
“On the other hand, many petrol pumps are running commonly used operating systems (such as Windows CE), so outages can cause immense pain to consumers, so the ransom is not worth it. It can be quite a target,” Gates added.
The cyberattack on Suncor Energy prompted the UK National Cyber Security Center (NCSC) to warn against Russian groups “state-aligned” that they could launch devastating attacks on critical national infrastructure (CNI). It happened a few months later.
