Canadian electric utility Nova Scotia Power and its parent company Emera are responding to a disruptive cyberattack.
The attack came to light on April 25, when Emera and Nova Scotia Power discovered unauthorized access to some parts of their Canadian network and servers used for business applications. Impacted servers were shut down and isolated in response to the hack.
IT systems, including the utility’s customer care phone line and online portal, were disrupted. The company has not shared any updates on the incident since April 28, when it said it had been working on restoring impacted systems.
Nova Scotia Power provides electrical power to roughly 550,000 customers. Emera, through its electric and natural gas utilities, serves 2.6 million customers in Canada, the US and the Caribbean.
However, the companies said the cyberattack did not cause any power outages.
“There remains no disruption to any of our Canadian physical operations, including at Nova Scotia Power’s generation, transmission and distribution facilities, the Maritime Link or the Brunswick Pipeline, and the incident has not impacted the utility’s ability to safely and reliably serve customers in Nova Scotia,” the companies said in a statement. “There has been no impact to Emera’s US or Caribbean utilities.”
Nova Scotia Power is investigating whether any customer or confidential business information was compromised as a result of the incident.
It would not be surprising to learn that the power company has been targeted in a ransomware attack, but at the time of writing no known ransomware group appears to have taken credit for the intrusion.
SecurityWeek has reached out to Nova Scotia Power for more information and will update this article if the company responds.
Energy companies are often targeted by threat actors, including profit-driven cybercriminals and state-sponsored groups. One incident that came to light recently involved the Chinese hacker group Volt Typhoon, which had access to the US electric grid for 300 days in 2023.
Related: More Solar System Vulnerabilities Expose Power Grids to Hacking
Related: Siemens Patches Power Grid Product Flaw Allowing Backdoor Deployment
Related: China-Linked ‘Redfly’ Group Targeted Power Grid
