Superior Plus, a propane distributor in North America, has acknowledged being the victim of a ransomware operation. The distributor announced on December 14 that it was recovering from a network intrusion that resulted in its systems being infected with an unidentified ransomware strain on Sunday, December 12.
The company, located in Canada, has temporarily blocked some computer systems and applications while investigating the issue and is working on getting them back online. The propane distributor has enlisted the expertise of cybersecurity professionals to cope with the situation and analyze the damage. Superior has no evidence that the safety or security of customer or personal data has been compromised.
Superior Plus serves 780,000 customers in the United States and Canada through distributing and selling propane, distillates, and related products and services. It is unknown which ransomware gang was behind the attack or compromised systems.
Ransomware attacks are growing more common on a daily basis, affecting a wide range of industries throughout the world. As the recent Colonial Pipeline attack indicates, critical infrastructure corporations in the energy industry are not immune. Third-party cybersecurity experts warn that more of the same will happen unless anything drastic is done.
Cybereason’s chief security officer, Sam Curry, stated that the scope of the attack is unknown at this time and that only Superior can offer additional information. Superior’s decision to shut down some systems indicates that the attacks were successful.
“The fact Superior has taken certain systems offline is an indication that the attackers were successful. It’s time to do more than the minimum. It’s time to tighten up and get the security practices right – least privilege, resilience, planning for the worst, and having a detection mindset,” Curry added.