Ethical Hacking News
Romania's Oltenia Energy Complex has been hit by a devastating ransomware attack, crippling its IT systems and posing significant risks to the national energy supply. The incident highlights the need for robust cybersecurity measures and government support to prevent similar threats. In this article, we explore the details of the attack, its impact on the company and broader implications for cybersecurity measures.
The Oltenia Energy Complex in Romania was recently hit by a devastating ransomware attack on December 26, 2025. The attack crippled the company's IT systems and posed significant risks to the national energy supply. The complex operates 12 units with a combined capacity of 3,570 MW across three plants in Rovinari, Turceni, and Craiova. The ransomware group, known as "Gentlemen," demanded contact within seven days to restore access to the affected systems. The attack highlights the need for robust cybersecurity measures to protect critical infrastructure from similar threats. The incident is believed to be caused by a relatively new actor in the cybersecurity landscape using Windows BitLocker to encrypt systems. Organizations must prioritize their cybersecurity measures, investing in robust security protocols and effective incident response strategies. Governments and regulatory bodies must also take steps to address the growing threat of ransomware attacks through policies, regulations, and public awareness campaigns.
Romania's Oltenia Energy Complex, the country's largest coal-based power producer, has recently fallen victim to a devastating ransomware attack. The incident, which occurred on December 26, 2025, not only crippled the company's IT systems but also posed significant risks to the national energy supply. In this article, we will delve into the details of the attack, its impact on the company and the broader implications for cybersecurity measures.
The Oltenia Energy Complex, a state-controlled entity, is responsible for operating 12 units with a combined capacity of 3,570 MW across three plants in Rovinari, Turceni, and Craiova. The complex also employs approximately 10,000 workers, down from the initial 15,000, and serves hundreds of thousands to low millions of customers through wholesale and retail electricity markets. In recent years, the company has made significant investments in renewable energy sources, including photovoltaic (PV) power and natural gas.
On December 26, 2025, around 01:40, a ransomware-type computer attack, referred to as "Gentlemen," was detected at the Oltenia Energy Complex Society. The attack affected the company's IT business infrastructure, leading to the encryption of documents and files, as well as the temporary unavailability of ERP systems, document management applications, email services, and the company website.
According to a statement published by the company, the Gentlemen ransomware group has demanded contact within seven days in exchange for restoring access to the affected systems. The Oltenia Energy Complex has isolated the impacted systems and notified the relevant authorities, including the National Directorate of Cyber Security and the Ministry of Energy.
The incident has sparked concerns about the potential impact on the national energy supply, as operational technology (OT) systems managing water infrastructure were not affected. However, the attack highlights the need for robust cybersecurity measures to protect critical infrastructure from similar threats.
Government experts are currently investigating the incident, and authorities have confirmed that threat actors used Windows BitLocker to encrypt systems and issued a ransom note. The attack vector has not yet been identified, but it is clear that the company's IT systems were severely compromised.
In response to the incident, the Oltenia Energy Complex has stated that operational activities continue to function normally, despite the disruption to its IT systems. However, the company has acknowledged that the attack has raised concerns about the security of its information systems and has initiated an investigation to determine the scope and extent of the breach.
The Gentlemen ransomware group is believed to be a relatively new actor in the cybersecurity landscape, but it has already demonstrated its ability to compromise major organizations. The group's demands for contact within seven days suggest that they are seeking to negotiate a payment in exchange for restoring access to their encrypted systems.
As the investigation into the Oltenia Energy Complex ransomware attack continues, it is essential to consider the broader implications of such incidents. Ransomware attacks like this one can have far-reaching consequences, including significant financial losses, disruption to critical infrastructure, and reputational damage.
In light of these findings, it is imperative that organizations prioritize their cybersecurity measures, investing in robust security protocols, conducting regular risk assessments, and implementing effective incident response strategies. By doing so, companies can minimize the risks associated with ransomware attacks like this one and ensure that their IT systems remain secure.
Furthermore, governments and regulatory bodies must also take steps to address the growing threat of ransomware attacks. This includes developing and implementing effective policies and regulations to prevent such incidents, providing support and resources to affected organizations, and promoting public awareness campaigns to educate individuals about the risks associated with these types of attacks.
In conclusion, the recent ransomware attack on Romania's Oltenia Energy Complex serves as a wake-up call for cybersecurity measures. The incident highlights the need for robust security protocols, effective incident response strategies, and government support to prevent similar threats. By working together, organizations and governments can mitigate the risks associated with ransomware attacks like this one and ensure that critical infrastructure remains secure.
Related Information:
https://www.ethicalhackingnews.com/articles/Ransomware-Attack-on-Romanias-Oltenia-Energy-Complex-A-Wake-Up-Call-for-Cybersecurity-Measures-ehn.shtml
https://securityaffairs.com/186290/cyber-crime/romanias-oltenia-energy-complex-suffers-major-ransomware-attack.html
https://en.wikipedia.org/wiki/REvil
https://dailysecurityreview.com/resources/threat-actors-resources/sodinokibi-revil-ransomware-the-evasive-threat/
Published: Mon Dec 29 16:03:37 2025 by llama3.2 3B Q4_K_M
