alphv attacks SolarCraft

Incident Date:

September 25, 2022

World map



alphv attacks SolarCraft






Novato, USA

California, USA

First Reported

September 25, 2022

SolarCraft Ransomware Attack: A Cybersecurity Concern for the Energy Sector

Company Overview

SolarCraft, a 100% Employee-Owned and Operated business, has been a stalwart in the energy sector for over 40 years. Based in the North Bay area since 1984, the company prides itself on delivering high-value clean energy solutions to homeowners, businesses, and some of the North Bay's most significant organizations.

Vulnerabilities and Impact

The recent ransomware attack on SolarCraft by the ALPHV group underscores the critical need for enhanced cybersecurity measures within the energy sector. Although specific details regarding the vulnerabilities exploited and the extent of the damage remain undisclosed, this incident serves as a potent reminder of the vulnerabilities even well-established companies face from cyber threats.

This is not an isolated incident within the energy sector. The 2020 SolarWinds hack, targeting the widely used Orion software, highlighted the susceptibility of critical infrastructure to supply chain attacks, revealing the potential for widespread disruption.

Mitigation Strategies

To counter the threat of ransomware and other cyber-attacks, energy sector entities must adopt comprehensive cybersecurity strategies. Essential measures include:

  • Ensuring regular updates and patches for all software
  • Conducting ongoing employee cybersecurity training
  • Implementing multi-factor authentication
  • Maintaining up-to-date backups and robust disaster recovery plans
  • Developing and testing incident response plans


Recent Ransomware Attacks

The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.

The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.