Unknown attacks MPPMC

An unknown threat actor has launched a cyberattack on Madhya Pradesh Power Management Company Limited (MPPMC), shutting down its internal IT systems. The state-run organization oversees electricity management in Madhya Pradesh, India. Officials are particularly concerned as summer usually brings about peak consumption demands. MMPC’s public relations officer, Pankaj Swami, has confirmed that the organization has implemented workarounds to ensure the attack does not impact critical operations. MMPC’s chief general manager, Reeta Kshetrapal, reports that while the attackers have not yet demanded a ransom, they have provided contact information. According to a press release issued on May 27, the company first noticed the attack on May 22. The release quotes Kshetrapal as saying, “The restoration work of the IABS internal IT system is being carried out by the engineers at L&T InfoTech under the guidelines of the Union government’s nodal agency Indian Computer Response Team (CERT-In) that deals with cyber threats.” The release also confirmed that MPPMC informed the Madhya Pradesh State Electronics Development Corporation (MPSEDC) about the incident. Ransomware attacks typically involve threat groups encrypting an organization’s data and demanding a ransom for the decryption key. Cybercriminals typically target organizations that will suffer greatly from stolen data or downtime, and that can afford to pay ransoms.