BleepingComputer reports that major Romanian electricity distributor and supplier Electrica Group was confirmed by the country's National Cybersecurity Directorate to have been breached by the Lynx ransomware operation amid a probe conducted alongside other cybersecurity authorities that showed no impact on the energy provider's SCADA and other critical systems.
"Based on available data, critical power supply systems have not been affected and are operational, and the investigation is currently ongoing. In the event of a ransomware infection, the Directorate strongly recommends that no one pay the ransom requested by the attackers," said the DNSC, which called on energy providers to leverage the provided YARA script in scanning their networks to determine potential Lynx ransomware compromise. More than 20 energy, oil, and gas organizations across the U.S. have already been targeted by the Lynx ransomware gang between its emergence in July and November, according to a report from the Center for Internet Security.