The Everest ransomware group executed a targeted attack on Svenska kraftnät, Sweden’s national power grid operator, resulting in the theft of 280 GB of internal data. The breach poses severe risks to critical infrastructure stability, as the exfiltrated data may include operational schematics, employee records, or system configurations. Given the entity’s role in managing the country’s electricity supply, the attack could disrupt energy distribution, trigger cascading blackouts, or enable follow-on sabotage by adversaries. While no immediate outages were reported, the incident underscores vulnerabilities in national grid security. The ransomware group’s involvement suggests potential demands for payment, though Svenska kraftnät has not confirmed whether negotiations are underway. The breach aligns with broader trends of cybercriminals targeting energy sectors to maximize leverage over governments and public services.
Source: https://research.checkpoint.com/2025/3rd-november-threat-intelligence-report/
TPRM report: https://www.rankiteo.com/company/svenska-kraftnat
"id": "sve3933839110325",
"linkid": "svenska-kraftnat",
"type": "Ransomware",
"date": "5/2025",
"severity": "100",
"impact": "6",
"explanation": "Attack threatening the economy of geographical region"{}