Critical Infrastructure Services Firm Ventia Takes Systems Offline Due to Cyberattack

Critical infrastructure services provider Ventia over the weekend announced that it has taken some of its systems offline to contain a cyberattack.

Ventia provides long-term management, maintenance, and operations services for critical infrastructure organizations and for private entities across the defense, electricity and gas, environmental services, and water industries.

The company says it operates more than 400 sites in Australia and New Zealand, with a combined employee base of over 35,000.

In an incident notice on Saturday, the company announced that it decided to take some key systems offline in response to the incident, and that it had engaged with external experts and law enforcement to investigate it.

“As we work to restore our networks, we will prioritize the security and safety of our people, our customers, and our stakeholders,” the company said.

Ventia did not share details on the impact the incident has had, but said in an updated statement on Sunday that its operations are continuing while it monitors its network for any abnormal activity.

According to Ventia, all operations are expected to return to normal within the following days.

Although the company did not share specifics on the incident, it is possible that file-encrypting ransomware was involved in the attack, as typical incident response measures in the event of ransomware involve taking systems offline to prevent it from spreading.

The company has yet to reveal whether any type of information was stolen during the attack.

SecurityWeek has emailed Ventia for additional details on the incident and will update this article as soon as a reply arrives.

Related: Gas Stations Impacted by Cyberattack on Canadian Energy Giant Suncor

Related: Microsoft Says Early June Disruptions to Outlook, Cloud Platform, Were Cyberattacks

Related: Swiss Fear Government Data Stolen in Cyberattack