Cyber Incident Victim: Jysk Energi A/S
Date:
Dec 2023
Location:
Denmark
Summary
Jysk Energi successfully thwarted a cyberattack targeting its administrative network after detecting unusual activity, prompting an immediate physical disconnection of internet access and activation of emergency protocols with cybersecurity firm CSIS. Critical operational systems remained unaffected throughout the incident, though the internet disruption caused temporary service outages impacting employees and customers. Preliminary investigations confirmed no data theft, system compromise, or ransomware activity occurred due to the timely intervention, with a controlled restoration of services planned following security reviews; relevant authorities were notified of the incident.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 0 motives | 2 techniques |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
On December 9, 2023, Jysk Energi's IT emergency response unit detected unusual activity on the company's administrative network, triggering an immediate physical disconnection of all internet connectivity to contain the threat. The organization activated its emergency preparedness plan and engaged cybersecurity firm CSIS to investigate the incident. Throughout the event, Jysk Energi maintained that its supply-critical operational systems remained unaffected and uncompromised. The internet disconnection persisted during the investigation period, resulting in the shutdown of non-critical systems that disrupted normal business operations. This outage created inconveniences for both employees attempting to perform administrative functions and customers accessing company services.
Preliminary findings from CSIS indicated no evidence of system lockouts, data theft, or destruction of information assets, confirming the containment measures successfully neutralized the cyberattack before significant damage occurred. Following a comprehensive security review, Jysk Energi planned a controlled restoration of internet connectivity and system functionality with expectations of resuming normal operations the following week. The company notified relevant regulatory authorities about the incident in compliance with standard protocols. Internal and external communications were managed through designated contacts including CEO Lars Naur, Energy and IT Director Niels Brøndsted, and press spokesperson Torben Antonsen. No additional technical details regarding the attack vector, threat actor identity, or duration of system outages beyond the general timeframe were disclosed in available public statements.