Cyberattack on Brazilian nuclear power station

Centrais Elétricas Brasileiras S/A, the largest electricity company in Latin America, has informed shareholders and customers that its subsidiary Eletrobras Termonuclear S.A. (Eletronuclear), which builds and operates nuclear power stations, has been hit by a ransomware cyberattack on its IT administrative network.

The security incident did not bring about an interruption of operations at the Angra 1 and Angra 2 generators of the Almirante Álvaro Alberto nuclear power station (CNAAA), as the TO environment is isolated from the IT for security reasons. Consequently, the electricity supply to the National Interconnected System was guaranteed.

Eletronuclear technicians, together with the Serviço Gerenciado de Segurança (MSS), got to isolate the infection. However, some servers in the administrative network have been affected.

For the time being, the operation of some systems remains suspended and asset verification is ongoing. The Government Cyber Incident Treatment and Response Centre (CTIR.Gov) and the representative of the Brazilian Nuclear Programme Protection System (SIPRON) have also been informed.