Toronto, Canada-based Superior Plus Corp. revealed the company suffered a ransomware attack Sunday, which had an impact on the firm’s computer systems.

Upon learning of the incident, the company said it took steps to secure its systems and mitigate the impact on the its data and operations. Superior retained independent cybersecurity experts to help deal with the matter in accordance with industry best practices.

Superior temporarily disabled certain computer systems and applications as it investigates this incident and is in the process of bringing these systems back online.

Superior is in the process of assessing the impact on operations. At present, Superior has no evidence the safety or security of any customer or other personal data has been compromised. Superior is a North American distributor and marketer of propane and distillates and related products and services, servicing over 780,000 locations in the U.S. and Canada.

“Superior is committed to data safety, is taking the matter very seriously and asks its customers and partners for their patience as it seeks to remediate the situation,” the company said in a statement.

Schneider Bold

“As with most security incidents, it appears that the victim only detected the attacker once they had made themselves known by launching their ransomware,” said Chris Clements, vice president of solutions architecture at Cerberus Sentinel. “Superior Plus doesn’t say and likely might not yet know how long the attackers had access to their operations, however, normal attacker dwell time typically extends weeks or months before they trigger ransomware. During this time, the attackers pivot throughout the victim’s network and attempt to escalate their access level to gain complete control of all systems and data. Mass scale data exfiltration has also become the norm in these events that can trigger a secondary extortion demand from the attackers.

“It’s easy to brush off the predictable ‘we take security very seriously’ response variations as being disingenuous, but the reality is even worse than that. Most organizations don’t even understand what it means to take security seriously. It’s the equivalent of a couch potato turning on the Olympics and thinking ‘how hard could it be?’ Getting security right takes talent, budget, and a lot of hard work. It truly takes a cultural approach to security by an organization that starts with understanding the extent of their risk exposure and what it takes to secure their environment,” Clements said.

“Attackers continue to pound away at critical infrastructure, last weekend going after Superior Plus, the largest propane gas distributor in the United States,” said Saryu Nayyar, chief executive at Gurucul. “While some are calling it a ransomware attack, that doesn’t yet seem to be confirmed. For those using propane for heating, this is a bad time of year for this type of attack. Superior has over 780,000 customers, $2.2 billion in revenue, and over 4300 employees. The company is still investigating the scope and attack vector used.

“At least Superior seems to be well-prepared to deal with this issue, having shut down servers early on, and currently attempting to bring them back up gradually. Enterprises can conduct simulated fire drills based on attack scenarios and develop both automated and manual playbooks once an attack is confirmed. Automated risk analysis and initial response can go a long way toward remediation of attacks,” she said.

There was no information released on the type of ransomware and the amount of ransom the attackers requested. Also, it did not say if the company decided to pay or not to pay.


Pin It on Pinterest

Share This