- Eni is assessing the consequences, saying that “the impact is small at present”;
- Last weekend, the Italian energy regulator GSE suffered a malware attack, and its internal systems are still locked;
- In the past six months, the European energy industry has suffered many cyber attacks. The severe external situation, the importance of people’s livelihood, and the lack of self-protection make them a sweet spot for attackers to achieve their goals.
Italian oil giant Eni Group said a few days ago that its computer network had been hacked in recent days, but the impact seems to be small for now. Data disaster recovery has been taken quickly after the attack.
A representative of the company said in response to a foreign media request for comment, “Eni confirmed that the internal protection system has detected unauthorized access to the company’s network in recent days.” As the largest energy company in Italy, Eni Group The consequences of the attack are being assessed in cooperation with local authorities.
Eni appears to have been hit by a ransomware attack, according to people familiar with the matter. As a member of the malware family, ransomware locks the computer and prevents users from accessing files normally, which can only be unlocked by paying a ransom. It is unclear who is responsible for the incident.
“Ransomware gangs have realized that energy companies may be willing to pay large ransoms to unlock affected systems in order to guarantee service continuity,” Mirko Gatto, CEO of Italian cybersecurity firm Yarix, said in a phone interview.
Moreover, given that European countries’ energy sectors are highly dependent on Russian natural gas and other external sources, state-sponsored hacking gangs are also more inclined to target such targets.
Italy’s energy regulator also hacked
Earlier this week, Gestore dei Servizi Energetici (GSE), the Italian government agency for energy regulation, was hit by a cyberattack between late Sunday and early Monday, according to a statement. GSE is one of the government agencies that maintains the normal operation of the Italian electricity market.
According to people familiar with the matter, after the attack, GSE’s system operations are still locked down. And because servers were compromised, employees were unable to access email or internal data, disrupting some of the GSE’s electricity market oversight functions.
GSE has not made any follow-up comments beyond the initial statement.
When the IT systems of utilities and other critical infrastructure operators are hacked, a major risk is the disruption of operational systems that provide power, water and other services to end users. In other words, hackers can effectively disrupt production and people’s livelihood without having direct access to these sensitive systems.
Last year, Colonial Pipeline Transportation in Alpharetta, Georgia, was forced to shut down the nation’s largest fuel pipeline after a ransomware attack paralyzed its IT systems.
In February, Hamburg, Germany-based oil trader Mabanaft also said it was hit by a cyberattack that caused unexpected disruptions to fuel supplies across Germany.
The number of consumers who were harmed by the violation or which information had really been disclosed were not included in the violation disclosure letter. Jake Moore, a worldwide cyber protection expert at ESET, responded to the report by saying that while increased data leakages are concerning, more has to be done to handle the implications appropriately given the number of unavoidable attacks. Every corporate organization needs a virtual machine backup solution. Every corporate organization needs a virtual machine backup solution. Too many companies try to downplay the seriousness of the situation while also burying problems. Customers must be treated with respect, and they must also be immediately informed of the precise information that was stolen and when it was released.”