The ransomware group Ragnar Locker claimed duty for the attack and has designed a status for targeting vital infrastructure operators in latest yrs.
Cybercriminals are capitalising on Europe’s looming power disaster, as a person of Greece’s biggest normal gas distributors has experienced an alleged information breach.
The fuel operator, DESFA, verified in a public statement that cybercriminals attempted to get access to its IT systems. DESFA mentioned its units are still operational, but some details may possibly have been exfiltrated by the hackers.
The fuel enterprise said it deactivated most of its IT services to defend in opposition to the assault and plans to steadily restore its running methods. DESFA also mentioned it is investigating the incident and has mobilised groups to get its techniques operational as quickly as probable.
The ransomware team regarded as Ragnar Locker has claimed responsibility for the information breach. This risk actor has come to be infamous for concentrating on significant infrastructure systems.
Ragnar Locker is considered to have breached the networks of at minimum 52 vital infrastructure organisations, in accordance to the FBI in January.
The felony gang posted facts of the allegedly stolen info on-line and threatened to publish extra information if they are not contacted by DESFA to “fix protection issues”, according to a document shared by BleepingComputer.
Exploiting global pressures
Cybercriminals are producing a keep track of history for targeting crucial infrastructure during intervals of disaster, in get to bring about further worry and have their ransom demands met.
For instance, cybercriminals carried out an assault on a h2o provider in the Uk last 7 days, even though the region faced unprecedented drought disorders.
The assault on the Greek natural gas operator comes as the war in Ukraine triggers an vitality disaster in Europe.
Oliver Pinson-Roxburgh, CEO of cybersecurity firm Defense.com, said the attack is one more “stark reminder” of the menace to significant infrastructure, as threat actors “thrive on exploiting users’ psychological anxieties and pressures”.
“Ultimately this is one more warning for governments, organisations and firms to recognise the absolute requirement of a powerful cyber defence,” Pinson-Roxburgh explained.
This view is shared by Todd Carroll, CISO of cybersecurity business CybelAngel. Carroll explained organisations need to “constantly scan for community access”, this kind of as open ports and vulnerabilities from outside the business perimeter.
“Given the large stakes included in retaining significant infrastructure safe, the premise that ransomware is a community security problem is now a lot more evident than at any time,” Carroll explained.
10 points you have to have to know immediate to your inbox each and every weekday. Indication up for the Each day Temporary, Silicon Republic’s digest of necessary sci-tech information.