Eni SpA, an Italian oil company, revealed on Wednesday, August 31, that hackers attacked its computer networks in recent days. However, according to a Bloomberg report, the oil giant confirmed that the consequences of the attacks appear to be minor.
Italian Oil Giant Under Attack by Hackers
A representative of Eni stated to Bloomberg, “Eni confirms that the internal protection systems have detected unauthorized access to the company network in recent days,” adding that the company is assessing the consequences of the attack alongside local authorities.
Furthermore, some internal sources disclosed that it was a ransomware attack that hit Eni. Ransomware is a type of malware that locks computers and blocks files. And the original owners can only access them when they pay.
Mirko Gatto, CEO of Yarix, an Italian cybersecurity firm, remarked in a phone interview with Bloomberg, “Ransomware groups are aware that to ensure continuity of services energy companies may be willing to pay large ransom sums in exchange for unlocking the affected systems.” He believes state-sponsored hackers may have an interest in carrying out malicious attacks on the European countries’ energy sectors. Particularly, Gatto noted, those that are dependent on gas from Russia or sources outside of Europe. Unfortunately, the hackers haven’t been identified yet.
Another Italian Energy Company That Reported Hacking Recently
Gestore dei Servizi Energetici SpA (GSE), Italy’s energy agency, reported a breach on Sunday night and Monday morning earlier this week. GSE is one of the government agencies in charge of the nation’s electricity market among other things. Additionally, Bloomberg reports that one of the inside sources revealed that the agency’s systems and operations are still blocked after the attack. Furthermore, the breach compromised GSE’s servers, barring workers’ access to emails or internal data. And it even suspended some energy market functions carried by the agency.
On another note, Colonial Pipeline Co., based in Alpharetta, Georgia, US, shut the largest fuel pipeline in the country after a ransomware attack last year. Likewise, Mabanaft, an oil trader based in Hamburg, Germany, suffered from a cyberattack earlier this year, which hindered the delivery of fuels across Germany.
Therefore, a cyberattack on the IT systems of utilities and other critical infrastructure operators can disrupt operational systems that provide electricity, water, and other services to end users, even if hackers don’t actually touch that sensitive equipment. Thus, energy companies or agencies need to take measures to avoid such attacks at all costs.