According to security researchers and documents reviewed by Reuters, the hacking organization BlackCat was responsible for a recent attack on Italy’s state-owned energy services company GSE. They took a sizable amount of data and threatened to publish if their demands were not satisfied. In a ransomware attack, hackers extort their victims for a cryptocurrency payment by stealing their data and threatening them with data breaches.
BlackCat, also known as ALPHV, emerged in mid-November last year and is known for launching sophisticated attacks on scores of companies across the U.S. and Europe.
On Friday it claimed to have downloaded 700 gigabytes of data from GSE, including information on projects, contracts and accounting, and uploaded images of documents from the hack.
“BlackCat has a history of targeting organizations in the energy industry and is very active,” said Ryan Olson, vice president of threat intelligence at Unit 42, a division of cybersecurity firm Palo Alto Networks.
“We are tracking 136 worldwide victims posted to their leak site so far in 2022,” he told Reuters.
GSE declined to comment. It had said earlier that the hacking attack took place between Sunday and Monday.
The average recovery cost from a ransomware attack is estimated at $1.85 million, said Walter Ruffinoni, CEO of NTT Data Italia.
“In Italy, the phenomenon have risen 350% in the last year, where 1.9% of Italian companies each week suffered an attack of this type,” Ruffinoni said.
Last month Italian oil company Eni’s (ENI.MI) computer networks were also hacked, though the company said the consequences appear to be minor so far.
About Author
