The Italian oil giant Eni SpA said Wednesday that its computer networks were hacked in recent days and that the consequences so far appeared to be minor.
(Bloomberg) — The Italian oil giant Eni SpA said Wednesday that its computer networks were hacked in recent days and that the consequences so far appeared to be minor.
“Eni confirms that the internal protection systems have detected unauthorized access to the company network in recent days,” a company representative said, in response to a query from Bloomberg News. The country’s largest energy company is working with local authorities to assess the consequences of the attack, the representative added.
People familiar with the situation said Eni appeared to be hit by a ransomware attack. Ransomware is a type of malware that locks computers and blocks access to files in lieu of a payment. It’s not clear who was responsible for the breach.
“Ransomware groups are aware that to ensure continuity of services energy companies may be willing to pay large ransom sums in exchange for unlocking the affected systems,” said Mirko Gatto, chief executive officer at the Italian cybersecurity firm Yarix, in a phone interview.
In addition, state-sponsored hackers may have an interest in carrying out malicious attacks on the energy sector in European countries that are particularly dependent on gas from Russia or sources outside of Europe, he said.
Earlier this week, Italy’s energy agency Gestore dei Servizi Energetici SpA suffered a breach on Sunday night and Monday morning, according to a statement. Among other functions, GSE is one of the government agencies in charge of the running of Italy’s electricity market.
GSE’s systems and operations are still blocked after the attack, a person familiar with the matter said. Servers were compromised, workers have no access to emails or internal data and some energy market functions carried by GSE are suspended, the source added.
GSE didn’t comment beyond its original statement.
A major risk of breaches of utilities and other critical infrastructure operators is that hacks of their IT systems can lead to disruptions of operational systems that provide electricity, water and other services to end users, even if the hackers never actually touch that sensitive equipment. Last year, Alpharetta, Georgia-based Colonial Pipeline Co. shut the largest fuel pipeline in the US after a ransomware attack crippled its IT systems, and in February, Hamburg, Germany-based oil trader Mabanaft said it was the victim of a cyberattack that disrupted the delivery of fuels across Germany.
(Updates with additional details throughout)
More stories like this are available on bloomberg.com
©2022 Bloomberg L.P.