Threat actors breached the network of the Italian oil company ENI

Threat actors breached the network of the Italian oil company ENI

Italian oil giant Eni was hit by a cyber attack, attackers compromised its computer networks, but the consequences appear to be minor.

Italian oil giant company Eni disclosed a security breach, threat actors gained access to its network, but according to the company the intrusion had minor consequences because it was quickly detected.

“The internal protection systems have detected unauthorized access to the corporate network in recent days,” a spokesperson for the company told Reuters in response to a query.

ENI

The company reported the incident to the Italian authorities which launched an investigation to determine the extend of the attack.

Bloomberg News first reported the news of the attack on Wednesday, speculating that Eni appeared to have been hit by a ransomware attack.

“Eni confirms that the internal protection systems have detected unauthorized access to the company network in recent days,” a company spokesman said, in response to a query from Bloomberg News.

Without technical details about the attack it is not possible at this time to determine how attackers breached the company, their motivation and attribute the intrusion to a specific threat actor.

People familiar with the situation said Eni appeared to be hit by a ransomware attack. Ransomware is a type of malware that locks computers and blocks access to files in lieu of a payment. It’s not clear who was responsible for the breach.

The Italian energy sector appears to be under attack, over the weekend, Italy’s energy agency Gestore dei Servizi Energetici SpA was hit by a cyber attack. GSE is the government agency that operates the Italian electricity market.

The website of the GSE is still down, and people familiar with the matter told Bloomberg that the company infrastructure was compromised with an impact on the agency’s operations.

A major risk of breaches of utilities and other critical infrastructure operators is that hacks of their IT systems can lead to disruptions of operational systems that provide electricity, water and other services to end users, even if the hackers never actually touch that sensitive equipment. Last year, Alpharetta, Georgia-based Colonial Pipeline Co. shut the largest fuel pipeline in the US after a ransomware attack crippled its IT systems, and in February, Hamburg, Germany-based oil trader Mabanaft said it was the victim of a cyberattack that disrupted the delivery of fuels across Germany.

Follow me on Twitter: @securityaffairs and Facebook

Pierluigi Paganini

(SecurityAffairs – hacking, ENI)




Leave a Reply

Your email address will not be published.