Bloomberg: Russia-linked hackers attack Italian energy agency

A hacker group linked to Russia has claimed responsibility for a recent attack on the Italian energy industry, the agency reports. Bloomberg. The BlackCat group said it had stolen 700 gigabytes of data from networks controlled by the Italian energy agency GSE. Earlier this week, GSE said it had suffered a hack that caused the company to shut down some of its IT systems.

The hacker group threatened to publish information on the Internet if its demands were ignored. It was not clear how much BlackCat extorted.

Italian Foreign Minister Luigi Di Maio said today, September 2, that cyber attacks on Western European companies have become more frequent after “the start of Russia’s military operation in Ukraine.” The minister added that the attacks were part of a destabilization strategy, without specifying their source.

Researchers from Unit 42, the cybersecurity group Palo Alto Networks Inc., have linked BlackCat members to Russia, indicating that the group communicates with its members or affiliates in Russian and is known to operate on Russian cybercrime forums.

The BlackCat group, also known as ALPHV, hacks into the computers of its victims and uses malware to encrypt the files stored on them so that they cannot be accessed, according to Bloomberg.

In July, BlackCat hacked Luxembourg gas and energy supplier Creos Luxembourg and its parent company Encevo SA, and in February BlackCat-linked hackers infected the computers of Mabanaft GmbH and Oiltanking GmbH, the agency said. According to Brett Callow, an analyst at cybersecurity firm Emsisoft, the BlackCat group has ties to another ransomware group, DarkSide, which in 2021 hacked Colonial pipeline.

Read about attacks on the energy sector in the publication “Kommersant” “Pipelines stuck on loading”.

Maria Fedotova