×

Irish Information Security Forum

Greek Natural Gas Supplier DESFA Hacked by Ragnar Locker

Source: DESFA

 

A group of cyberactors known as Ragnar Locker claimed responsibility for the recent cyber-attack against the National Gas System Operator (DESFA) in Greece.

 

defsa hacked ragnor lockerAnnouncement
20-Aug-2022, 06:00 PM

 




"DESFA suffered a cyberattack on part of its IT infrastructure by cybercriminals that have tried to gain illegal access to electronic data, with a confirmed impact on the availability of some systems and possible leakage of a number of directories and files.


We have managed to ensure and continue the operation of the National Natural Gas System (NNGS) in a safe and reliable way. The management of the NNGS continues to operate smoothly and DESFA continues to supply natural gas to all entry and exit points of the country safely and adequately.

We are investigating the root causes of the attack, and we have mobilized several technical experts to help us on this matter, as well as on the recovery of the systems back to normal operations, as soon as possible. To protect our customers and partners we proactively deactivated most of our IT services and we are now gradually recovering our IT systems back to normal operation.

We have already informed all the relevant authorities and organizations and continue to work closely with the Ministry of Digital Governance, the Hellenic Data Protection Authority, the Cyber Crime Unit of the Hellenic Police, the Hellenic National Defence General Staff as well as with the Ministry for the Environment and Energy and the Regulatory Authority for Energy, to resolve this and minimize any possible impact.

DESFA remains firm in its position not to negotiate with cybercriminals."   

 

DESFA is responsible for the operation, management, exploitation, and development of the National Natural Gas System and its interconnections. The statement indicated that IT services had been proactively deactivated to limit any potential contageon  and to provide time to investigate the incident while ensuring the adequate operation of the national gas supply system at all entry and exit points of the country without any complications.




 

ragnor locker ransomeware attack on desfa

Ragner Locker are a group of cyber actors who use a family of ransomware devised as a way of attacking compromised corporate networks and particularly targets machines operating on Windows. It came to prominence in late 2019 / early 2020 when it was used against large organisations, in an attempt to extort large amounts of cryptocurrency from its victims.

 

Cyber actors looking to deploy Ragnar Locker ransomware first compromise their target’s network, then attempt to crack weak passwords or employ stolen credentials purchased from the Dark Web. Throughout this process, the ransomware terminates critical programs which service providers use to manage and protect their clients’ important IT data.

 

Once in, the cyber actors inject software into the victim’s machine which grabs sensitive data and uploads it via a network connection to their servers. 

 

Cyber actors proceed to let victims know that their files will be released to the public if specified demands are not met. This dual-pronged approach to obtaining your valuable data on clients and partners is what’s known as a “double extortion” tactic.

 

 

IISF Logo

If you are interested in finding out more about the IISF, or would like to attend one of our Chapter Meetings as an invited guest, please contact the
IISF Secretary:

By email:
secretary@iisf.ie

By post:

David Cahill

Information Security

GPO, 1-117
D01 F5P2

Enhance your Cybersecurity knowledge and learn from those at the coalface of information Security in Ireland

 


Forum SPONSORS 

Invitations for Annual Sponsorship of IISF has now reopened.

Sponsorship of IISF Opportunity
(your logo & profile link here)

 

Sponsors are featured prominently throughout the IISF.IE website, social media channels as well as enjoying other benefits Read more

 

secured by edgescan digital security radar logo

© iiSf. All rights reserved. CRN: 3400036GH  - Privacy  - Sponsorship  - Cybersecurity News Index  - Cybersecurity Resources  - X  - Produced by
LinkedIn Twitter