DESFA (National Natural Gas System Operator) is a state-owned company, an exclusive operator of the Greek national gas transmission system, responsible for its development and operation. It was founded in 2005 by the Greek government as a subsidiary of DEPA Corporation.
History
2022: System operator attacked by ransomware virus
At the end of August 2022, it became known that the operator of the Greek national gas transmission system DESFA was attacked by a ransomware virus. The company's IT systems were turned off. The operator operates both the natural gas transportation system in the country and the gas distribution networks.
On August 20-21, 2022, DESFA reported that a cyber attack led to a limited data breach and a malfunction of the IT system. According to a public statement made by the natural gas distributor, the threat actors tried to hack into its internal system, but the operational actions of the IT team stopped them. Although the network hack was short-lived, the attackers managed to gain access and possibly leak some documents and private data.
In order to protect the information of its customers, DESFA has closed most of its online services. Nevertheless, as IT professionals try to carefully restore deactivated services, they will gradually resume regular work. The gas distribution company tells its customers that there will be no consequences for the gas supply as a result of the cyber attack, and that all entry and exit points are operating at full capacity.
According to DESFA, the organization notified the Police Cybercrime Division, the National Data Protection Directorate, the Department of National Defense and the Department of Energy and Environment to help resolve the situation as quickly as possible. Buyout negotiations are out of the question, as the company has made clear it will never communicate with hackers.
The attack was confirmed after a data breach on the Ragnar Locker gang's ransomware distribution website. ON While their attack volume has declined since 2020 compared to previous years, Ragnar Locker continues to operate in 2022. According to the Federal Bureau of Investigation FBI , USA at least 52 businesses from various critical infrastructure sectors in the United States have been infected by the Ragnar Locker group with various kinds of ransomware viruses since January 2022.
The attackers published on their website a list of allegedly stolen information, as well as a small collection of stolen documents, which, apparently, do not contain any confidential data. In addition, the ransomware group claims to have discovered numerous flaws in DESFA's security system and notified the gas company about it, likely as part of its extortion scheme. In the event that the affected company does not comply with their requirements, cybercriminals threaten to make public all files associated with the file tree.[1]
Notes
| The site content is translated by machine translation software powered by PROMT. The machine-translated articles are not always perfect and may contain errors in vocabulary, syntax or grammar. Read original article If you find inaccuracies or errors in the results of machine translation, please write to editor@tadviser.ru. We will make every effort to correct them as soon as possible. |