Greece’s largest natural gas distributor DESFA suffered ransomware-related data breach

DESFA, Greece’s largest gas distributor, was targeted by a ransomware attack. This attack was confirmed to be made by Ragnar Locker – a ransomware operation, familiar to the FBI for their previous intrusions. This attack comes at a vulnerable time for European gas suppliers after being cut from Russian gas, and the situation is believed to worsen if a similar attack is repeated in this region.

Greece’s largest natural gas distributor (DESFA) suffered a limited scope data breach and IT system outage, followed by a cyberattack this Saturday.

DESFA shared in a public statement that hackers tried to infiltrate its network but were faced with a quick response from their IT team. Nevertheless, the attack possibly caused the leakage of some files and data and a network intrusion was definitely made, although limited. DESFA is working on returning to normal operations and is ensuring the customers this incident would not impact the gas supplies.

The attack was confirmed on Friday by the Ragnar Locker ransomware operation, a threat actor. It is said in a recent FBI report that Ragnar Locker has made 52 intrusions in critical US infrastructure entities since January this year.

This ransomware actor is threatening to publish all files that would victimise DESFA if they do not answer their demands. The timeline of this attack is tough for European gas suppliers after being cut from Russia’s natural gas.

The upcoming period is believed to be full of shortages, power cuts, and growing energy prices, leaving everyone involved even more vulnerable to ransomware attacks on gas distributors.