The Italian multinational energy giant Enel Group has been hit with a ransomware attack for the second time this year. This time the company’s systems have been infected with the Netwalker ransomware with the attackers demanding a $14 million ransom for the decryption key.
The cybercriminals behind the Netwalker ransomware operation claim to have stolen nearly 5 terabytes data from the company and threaten to release the information on their leak site.
The news of a possible cyber-attack against Enel Group was first reported by Bleeping Computer that received a Netwalker ransom note from a researcher. The ransom note included a link showing data allegedly stolen from Enel Group.
Bleeping Computer said it contacted the company last week about the cyber-attack but received no response. A few days later, Netwalker announced the leak of the company data through their support chat. Apparently, Enel never contacted the ransomware operators and they decided to leak portion of the stolen data to force the company into paying the ransom, which is now $14 million (1234.02380000 BTC).
The Netwalker ransomware group added Enel Group to their data leak site and published screenshots of unencrypted files stolen from the company. They also announced they will “analyze every file for interesting things” and release it on their leak site.
In early June, Enel's internal network was hit by the Snake (EKANS) ransomware, but the attempt was thwarted before the malware could spread.