Greece's national gas system operator DESFA has revealed it was hit by a cyberattack, which affected part of its IT infrastructure and resulted in a “confirmed impact on the availability of certain systems and the possible leakage of a number of files and data.”
DESFA owns and manages natural gas distribution networks in Greece.
The company said in a statement the incident had not impacted its operations and natural gas supply.
“We are investigating the root causes of the attack, and we have mobilized several technical experts to help us on this matter, as well as on the recovery of the systems back to normal operations, as soon as possible. To protect our customers and partners we proactively deactivated most of our IT services and we are now gradually recovering our IT systems back to normal operation,” the operator said, adding that it informed relevant authorities of the hack.
According to the tech news site BleepingComputer, the Ragnar Locker ransomware operation appears to be behind the intrusion. The ransomware gang published a list of data allegedly stolen from DESFA on their dark web leak site and threatened to leak the files if the company doesn’t respond to their demands.
It’s not clear what ransom amount the hackers are demanding, but there’s a question whether they get anything, as DESFA said it “remains firm in its position not to negotiate with cybercriminals.”