Threat actors breached the network of the Italian oil company ENI

Italian oil giant Eni was hit by a cyber attack, attackers compromised its computer networks, but the consequences appear to be minor.

Italian oil giant company Eni disclosed a security breach, threat actors gained access to its network, but according to the company the intrusion had minor consequences because it was quickly detected.

“The internal protection systems have detected unauthorized access to the corporate network in recent days,” a spokesperson for the company told Reuters in response to a query.

The company reported the incident to the Italian authorities which launched an investigation to determine the extend of the attack.

Bloomberg News first reported the news of the attack on Wednesday, speculating that Eni appeared to have been hit by a ransomware attack.

“Eni confirms that the internal protection systems have detected unauthorized access to the company network in recent days,” a company spokesman said, in response to a query from Bloomberg News.

Without technical details about the attack it is not possible at this time to determine how attackers breached the company, their motivation and attribute the intrusion to a specific threat actor.

People familiar with the situation said Eni appeared to be hit by a ransomware attack. Ransomware is a type of malware that locks computers and blocks access to files in lieu of a payment. It’s not clear who was responsible for the breach.

The Italian energy sector appears to be under attack, over the weekend, Italy’s energy agency Gestore dei Servizi Energetici SpA was hit by a cyber attack. GSE is the government agency that operates the Italian electricity market.

The website of the GSE is still down, and people familiar with the matter told Bloomberg that the company infrastructure was compromised with an impact on the agency’s operations.

A major risk of breaches of utilities and other critical infrastructure operators is that hacks of their IT systems can lead to disruptions of operational systems that provide electricity, water and other services to end users, even if the hackers never actually touch that sensitive equipment. Last year, Alpharetta, Georgia-based Colonial Pipeline Co. shut the largest fuel pipeline in the US after a ransomware attack crippled its IT systems, and in February, Hamburg, Germany-based oil trader Mabanaft said it was the victim of a cyberattack that disrupted the delivery of fuels across Germany.

Follow me on Twitter: @securityaffairs and Facebook

[adrotate banner=”9″]

[adrotate banner=”12″]

Pierluigi Paganini

(SecurityAffairs – hacking, ENI)

[adrotate banner=”5″]

[adrotate banner=”13″]

Pierluigi Paganini

Pierluigi Paganini is member of the ENISA (European Union Agency for Network and Information Security) Threat Landscape Stakeholder Group and Cyber G7 Group, he is also a Security Evangelist, Security Analyst and Freelance Writer. Editor-in-Chief at "Cyber Defense Magazine", Pierluigi is a cyber security expert with over 20 years experience in the field, he is Certified Ethical Hacker at EC Council in London. The passion for writing and a strong belief that security is founded on sharing and awareness led Pierluigi to find the security blog "Security Affairs" recently named a Top National Security Resource for US. Pierluigi is a member of the "The Hacker News" team and he is a writer for some major publications in the field such as Cyber War Zone, ICTTF, Infosec Island, Infosec Institute, The Hacker News Magazine and for many other Security magazines. Author of the Books "The Deep Dark Web" and “Digital Virtual Currency and Bitcoin”.