Everest Ransomware Group Targets CO-VER Power Technology S.p.A.

The Everest ransomware group has claimed responsibility for a cyberattack on CO-VER Power Technology S.p.A., an Italian company specializing in energy efficiency solutions. This attack highlights the vulnerabilities faced by companies in the energy sector, particularly those with a focus on innovative energy management solutions.

About CO-VER Power Technology S.p.A.

CO-VER Power Technology S.p.A. is a small enterprise based in Verbania, Italy, employing between 5 to 9 people. The company generates an estimated annual revenue ranging from €1 million to €5 million. CO-VER is known for its expertise in designing and managing cogeneration and trigeneration plants, which are crucial for producing combined electrical, thermal, and cooling energy. Their standout project, a High Efficiency Trigeneration Plant in Novara, has been operational since 2007, showcasing their commitment to energy efficiency and sustainability.

Details of the Ransomware Attack

The Everest group claims to have infiltrated CO-VER's systems, exfiltrating approximately 800 GB of sensitive data, including financial records, client and supplier information, and contracts. The group has set a ransom deadline, threatening to release the stolen data if their demands are not met. As proof of their breach, they have leaked non-disclosure agreements. This attack underscores the risks faced by companies with valuable intellectual property and sensitive client data.

Profile of the Everest Ransomware Group

Active since December 2020, the Everest ransomware group is known for its double extortion tactics, encrypting data while threatening to leak sensitive information. Recently, the group has shifted its focus towards selling access to compromised networks. Their operations have increasingly targeted sectors like healthcare and aerospace, but the attack on CO-VER indicates a broader interest in the energy sector. The group likely penetrated CO-VER's systems through sophisticated techniques such as lateral movement and credential access, exploiting potential vulnerabilities in network security.

Implications for the Energy Sector

This attack on CO-VER Power Technology highlights the growing threat of ransomware to the energy sector. Companies like CO-VER, which rely on advanced technologies and handle sensitive data, must remain vigilant against cyber threats. The incident serves as a reminder of the importance of comprehensive cybersecurity measures to protect against increasingly sophisticated ransomware groups like Everest.

Sources

• https://www.ransomware.live/id/Q08tVkVSIFBvd2VyIFRlY2hub2xvZ3kgU3BBQGV2ZXJlc3Q=