Ragnar Locker Ransomware Attack on DESFA: A Strategic Energy-Related Company

DESFA, a strategic energy-related company operating in the Energy, Utilities & Waste sector, has been targeted by the Ragnar Locker ransomware group. The attack was confirmed by the company, which stated that it suffered a limited scope data breach and IT system outage following the cyberattack. DESFA is responsible for managing, exploiting, developing, and operating Greece's natural gas system.

The Ragnar Locker ransomware group claimed responsibility for the attack on DESFA's IT infrastructure, which resulted in the leakage of some directories and files. The company has been operating since 2019 and has been targeting critical industries, including the energy sector. The group uses a double extortion scheme and avoids being executed in countries where it is located.

DESFA has been recognized for its commitment to Corporate Social Responsibility (CSR) and has set priorities towards the development of its services towards a wide range of customers. The company also operates in compliance with the OHSAS 18001 model, certified by Moody’s InterTek, covering all the activities of the company.

The attack on DESFA comes at a time when the energy sector is facing increased concern about ransomware groups targeting the operational networks of critical infrastructure organizations across the world. Nearly 40% of all ransomware attacks on industrial organizations and infrastructure in the second quarter of 2022 took place in Europe.

DESFA has not responded to requests for comment on the attack and has not disclosed the root cause of the incident. The company has hired technical experts to help with the response and recovery process.

Sources

• Cybereason recognizes pattern of Ragnar Locker ransomware targeting energy sector
• Greek natural gas operator suffers ransomware-related data breach
• Greek gas operator refuses to negotiate with ransomware group after attack