"BlackCat Ransomware Linked to Italy's Energy Services Firm Hack"

It has recently been discovered that the infamous hacking group BlackCat was linked to the recent attack on Italy's state-owned energy services firm GSE.  BlackCat stole a considerable amount of data from GSE, then threatened to publish if their demands were unmet.  BlackCat claimed to have downloaded 700GB of data from GSE, including information on projects, contracts, and accounting.  It also uploaded images of documents from the hack on dark web forums.  Claroty CRO Simon Chassar stated that as part of their digitalization processes, organizations continue to converge their IT and operational technology (OT) systems, ultimately expanding their attack surface.  Threat actors are then able to cause disruption to both cyber and operational resilience as malware moves laterally to other network domains.  Chassar noted that to combat this, he believes security teams must have full visibility across both their IT and OT systems as well as Extended IoT (XIoT) environment.  Further, he believes organizations should implement network segmentation with asset class network policies to restrict unnecessary connectivity, ultimately limiting the lateral movement of malware and the impact of such attacks. 

 

Infosecurity reports: "BlackCat Ransomware Linked to Italy's Energy Services Firm Hack"

Submitted by Anonymous on