"Ransomware Gang Leaks Data Allegedly Stolen From Greek Gas Supplier"

It has recently been discovered that the cybergang behind the Ragnar Locker ransomware has published more than 360 gigabytes of data allegedly stolen from Greece’s largest natural gas supplier Desfa.  Established in 2007 as a subsidiary of Depa (Public Gas Corporation of Greece), Desfa operates both the country’s natural gas transmission system and its gas distribution networks.  After the attack, Desfa stated that it had proactively deactivated IT services to contain the incident but that it is gradually restoring them to normal operations.  The company managed to ensure and continue the operation of the National Natural Gas System (NNGS) in a safe and reliable way.   After not hearing back from Desfa, Ragnar Locker’s operators on Tuesday decided to publish the data supposedly stolen from the gas system operator on their Tor website while also attempting to shame the company.  In March, the FBI warned that Ragnar Locker had compromised at least 52 entities across 10 critical infrastructure sectors and that the cybergang was changing obfuscation techniques frequently to avoid detection and prevention.  It is currently unclear how the cybercriminals managed to compromise Desfa.  However, the cybergang was previously observed targeting Remote Desktop Protocol (RDP) connections for intrusion and then deploying a custom virtual machine to perform malicious activities unhindered.

SecurityWeek reports: "Ransomware Gang Leaks Data Allegedly Stolen From Greek Gas Supplier"