Greek Gas Transmission Operator Targeted by Ransomware

Ragnar Locker ransomware operators have published a small data dump stolen from Desfa, the Greek state-owned company that exclusively operates the national gas transmission system. Desfa is responsible for the development and operation of Greece’s natural gas transportation and distribution networks.

Last weekend, Desfa reported that it had suffered a cyberattack affecting the availability of certain systems and resulting in a data leak. Company representatives stated that some IT services had to be temporarily deactivated to contain the incident, but operations are now returning to normal.

“We managed to ensure and continue the safe and reliable operation of the National Natural Gas System (NNGS). The management of NNGS continues to run smoothly, and Desfa continues to supply natural gas to all entry and exit points in the country in a safe and proper manner,” the company assured.

Ragnar Locker Claims Responsibility

The Ragnar Locker ransomware group has claimed responsibility for the attack. On their Tor site, the hackers announced that they had breached Desfa and stolen confidential corporate data. According to the hackers, they contacted the company to report a “serious vulnerability” that led to the breach but received no response.

This lack of response is not surprising, as Desfa’s official statement emphasized: “Desfa remains firm in its position not to negotiate with cybercriminals.”

After receiving no reply, Ragnar Locker operators began publishing the stolen data. They have already posted a list of the stolen files and a small set of documents, which, according to media reports, do not contain any sensitive information.

The attackers continue to threaten Desfa, promising to release all the stolen data publicly if the company keeps ignoring them.