Multinational energy company Enel Group has been hit by Netwalker ransomware operators that are asking a $14 million ransom.

Systems at the multinational energy company Enel Group has been infected with Netwalker ransomware, it is the second ransomware attack suffered by the energy giant this year. Netwalker ransomware operators are asking a $14 million ransom for the decryption key, the hackers claim to have stolen several terabytes from the company and threaten to leak them if the ransom will be not paid.

Enel S.p.A., or the Enel Group, is an Italian multinational energy company that is active in the sectors of electricity generation and distribution, as well as in the distribution of natural gas.

The company has more than 61 million customers in 40 countries, it ranks 87 in Fortune Global 500, with $90 billion in revenues in 2019.

In June, Enel was hit by Snake ransomware, but the attack was quickly contained and the malware was not able to spread within its network.

The news of a possible ransomware attack against Enel Group was reported to BleepingComputer by a researcher on October 19.

The researcher shared with BleepingComputer a Netwalker ransom note that appeared to be used in the attack on Enel Group.

Source Bleeping ComputerBleepingComputer attempted to notify Enel Group last week without success. A few days later, Netwalker announced the leak of the company data through their support chat.

Enel never replied to the message of the ransomware operators, for this reason, the attackers started leaking a portion of the stolen data as proof of the data breach.

The operators are asking $14 million worth of Bitcoin (roughly 1234.02380000 BTC).

Source Bleeping ComputerToday, the Netwalker ransomware operators added Enel Group to their data leak site and some screenshots of unencrypted files stolen from the company.

The Italian cyber security firm TG soft publicly shared the news of the attack in a tweet:

2020-10-27 #Enel colpita di nuovo da #ransomware.Questa volta è #NetWalker a colpire @EnelGroupIT a rubare 5 TB di dati.A giugno era stata colpita da #Snake@AgidCert @guelfoweb @csirt_it @arturodicorinto @JAMESWT_MHT @58_158_177_102 @BleepinComputer pic.twitter.com/0WR89iqGfG— TG Soft (@VirITeXplorer) October 27, 2020The hackers stole about 5 terabytes of documents from the company and announced that they will “analyze every file for interesting things” and publish it on their leak site.

At the time of publishing this post, the company have yet to confirm the incident, let’s remember that the company conduct will have to be in compliance with the current EU privacy legislation GDPR.

window._mNHandle = window._mNHandle || {};
window._mNHandle.queue = window._mNHandle.queue || [];
medianet_versionId = “3121199”;

try {
window._mNHandle.queue.push(function () {
window._mNDetails.loadTag(“762221962”, “300×250”, “762221962”);
});
}
catch (error) {}

Pierluigi Paganini

(SecurityAffairs – hacking, ENEL Group)

The post Enel Group suffered the second ransomware attack this year appeared first on Security Affairs.