Major European energy company giant Enel Group was a target of a recent ransomware attack that impacted its internal network.
The Enel Group is an Italian energy company active in the electricity generation and distribution sectors, as well as distribution of natural gas.
The ransomware attack disrupted the Enel Group internal network last Sunday night before the company’s anti-virus discovered the ransomware and prevented it from spreading further.
According to a Bleeping Computer blog post, the attack involved EKANS (also known as “Snake”) ransomware.
The good news is Enel was able to contain the ransomware quickly by isolating the corporate network and “carry out all interventions aimed at eliminating any residual risk.”
In addition, the company said they were able to safely restore all network connectivity by early Monday morning.
The company also shared with Bleeping Computer the following statement on the incident:
“The Enel Group informs that on Sunday evening there was a disruption on its internal IT network, following the detection, by the antivirus system, of a ransomware. As a precaution, the Company temporarily isolated its corporate network in order to carry out all interventions aimed at eliminating any residual risk. The connections were restored safely on Monday early morning.Enel informs that no critical issues have occurred concerning the remote control systems of its distribution assets and power plants, and that customer data have not been exposed to third parties. Temporary disruptions to customer care activities could have occurred for a limited time caused by the temporary blockage of the internal IT network.” – Enel spokespersonBleeping Computer
It was also noted that Honda was a victim of the same Snake ransomware actors this past week. A Honda representative confirmed with Bleeping Computer that there was “an issue with its IT network” and the issue was under further investigation to understand the root cause.
Additional Snake ransomware attacks
Readers may also remember a large Snake ransomware campaign had targeted healthcare companies worldwide just last month. One of the victims included Fresenius, Europe’s largest private hospital operator and leading healthcare company based out of Germany.
In addition, security firm Dragos reported in February that cybercriminals launched Ekans ransomware attacks against industrial control systems (ICS).
At that time, Ekans sported new features designed to stop critical processes related to ICS operations.