Home » Italian energy system hit by cyberattacks, as Russian threat looms
Technology and Security

Italian energy system hit by cyberattacks, as Russian threat looms

Energy cyberattack
The IT systems of energy major Eni and services operator GSE were breached a few days apart. The attacks mark an EU-wide trend and suggest Russian involvement, as the Kremlin could be targeting Europe’s energy infrastructure (including pipelines) as part of its hybrid war

Eni hit by cyberattack. The computer network of Italian energy major Eni was hacked, Bloomberg reports. According to a company representative, “internal protection systems have detected unauthorized access to the company network in recent days.”

  • While it’s still unclear who was behind the breach, sources told Bloomberg that it bore the hallmarks of a ransomware attack.
  • Eni is still evaluating the consequences, which it believes to be “minor” so far. More worryingly, however, this wasn’t an isolated instance.

Targeting the energy system. Between August 28 and 29, unknown cybercriminals breached GSE, the State-controlled energy services operator, overseeing (among other things) the storing and distribution of natural gas and renewable power.

  • In a note, GSE assured that its gas purchase and delivery services were unaffected, although it had to make its website and portals unavailable. Bloomberg sources report that servers were compromised, workers cannot access internal data (including emails), and some energy market functions carried out by GSE are still suspended.

Should we call it a trend? The two cyberattacks were carried out just days apart and targeted companies crucial for Italy’s energy infrastructure, one of the nation’s most strategically important sectors. As recently as this week, Undersecretary Franco Gabrielli was warning of the looming cyber threats facing Italy. And it’s not just Italy, either.

  • In its latest Threat Landscape report, ranging from April 2020 to July 2021, the EU’s cybersecurity agency (ENISA) reported 33 incidents concerning the bloc’s energy systems. And Cluster25, a cyber threat intelligence agency, noted these aggressions have been going on for years.
    • An especially destructive series of attacks, carried out by the Kremlin-linked Sandworm cybercriminal collective since 2015, repeatedly targeted the Ukrainian energy grid attempting to shut it down and hinder restoration.

Watch out: as Russia continues to wage its hybrid war against Italy and Europe – including through massive cyberattacks directed against the institutions – the EU’s interconnected energy systems are increasingly at risk.

  • “Hacker groups will very likely exploit [their] vulnerabilities and interdependencies with other infrastructure sectors,” warned the Cluster25 analysts, “to threaten European countries by conducting cyberattacks.”

Mind the pipelines. Threat actors could also target oil and gas ducts, “likely crippling the gas imports and energy supplies, which would raise prices, threatening the Italian economy and tax system” along with those of the rest of the EU.

  • Given Russia’s clear interest in eroding the EU’s energy security, hindering alternative supplies would be a highly effective strategy. TransMed and GreenStream, the Eni-operated pipelines linking Northern Africa to Europe (via Italy), are thus prime targets.
  • A cyberattack, noted the experts, would likely halt gas shipments, impacting energy, economic, and social security on both sides of the Mediterranean.

Cybersecurity emergency meeting. On Thursday, PM Mario Draghi convened all the key ministers in his government to discuss the threats facing Italy’s democracy (as outlined by Mr Gabrielli, who talked of Russia’s recent attempts to destabilise it). If these latest cyberattacks end up being Russia’s fault after all, the timing is far from casual.

Subscribe to our newsletter