May 03 — Last week, the Italian company known as Alto Calore Servizi SpA, which provides water for 125 different municipalities across two Italian provinces, experienced a ransomware attack that disrupted services.
The company manages 58 million cubic meters of water per year. After the recent incident, all IT systems were non-functional. As of this writing, they remain non-operational.
While the company did not respond to immediate inquiries regarding whether or not consumers were affected by the attack, it seems that water distribution has continued normally.
Water supplier ransomware attack
On Tuesday, the ransomware group called Medusa took credit for the incident. The group expressed that it had given the water company seven days to pay a ransom, and that it had added a set of special allowances and constraints for the group.
Namely, if Alto Calore Servizi SpA wanted an extra day ahead of making a ransom payment, they could buy time with $10,000. Alternatively, the company could pay $100,000 and Medusa would delete all obtained data. In theory.
According to Medusa, documents illicitly obtained included customer data, contracts, minutes from board meetings, reports, pipe distribution information, expansion documents and more.
Alto Calore Servizi SpA has not publicly announced whether or not it will pay the requested ransom or provide information about when technical systems will otherwise resume operations.
Attacks on water suppliers
Incidents in several countries have led to widespread concern about cyber attacks on drinking water suppliers. In 2022, a water supplier in England was severely damaged by a ransomware attack, jeopardizing water service for 1.7 million people. Suppliers across the United States have also contended with ransomware incidents.
U.S. law enforcement groups have reported that ransomware attackers harmed five U.S. water and wastewater treatment facilities across two years (from 2019 to 2021). The aforementioned figures do not include a series of more recent cyber attacks targeting water facilities.
One issue is that mandated or recommended cyber security improvements are costly for suppliers, who largely intend to pass the costs on to customers…
More on this story here. For more information about water system security, please see CyberTalk.org’s past coverage. Lastly, to receive more cutting-edge cyber security news, best practices and analyses, please sign up for the CyberTalk.org newsletter.