Energy group ERG reports minor disruptions after ransomware attack By Sergiu Gatlan Published: 2021-08-04 · Archived: 2026-04-05 17:39:24 UTC Image: RawFilm Italian energy company ERG reports "only a few minor disruptions" affecting its information and communications technology (ICT) infrastructure following a ransomware attack on its systems. While the Italian renewable energy group only reffered to the incident as a hacker attack, La Repubblica reported that the attack was coordinated by the LockBit 2.0 ransomware group. https://www.bleepingcomputer.com/news/security/energy-group-erg-reports-minor-disruptions-after-ransomware-attack/ Page 1 of 4 0:00 https://www.bleepingcomputer.com/news/security/energy-group-erg-reports-minor-disruptions-after-ransomware-attack/ Page 2 of 4 Visit Advertiser websiteGO TO PAGE The LockBit ransomware gang started operating in September 2019 and announced the launch of the LockBit 2.0 ransomware-as-a-service in June 2021. No downtime after attack "Concerning the recent rumours in the media on hacker attacks on institutions and companies, ERG reports that it has experienced only a few minor disruptions to its ICT infrastructure, which are currently being overcome, also thanks to the prompt deployment of its internal cybersecurity procedures," the company said today. "The company confirms that all its plants are operating smoothly and have not experienced any downtime, thus ensuring continuous business operations." ERG is the leading Italian wind power operator and among the top ten onshore operators on the European market, with a growing presence in France, Germany, Poland, Romania, Bulgaria, and the United Kingdom. The group operates in the wind energy, hydroelectric energy, solar energy, and high-yield thermoelectric cogeneration energy sectors. On Monday, Enel, Europe's largest utility company, agreed to buy ERG's hydroelectric power asset portfolio as part of a €1 billion ($1.18 billion) deal. An ERG spokesperson was not available for comment when contacted by BleepingComputer earlier today. Lazio ransomware attack In related news, the Italian Lazio region has suffered a likely RansomEXX ransomware attack that has disabled the region's IT systems, including the Salute Lazio health portal used for COVID-19 vaccine registration. "On the night between Saturday and Sunday the Regione Lazio suffered a first cyber attack of criminal matrix. We don't know who is responsible and their goals," Nicola Zingaretti, the President of the Lazio region, said in a statement. "The systems are all disabled including all of the Salute Lazio portal and the vaccine network. All defense and verification operations are under way to avoid the misappropriation. Vaccination operations may experience delays," the region said in a statement. The RansomEXX gang, the main suspect behind the Lazio attack, started operating as Defray in 2018 but, in June 2020, it rebranded as RansomEXX and started to focus on targeting large corporate organizations. Once RansomEXX threat actors gain access to a victim's network, they spread laterally through the network while stealing sensitive documents to be used as extortion leverage. https://www.bleepingcomputer.com/news/security/energy-group-erg-reports-minor-disruptions-after-ransomware-attack/ Page 3 of 4 Automated Pentesting Covers Only 1 of 6 Surfaces. Automated pentesting proves the path exists. BAS proves whether your controls stop it. Most teams run one without the other. This whitepaper maps six validation surfaces, shows where coverage ends, and provides practitioners with three diagnostic questions for any tool evaluation. Source: https://www.bleepingcomputer.com/news/security/energy-group-erg-reports-minor-disruptions-after-ransomware-attack/ https://www.bleepingcomputer.com/news/security/energy-group-erg-reports-minor-disruptions-after-ransomware-attack/ Page 4 of 4