La San Carlo, a leading Italian company in the production of potato chips, was hit by a ransomware-type hacker attack. From what AGI learns, the company would receive a ransom request after being hit by a cryptolocker type ransomware, that is, of the same type as the one that hit the Lazio Region in August, and at least similar in purpose to the one that hit the Lazio Region. Siae last week.
The company, some sources close to the story explain, would still be in possession of system backups. Also for this reason, it is explained, San Carlo is not willing to pay any ransom to the attackers. The group of cybercriminals is called the Conti group, quite active in this particular type of attack, and has already claimed the action on its website on the dark web.
On the attack, which would have taken place last Friday, the Milan prosecutor’s office and the postal police are investigating. Only yesterday evening the group of attackers, Conti group, claimed responsibility for the attack on its dark web site. The amount of the ransom requested from the company is not known, but as often happens in these cases it would have been requested in cryptocurrencies.
The ‘sample’ published on the dark web
Identity documents, passports, purchasing budgets, contracts. These would be the documents evacuated from the San Carlo databases. Some of these documents have been made clear by the hacker group Conte on their website, but most of them can only be seen the name of the files or that of the folders.
The ‘sample’ put online on the dark web concerns 58.66 megabytes of data, presumably a small part of the fugitive data, and was shared on Twitter by several accounts including that of Claudio Sono. In the claim published yesterday by the group, there are also company data such as turnover and number of employees. In these hours San Carlo has made it known that he is at work to quantify the damage caused by the attack.
Expert: San Carlo perfect target for hacke
“The nth ransomware attack involving the San Carlo food group demonstrates the persistence of criminal gangs towards Italy. The group employs hundreds of workers and millions of euros in sales. Like all large groups it is a perfect target for cybercrime “. So at AGI Marco Ramilli, founder and CEO of Yoroi and international cybersecurity expert.
“Yoroi analyzed 80 large Italian companies in the food, fashion and automobile sectors and found that 50% are at risk of ransomware due to Internet exposures of their systems, software security holes and related data stolen from control. of interested parties (Dataleakage) “, he added.
San Carlo’s answer
A note from the company explains that the technicians “have found an intrusion in our IT systems. All the security procedures have been immediately activated to isolate and contain the threat. At the moment some IT services are only partially functional, but the operation ‘of the Group is in any case guaranteed, from the production, to the distribution, to the sale of our products “.
“The company has already – finally – informed the competent authorities (Privacy Guarantor and Postal Police) and is proceeding to analyze the data that may have been damaged or stolen, also proceeding to inform the people who may have been affected “.