Alto Calore Servizi SpA, a government-run company that provides drinking water to nearly half a million people in southern Italy, suffered a ransomware attack that rendered all of its IT systems unusable.
The attack, which occurred on Friday, led the company to apologize for the outage and state that it would not be able to carry out any operations or provide information that requires querying the database. The Medusa ransomware group claimed responsibility for the attack on Tuesday and offered the company several options for retrieving the data it stole.
It demanded a ransom of $10,000 to extend the deadline or $100,000 to delete all the data.
The company’s systems are still down, but it appears that the distribution of water has not been affected by the attack. It is unclear whether customers have been impacted by the incident. The company has not responded to requests for comment about when systems may be restored or if a ransom would be paid.
The incident is the latest in a string of ransomware attacks on Italian public service organizations, including the country’s tax agency, energy agency, and two of its biggest energy companies.
Globally, concerns have been raised about attacks on water suppliers following a string of incidents in several countries. South Staffordshire Water, which supplies water for more than 1.7 million people in England, was severely damaged by a ransomware attack in August 2022, while several water suppliers across the U.S. have dealt with ransomware incidents.
In response, the U.S. Environmental Protection Agency passed new rules mandating cybersecurity assessments be included as part of state audits of public water systems.
However, the rules are now facing lawsuits from attorneys general in Iowa, Arkansas, and Missouri who claim that the cybersecurity improvements needed to pass the assessments would be too costly for suppliers, who plan to pass the costs on to customers.
