一国家石油管道运营商遭勒索攻击：IT设施瘫痪多天 1TB数据疑泄露

Core Viewpoint - Romanian national oil pipeline operator Conpet has disclosed a cyber attack that has disrupted its IT infrastructure and taken its website offline for over a week, with recovery still ongoing. The ransomware group Qilin claims to have stolen nearly 1TB of internal data, but Conpet has not responded to this claim [1][2][6]. Company Summary - Conpet operates a pipeline network of nearly 4,000 kilometers, transporting domestic and imported crude oil and derivatives, including gasoline and liquid ethane, to refineries across Romania [1][6]. - The company reported that while its IT infrastructure was affected, its operational technology (SCADA systems and communication systems) remained unaffected, allowing core business operations to continue without interruption [6][8]. - Conpet is currently collaborating with national cybersecurity authorities to investigate the incident and restore affected systems [7][8]. Cybersecurity Incident Details - The cyber attack has led to the company’s website being temporarily inaccessible, and Conpet has filed a criminal complaint with the Directorate for Investigating Organized Crime and Terrorism (DIICOT) [8]. - Qilin, the ransomware group responsible for the attack, has claimed to have stolen nearly 1TB of files, including financial information and passport scans, as evidence of the breach [2][9]. - Qilin has been active since August 2022 and has claimed responsibility for attacks on nearly 400 victims over the past four years, including notable companies and institutions [2][9]. Industry Context - Prior to this incident, Romania has faced a series of ransomware attacks, including incidents involving the national water authority and the largest coal energy producer in the country [5][11]. - The cybersecurity landscape in Romania appears to be increasingly severe, with multiple sectors, including healthcare and energy, experiencing significant breaches [5][11].