under what condition (is processing for ECC about four times less CPU-intensive than for RSA) ?
That figure is likely for computing and once verifying a signature at an industry-standard security level, that is 256-bit ECC and 2048 or 3072-bit RSA (or almost equivalently, encrypting and decrypting once a small message, at such level). And that "about four times" figure is conservative: the actual ratio is often bigger (esp. for 3072-bit RSA).
That comparison would be very different, and much in favor of RSA, if verifying the signature was performed much more often than computing the signature†. That's because with common parameters, RSA is much faster (by a factor like 40, sometime much more) at signature verification (or encryption) than at signature generation (or decryption). That's one of the reasons RSA is still very much used to sign public key certificates, because the signature of these is made once, verified many times (another reason is that RSA was first, and now is entrenched when it comes to that functionality; yet another is that RSA is simpler, thus less likely to be wrongly implemented).
Also, don't modern CPU's have some sort of hardware acceleration for RSA?
Whatever acceleration (dedicated instruction‡ or co-processor*) they have for RSA most often also is usable for the dominant breeds of ECC: Elliptic Curve on prime field $\mathbb F_p$ (e.g. secp256r1 or secp256k1).
Does the above assume when the encryption is done purely on software, without using such hardware acceleration?
I can't tell; but it does not make so much of a difference on the ratio for RSA vs ECC. On servers, crypto tasks sometime are offloaded to an HSM, e.g. a dedicated PCIe card. Here is one which I'm told is hardware-accelerated. It's rated at 14400 signatures/s for ECC-256, 8600 signatures/s for RSA-2048, 2025 signatures/s for RSA-4096. This reasonably corroborates the factor of four in the source, at conjectured equivalent security level (which would be closer to RSA-3072 than RSA-2048).
† or if encryption was much more common than decryption, as could be the case for individually encrypted audit log entries that are seldom used.
‡ Taking the example of x86-64 CPUs, according to this source
In 2014, the ADX extension was implemented on the Broadwell microarchitecture. This extension consists of ADCX and ADOX instructions and together with MULX instruction implemented earlier are using in context of multi-precision arithmetic implementations. So, for example, till now the best OpenSSL* public key implementations are based on MULX with accompanied instructions ADCX and ADOX.
* For an example of a CPU with dedicated crypto accelerator, see this
