Unprecedented attack on an Italian institutional site. And not a secondary site, given that it is the portal of the Lazio Region which manages the booking of vaccines and above all holds millions of precious data on vaccinated citizens and Green passes. The hacker attack would have started from Germany (but it is suspected that the No Vax movement is behind it) and a ransom was asked to stop the act of computer piracy, to be paid in Bitcoin. "It was a planned and coordinated operation, and I fear that it will still take days before the problem is solved", explains the regional councilor Alessio D'Amato, who however reassures: "For now, user data on vaccinations are safe ”.
The biggest concern, however, is linked precisely to privacy: the electronic brain of the Region manages i sensitive data of 5,8 million people, including those of the ruling class who got vaccinated in Rome, from the Head of State Sergio Mattarella to Prime Minister Mario Draghi. Here because Now, national security is at risk. The attack was launched at dawn on Sunday 1 August and brought the platform that manages vaccinations to its knees and which was the first to reach the 70 percent milestone just yesterday. A cybernetic nightmare but with very real consequences: from booking vaccines - at least 10 thousand a day - to registering the administrations that have taken place, with risks for the release of the new Green Passes. However, it will take a long time and many analyzes to make a definitive balance of the damages. Security experts do not rule out that the hackers had been inside the system for days but silent.
They may have been waiting for the right moment to trigger the ransomware. The Ced, the big brain of the Region, has been deactivated for security reasons. The virus is one of the most ferocious ransomware, the Cryptolocker, and was "injected" by hackers who stole the login credentials of a Lazio Crea profile, the company that created the Lazio Region system. The Cryptolocker in a few moments took possession of the computers, cracking the most sensitive users, including that of the regional health councilor Alessio D'Amato. The consequences quickly spilled over into the real world: from morning long queues have formed in front of the main hubs, such as the Eur Cloud. What was done up to the day before with a click, yesterday was done with pen and paper, transcription by hand the data of tens of thousands of vaccinations on paper folders.
Data which then, assures the Lazio Region, will be transferred to the national vaccination registry, in order to avoid delays in issuing Green Passes (which usually takes about 24-48 hours after vaccination). “Since tonight – the president of the Region Nicola Zingaretti wrote on Facebook – a very heavy hacker attack has been underway against LazioCrea computer systems that manage vaccine reservations. A very serious fact, it blocks a fundamental service. We apologize to the citizens for the inevitable inefficiencies. We have reported the attack to the authorities and I thank all the employees who have been working since last night to defend the plant and to return to normalcy. Despite this, however, we have reached 70% of the adult population in Lazio vaccinated ".
