The cryptolocker ransomware: the hacker attack suffered by the Lazio Region

From the night between Saturday and Sunday, August 1st, a violent hacker attack is holding the IT heart of the Lazio Region under siege . Due to a computer virus, online reservations for the Covid-19 vaccine are temporarily suspended. Even if at the moment the regional councilor for health, Alessio D'Amato, is not unbalanced, the possible “no-vax” matrix of the attack would seem to be increasingly certain. The hackers, in fact, acted on the day when more than 70% of the Lazio population over 18 had completed the vaccination cycle .

The extent of the hacker attack on the CED of the Lazio Region

It is the first time in Italy that an institutional site has suffered a hacker attack of this magnitude. The Postal Police, together with the Rome Public Prosecutor's Office and the National Cybercrime Center for the Protection of Critical Infrastructures are working to try to understand who is behind this crime. Fortunately, at the moment the sensitive data of the approximately six million people that the CED of the Lazio Region manages would be safe. The CED also contains the personal data of the President of the Republic Sergio Mattarella and of the Prime Minister Mario Draghi, both vaccinated in Rome . Furthermore, it would also appear that no ransom note has yet been made

Anonymous mask. Lazio region hacker attack
The Dark Web could be behind the hacker attack that is holding the CED of the Lazio Region under siege.

Relatively little damage

Fortunately, there has so far been no interruption of previously booked vaccine administrations, although the possibility of reserving new ones is temporarily suspended. Furthermore, to avoid negative consequences on the generation of Green Passes , the Region has made it known that the data of already vaccinated people who were registered in the regional vaccination register will be temporarily moved to the national one. But what is most frightening is that almost the entire business of the Region was affected by the hacker attack. The institutional website, that of the regional council and the whole IT system are on a tailspin.

Lazio is the victim of a criminal offensive, the most serious ever to take place on our national territory .

Nicola Zingaretti, Governor of the Lazio Region

The President of the Region Nicola Zingaretti has labeled the attack "terrorist" .

A "Trojan Horse" to carry out the attack

The hacker attack to hit the CED of the Lazio Region is of the cryptolocker ransomware type, a technique used to block certain systems on the victim's computer with the aim of asking for a ransom ( ransom , in English). The virus that the hackers used to carry out the attack is a Trojan , the so-called "Trojan Horse" . It is a particular type of computer virus that is very malicious for the victim, which can be spread through e-mail messages or trial versions of software. This virus can install various types of software or collect information without the knowledge of the affected user.

The computer system of the Lazio Region is in check.

When the file infected by the Trojan is opened, a program is installed on the computer which begins to encrypt everything that it “encounters” on its way with a specially created key. Any folder, file or document opened by the victim becomes immediately inaccessible and can only be unlocked by the attacker. Very often the attack starts from within the computer system itself, as it would seem to have happened in this case too. From the latest news, in fact, it appears that the cyber pirates have cloned the access credentials of a system administrator of the CED of the Lazio Region to launch the hacker attack .

More and more hacker attacks around the world due to Covid

The growing use of the internet in the last year and a half due to the Covid-19 pandemic has had an impact – and not a little – on the increase in cyber attacks. According to the 2021 Clusit Report on cyber security, it is estimated that in 2020 the attacks increased by 29% compared to 2019. Furthermore, about half of these were of the same severity as the hacker attack suffered by the CED of the Lazio Region. Not only that, the sectors most affected are those of the Public Administration and Government (with 14%), Research and Education (with 11%) and Healthcare (with 12%). The use of ransomware in hacker attacks grew by 67% in 2020 compared to the previous year, making the cyber world increasingly vulnerable in this respect . According to the data provided by Check Point, in fact, in the world on average every ten seconds an organization is the victim of a ransomware attack.

The article The cryptolocker ransomware: the hacker attack suffered by the Lazio Region comes from Tech CuE | Close-up Engineering .