06 June 2022

Arrivederci Palermo! ...Ciao Bello?

Intro: Bleeping Computer has reached out to the company that responded to the incident and currently performs the IT services restoration, SISPI, and we will update this post as soon as we receive a response.

Italian city of Palermo shuts down all systems to fend off cyberattack

The municipality of Palermo in Southern Italy suffered a cyberattack on Friday, which appears to have had a massive impact on a broad range of operations and services to both citizens and visiting tourists.

Palermo is home to about 1.3 million people, the fifth most populous city in Italy. The area is visited by another 2.3 million tourists every year.

Although local IT experts have been trying to restore the systems for the past three days, all services, public websites, and online portals remain offline.

According to multiple local media outlets, the impacted systems include the public video surveillance management, the municipal police operations center, and all of the municipality’s services.

It’s impossible to communicate or request any service that relies on digital systems, and all citizens have to use obsolete fax machines to reach public offices. . .

Ransomware or DDoS?

Italy recently received threats from the Killnet group, a pro-Russian hacktivist who attacks countries that support Ukraine with resource-depleting cyberattacks known as DDoS (distributed denial of service).

While some were quick to point the finger at Killnet, the cyberattack on Palermo bears the signs of a ransomware attack rather than a DDoS.

The councilor for innovation in the municipality of Palermo, Paolo Petralia Camassa, has stated that all systems were cautiously shut down and isolated from the network while he also warned that the outage might last for a while.

This is a typical response to a ransomware attack, with networks being taken offline to prevent the malware from spreading to more computers and encrypting files.

If this cyberattack turns out to be ransomware, the gang responsible for it might have managed to steal data to conduct double-extortion, which commonly accompanies these attacks.

In that case, Palermo could face the prospect of a severe data breach affecting a large number of individuals and potentially also incurring fines for GDPR violations. . ."

RELATED:

Russian hacktivists launch DDoS attacks on Romanian govt sites

Killnet's announcement on Telegram
Killnet's announcement

The same group has previously launched DDoS attacks against sites in the U.S., Czech, Estonian, German, and Polish sites, all for similar political reasons, requesting to stop the supply of military weapons and equipment to Ukraine.

Related Articles:

Costa Rica declares national emergency after Conti ransomware attacks

New Black Basta ransomware springs into action with a dozen breaches

American Dental Association hit by new Black Basta ransomware

Wind turbine firm Nordex hit by Conti ransomware attack

Hackers use Conti's leaked ransomware to attack Russian companies 

 

No comments:

Ultra Large Containerships Coming to America as China Opens a $1.3 Billi...

  PUTTING UP BARRIERS OPENS DOORS FOR CHINA