Italy has been the victim this Sunday of a massive hacker attack that affects its national computer systems. The Italian National Cybersecurity Agency (ACN) has reported that they have detected the incident through ransomware (a type of malware that prevents users from accessing their system or their personal files) that “is already circulating”, according to the ANSA agency.
ACN technicians have already inspected “several dozen national computer systems likely to have been compromised and alerted numerous subjects whose data is exposed.” “These are called to update their systems immediately,” the agency demands.
At the same time, remember that “the vulnerability that hackers exploit to distribute ransomware has already been fixed in the past by the vendor, but not everyone who uses the currently affected systems has fixed it.” Such operating system vulnerabilities allow hackers to carry out attacks that “encrypt affected systems and render them useless, forcing a ransom to be paid to decrypt them.”
Attacks on VMware ESXi servers have been reported over the weekend. Italy would not be the only country affected, according to the Italian news agency. France has also been the target of these attacks, probably the first. At the moment there are a few thousand servers with compromised information around the world affected, from European countries such as France -the most affected country- Finland and Italy, to Canada and the United States.
Ransomware is a type of malware that encrypts files on victims’ computers, making them unreadable and unusable without a decryption key that hackers provide only upon payment of a ransom. In order not to lose that data, pirates can ask for hundreds of thousands of euros. In the case of large organizations, companies or public bodies, the figures can be very high.
Telecom Italia customers also had internet problems on Sunday, but it is not certain that the two problems were related.
