The Limited Times

Massive attack by Russian hackers on the Public Administration, ransom demanded - News

12/18/2023, 5:40:33 PM

Highlights: Massive attack by Russian hackers on the Public Administration, ransom demanded. Among the products still blocked are payroll reporting systems (ANSA). The Russian hacker group Lockbit has claimed responsibility for the ransomware attack that in the last ten days has affected public administrations in Italy that use Westpole's services. For a good half of the services, the recovery procedure through backups has been initiated; the other half may be difficult to recover. It may therefore be necessary to redo the accounts with regard to salaries, which could cause the payment to be postponed from December to January.

Among the products still blocked are payroll reporting systems (ANSA)

The Russian hacker group Lockbit has claimed responsibility for the ransomware attack that in the last ten days has affected public administrations in Italy that use Westpole's services. We learn this from informed sources. In the face of encrypted and inaccessible databases, cyber pirates would have received ransom requests in cryptocurrencies to the provider that hosts various services of Pa Digitale, a private company of the Buffetti group that provides services to 1,300 realities of the Italian public administration. Among the products provided and still blocked are payroll reporting and e-invoicing systems.

The cyber attack reached the series of servers (in jargon server farm - ed.) in Milan and Rome of Westpole, the development house whose cloud infrastructure is used by the company Pa Digitale. The IT offensive to Westpole's supply chain was announced on 8 December and has therefore reverberated on Pa Digitale, which provides digital management services (demographic, personal data, payment of salaries to municipal employees) to about 1,300 entities of the Italian Public Administration, including about 500 Municipalities, some Provinces, several Union of Municipalities and Mountain Communities and entities including the Agency for Digital Italy (Agid) and the Anti-Corruption Authority (Anac).

The company's infrastructure has been heavily compromised by the Lockbit ransomware, which is the most active group in this type of attack that has hit Italian targets. The hackers may have exploited already known vulnerabilities in the systems. For a good half of the services, the recovery procedure through backups has been initiated; the other half may be difficult to recover. It may therefore be necessary, for example, to redo the accounts with regard to salaries, which could cause the payment to be postponed from December to January in some cases.

The attack had been confirmed in recent days by the director of the Italian Cybersecurity Agency, Bruno Frattasi. ACN, he explained, "has taken action to analyze the magnitude of the impact and indicate how to recover data and to help Westpole restore its services as a practice of resilience. In fact, the Agency has two functions: one is to protect the surface, the second is to restart services". Both Westpole and Pa Digitale filed a complaint with the Postal Police and alerted the Data Protection Authority.

All rights reserved © Copyright ANSA

Similar news: