"Several Dozens of Compromised National Systems".
The one unleashed by hackers all over the world, including Italy, is a massive attack, the extent of which and, above all, the consequences of which are still to be clarified.
An attack that came to light on the day the Tim network went down leaving millions of users without internet and also causing disruptions to ATMs.
However, both the company and the postal police have ruled out that the problem is due to an attack by computer pirates.
But that it is a serious matter is confirmed by the summit convened by Palazzo Chigi to take stock of the damage caused and implement the appropriate countermeasures.
At the meeting there will be the undersecretary Alfredo Mantovano, the director of the Agency Roberto Baldoni and the director of Dis,
the Information and Security Department, Elisabetta Belloni.
Already in recent weeks, among other things, Prime Minister Giorgia Meloni had made a statement on the need to counter the vulnerability of computer systems in the CDM.
The alarm came in the afternoon from the National Cybersecurity Agency: the Computer security incident response team Italy - the body in charge of monitoring accidents and intervening in the event of attacks - discovered that the hackers have gone into action through "ransomware already in circulation" that has already "compromised" dozens of systems.
Not only that: the experts of the Agency led by Roberto Baldoni managed to alert various subjects - institutions,
public and private companies - whose systems are exposed and therefore vulnerable to attacks but "there are still some exposed systems, not compromised, of which it has not been possible to trace the owner".
It essentially means that dozens of companies don't even know they're under attack but should "immediately" update their systems.
"The attack - said the Minister of Enterprise and Made in Italy Adolfo Urso - strengthens our belief that it is important to guarantee the highest level of security on the web and in general on cyber".
that dozens of companies don't even know they are under attack but should "immediately" update their systems.
"The attack - said the Minister of Enterprise and Made in Italy Adolfo Urso - strengthens our belief that it is important to guarantee the highest level of security on the web and in general on cyber".
that dozens of companies don't even know they are under attack but should "immediately" update their systems.
"The attack - said the Minister of Enterprise and Made in Italy Adolfo Urso - strengthens our belief that it is important to guarantee the highest level of security on the web and in general on cyber".
ANSA agency
Tim, the down came back, it touched the data flow from abroad - Economy
'The company apologizes to customers for the inconvenience' (ANSA)
On Tim's network, on the other hand, an interconnection problem to the data flow on the international network had been detected since the early hours of the morning, which - the company explained - also generated an impact in Italy.
The problem was resolved during the same day, during which reports from users for internet and ATM disruptions followed, so much so that both the hashtag #timdown and the one on ATMs went on trend on Twitter.
Among the experts who deal with cybersecurity, however, the hypothesis has also circulated that a problem has occurred on the routers of Sparkle, Tim's company that manages, among other things, fiber optic cables, which could be connected to the attack.
A series of in-depth analyzes are still underway on this point.
L'
The attack identified by the Agency instead targeted the 'VMware ESXi' servers: the authors exploited a vulnerability that had already been identified and resolved in February 2021 by VMware, but - the experts explain - not everyone applied the correction indicated by the 'company and therefore were left with the 'hole' without a patch that was exploited in this wave of attacks to enter.
And the targeted servers, if lacking the appropriate fixes, "can open the doors to hackers busy exploiting it in these hours after the strong growth of attacks recorded over the weekend".
The first to notice the attack were the French, probably due to the large number of infections recorded on the systems of some providers in that country.
Subsequently the
wave of attacks has moved on to other countries including Italy.
At the moment there are a few thousand compromised servers all over the world, from France to Finland, from Canada to the United States up to Italy where, according to what has been ascertained so far, dozens of companies have already encountered malicious activity against them .
And the number, analysts say, is set to increase.
The exploitation of the vulnerability, explains the Agency, "allows in a subsequent phase to carry out ransomware attacks that encrypt the affected systems making them unusable until a ransom is paid for the decryption key".
Those who seem to leave behind instead the hacker attack suffered last February 2, launched by the 'Black Basta' ransomware group, is the
Roman energy company of Acea, which announced that it has restored the functionality of its IT systems.
The Group's websites and the online platforms for managing the commercial aspects of water, electricity and gas supplies are operational, as are the contact center services of the Group companies for customers, including Acea Ato 2, Areti and Acea Power.
