Here are the questions that no one asks about the cyber attack on the Lazio Region

3 August 20213 years ago babelfish

What is not said about the cyber attack on the Lazio Region. The comment by Umberto Rapetto, editorial director of Infosec.news

The vaccination management system ends Ko, reservations are blocked and all certification records are done by hand.

A ransomware has decimated the computer systems of the Region which until now had shone for efficiency and effectiveness and which now finds itself archives and applications unusable because the entire information assets have been fraudulently encrypted and made unreadable.

In a country where those who can't do anything pretend to be a cybersecurity expert and where at every street corner there is someone who reaches out to find a place in the newly legislated National Agency, we are witnessing the merciless spectacle of the Data Processing Center of the Lazio Region nailed like a butterfly in the collection that the cyber pirates flaunt to the girls to "tow".

The tragicomic nature of the situation leaves even the most hardened ill-thinkers stunned who are unable to find peace in the face of such a disaster.

While the investigative activities are in full swing that very unlikely will lead to any result, it would be nice to understand why such an incident occurred in a context that should be armored to protect the sensitive data of citizens and to guarantee the continuity of the provision of a service. essential.

The risk of hi-tech attacks is certainly nothing new. The problem of ransomware, then, is so topical that even the much-maligned "housewife of Voghera" would be able to explain what it is and – if asked – to dispense advice on the subject.

In the rampant climate of contemplation of the "cyber perimeter", or rather of the complex and articulated organizational machine to defend the IT systems that keep the so-called "critical infrastructures" alive, I believe it is legitimate to ask what technical and operational indications have been given by the Dis in front of clearly looming threats.

The Security Information Department, the top of Italian intelligence, is (and will be until the Cyber Agency comes into operation) the competent body to coordinate activities aimed at preventing unfortunate and embarrassing situations such as the one we are experiencing. . Public opinion would perhaps be interested in knowing the instructions given to prevent technological accidents of any kind and in particular those whose occurrence would have crippled the already limping fight against the pandemic.

Surely they will have suggested precautions and cautions and provided schematic procedures to deal with any emergency. The indisputable competence of those who drafted these recommendations leads one to ask what went wrong.

The heavy atmosphere of uncertainty also disturbs the quisque de populo. If there was the Agency, would it have happened anyway?

Before you get to crucify the IT managers and those of the security of the local authority (who, however, perform their respective functions not free of charge, or in spare time), think about the suitability of those who tomorrow will have to watch over national cybersecurity. Will it be the same characters who perhaps did not make themselves understood by the interlocutors of the Lazio Region or who did not budget for such a dramatic eventuality?

Someone – perhaps in the appropriate fora and, why not ?, in Parliament – let themselves be told why the much trumpeted ability to contrast these risks makes us find ourselves on our knees.

Article published on infosec.news

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/aggressione-cyber-alla-regione-lazio-ecco-le-domande-che-nessuno-fa/ on Tue, 03 Aug 2021 05:37:48 +0000.