Friday, April 26, 2024

Vogon Today

Selected News from the Galaxy

StartMag

I’ll explain the digital attack on Tor Vergata University

4 years ago babelfish

I'll explain the digital attack on Tor Vergata University

The article by Umberto Rapetto of Infosecnews

Those archives and electronic documents rendered useless by ransomware immediately made us think of an acrobatic incursion of computer pirates.

The fact, then, that in the virtual meat grinder there is finished information relating to research on Covid-19 has undoubtedly contributed to increasing the tension.

The technological disaster of the Second University of Rome Tor Vergata is not a good page in the news and certainly does not do honor to a university that holds masters in the field of cybersecurity and then finds itself sensationally smut.

WHAT IS RANSOMWARE

The malware that hit Tor Vergata falls into that type of malicious instructions which – once installed – proceed to encrypt all files, making them no longer usable except by those who know the cryptographic key to get them back to normal.

The word "ransom" translates into "ransom" and was chosen as a prefix precisely because the criminal who prepares it demands payment of a certain sum to deliver the alphanumeric combination that (like a modern "Open Sesame") allow “Open” archives and documents otherwise illegible.

The payment of the claimed money (usually in bitcoin) does not always lead to obtaining the keys to decrypt the fraudulently encrypted information assets and not infrequently the amount paid ends up in the pockets of organized crime or terrorist gangs.

HOW YOU GET HIT

This kind of misadventure can befall anyone, single individual or large company or public body.

Normally the trouble starts with an e-mail message that one of the internal recipients opens without undue attention. Often it is an email that seems to deliver an invoice, a provision of some authority or a payment order. An unfortunate click on the attached file (apparently a "pdf") or on the link shown in the body of the text is equivalent to lighting a fuse and the subsequent explosion of a bomb.

In this specific case, the infected program that runs begins to encrypt the files on the computer of the uninformed user, then continues on the external disks connected to the workstation and on those present in the local network to which it is connected, up to the available resources in the cloud …

WHAT HAPPENED IN TOR VERGATA

Only forensic analysis will be able to establish the actual nature of this small apocalypse and the damage count will allow us to quantify the expense to be incurred for the restoration (where possible) of the damaged files.

Difficult to know if it was a trivial email or the intrusion of an attacker. The latter, in any case, must have somewhere managed to obtain the access credentials to the systems (account and password) and even this theft could have occurred with a phishing operation that began with the usual unmissable rascal message arrived in e-mail .

COVID RESEARCH IS ALSO AT RISK?

The ransomware may also have damaged files related to coronavirus research and analysis. The most serious problem could arise if – before the data was encrypted – the criminals gave rise to an "exfiltration", or if they unduly took away files, files and dossiers in electronic format. In that case, the injured parties are also all the subjects whose information – obviously confidential by nature and not intended for disclosure – has been stolen and ended up who knows where.

Article published on infosec.news

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/attacco-hacker-universita-tor-vergata/ on Sat, 12 Sep 2020 05:00:07 +0000.