Saturday, May 11, 2024

Vogon Today

Selected News from the Galaxy

StartMag

Lazio Region Database: Has a ransom been paid?

3 years ago babelfish

Lazio Region Database: Has a ransom been paid?

The latest news on the case of the cyber attack on the Lazio Region and how the regional database was recovered. Facts, questions and analysis

The hearing of the Lazio Region employee who owned the account pirated by the hackers who launched the massive attack on the Ced of the Entity lasted about three hours. The man was heard in the offices of the Frosinone Police Headquarters by the Postal Police as a person informed on the facts. The proceedings of the Public Prosecutor of Rome are still against unknown persons. The magistrates hypothesize a series of cases, all aggravated by the purpose of terrorism.

Yesterday afternoon the operators of the Lazio Region recovered the backup data that allow to reconstruct the regional database.

The president of the Lazio Region, Nicola Zingaretti, said: "The verification on a latest generation system where the backup was carried out, protected by hardware purchased thanks to the huge investments made by the Lazio Region and Laziocrea in recent years for the IT security ".

But what happened? Between July 31 and August 1, cyber criminals intercept an access gate in the car of a regional employee who works in smart working from Frosinone. At 10.40 pm from his PC they pass to another machine and neutralize it. “In this way they manage to infect 135 machines, obtaining the block of about 3,000 workstations”, writes the Corriere della Sera .

Last Wednesday the link that appears on the new screen communicates that the countdown for the payment of the ransom has been activated ( about 5 million euros ). The hackers would have launched a 72-hour ultimatum – deadline at 11pm on 6 August – at the conclusion of which it is not yet clear what could happen.

The prosecutor asks the FBI and Europol for help while the postal police continue to analyze the files that appeared following the encryption work.

Yesterday suddenly the situation is unlocked with the announcement by the regional leaders of the recovery of backup files, wrote the Corriere della Sera: "One wonders what happened in all this to the countdown for the payment of the ransom ? Is it unlocked? Or is it still there to signal that something still does not add up? The doubt is that something has happened, perhaps a secret and unmentionable negotiation, just like it happens in cases of hostage kidnapping ”.

To save the region database from the onslaught of digital pirates was a made in USA digital archive purchased by the Zingaretti junta in 2019, writes Repubblica : “It's called Vtl, an acronym for Virtual tape library, and it contained a backup updated to 30 July. An unexpected lifeline, surfaced in the early afternoon yesterday. On the same day that the FBI put the team that in May solved the crisis of the Colonial Pipeline , a gigantic pipeline serving the Northeast of the United States blocked by a cyber attack, to work on the encrypted files of Lazio. That case was solved by paying, by first contacting the criminals hidden on the dark web and negotiating to bring down the amount of the ransom: down from the initial 70 million dollars to 4.4 million ".

Meanwhile, politicians and analysts debate:

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/database-regione-lazio-e-stato-pagato-un-riscatto/ on Fri, 06 Aug 2021 13:28:40 +0000.