Lazio Region, Lazio Crea and the papocchio on the backup
Hacker attack on the Lazio Region, even the backups (the backup copy) are encrypted. All the details
Reservations for the vaccine in Lazio are still blocked due to the hacker attack (in progress) that hit the computer systems of the Region on Sunday.
Since 1 August they are in progress on the computer network of the Lazio Region, the last occurred during the night. The hacker knocked out the Region's website, that of the Regional Council and the booking portal for vaccines against Covid-19, managed by Lazio Crea.
Lazio Crea confirms that the regional health data are safe, have not been violated and captured, as well as the financial data and balance sheet database.
"There is a risk, however, that if the ransom requested by the cybercriminals is not paid, the encrypted data will be lost forever" he pointed out already on 2 August Tomorrow .
The situation at the moment seems to have no way out, given that there is no backup system to rely on. “The data backup has also been encrypted, and that's the worst thing. The data have not been violated but have been immobilized ”explained the councilor for health of Lazio, Alessio D'Amato, interviewed by Italian.Tech di Repubblica .
Encrypted means that the content is not readable unless you have the key to decrypt it (presumably at the moment only in the hands of hackers). So not being able to read the content, it is not possible to do a reset.
Yet Lazio Crea in its 2020 budget report communicated that it had fulfilled the management of data centers. Both the provision of application services intended for regional users and citizens of the Lazio Region and the common infrastructure services, such as data protection with the appropriate backup operations planned for the systems, depend on these.
Meanwhile, technicians are exporting health services data to the cloud to create a new parallel computer system.
HACKER ATTACK TO LAZIO REGION, BACKUP ENCRYPTED
The analysts have ascertained that there are no other backups "and therefore if the key is not recovered they cannot be restored" wrote the Corriere yesterday.
Pending the outcome of the criminal investigations, the regional councilor for health, Alessio D'Amato, reconstructed the facts as follows: “The hacker attack started from the violation of a user of an employee in smartworking. The data backup has also been encrypted, and it is the most serious element. The data was not breached but was immobilized. We are at war, as if under a bombing. You can count the buildings that are standing and those that have collapsed ”, he added.
THE CONSEQUENCES
As we said, having encrypted backups means that the content is not readable unless you have the key to decrypt them. So not being able to read the content, it is not possible to do a reset.
THE COMMENT OF THE EXPERTS
“Not having restorable backups is very serious beyond imagination”, highlighted Matteo Navacci, Data protection counsel, DPO, Co-Founder Privacy Network on Twitter. “I want to carefully see the personal responsibilities of the top management and the sanctions” remarked Matteo Flora, cybersecurity expert, CEO of The Fool.
Not having restorable backups is very serious beyond belief for a critical infrastructure as essential as a Region.
It is inconceivable. A ransomware attack can happen – this NO.
There are clear political responsibilities, because here the fault lies entirely with the managers. https://t.co/wcrlHzhJiR
– Matteo Navacci (@ mrk4m1) August 3, 2021
THE TWEET OF STEFANO ZANERO
It seems to understand, from the assessor's statements, that (at least a part) of the Lazio Region backups were online, and therefore have in turn been encrypted. pic.twitter.com/sPsWCV7KhJ
– Stefano Zanero (@raistolo) August 3, 2021
DOES LAZIO CREATE RESPONSIBLE?
But what is the company responsible for overseeing the management of backups? LazioCrea, the in-house company of the Lazio Region.
Since 2015, it has managed all regional activities related to the preventive design and development and management of the Region's IT systems.
As stated in the report of the 2020 financial statements, during the year, the company continued to ensure the management of transversal technological platforms (data centers; etc …) and the regular operation of the basic systems for the operation of the Administration and of the vertical services entrusted to Lazio Crea by the Lazio Region. In detail, the continuity of the management of cyber security events and incidents is also noted. Both the provision of application services intended for regional users and citizens of the Lazio Region and the common infrastructure services, such as the safeguarding of data with the appropriate scheduled backup operations, depend on the Data centers.
No data backup since backups are not restorable.
This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/regione-lazio-lazio-crea-e-il-papocchio-sul-backup/ on Wed, 04 Aug 2021 04:23:02 +0000.