We research. You level up.
Protect your devices, your data, and your privacy—at home or on the go.
“Thanks to the Malwarebytes MSP program, we have this high-quality product in our stack. It’s a great addition, and I have confidence that customers’ systems are protected.”
Featured Event: RSA 2021
Activate Malwarebytes Privacy on Windows device.
Cybersecurity Month: Save 25% on EP and EDR for your business – BUY NOW
COVID-19 vaccine appointment system attacked in Italy
Cybercrime
Posted: by
In another cyberattack on a healthcare system, threat-actors have tried to throw a wrench into the ongoing COVID-19 vaccine roll-out in the region of Lazio, Italy. The large and densely populated region is the country’s second most populous and includes the country’s capital, Rome.
On Sunday the Facebook page of the region informed the public that hackers had disabled the systems of the regional health care agency.
Only 10 hours later the region communicated through the same channel that standing vaccination appointments could proceed as planned. But it was not yet possible to make new appointments. Later it turned out that besides the vaccination appointment system, more of the region’s systems had suffered from the attack.
Details of the attack are sparse, most likely because the investigation is still ongoing. The Facebook page mentions a “virus” but this could be the result of a common misconception where many people call every malware a virus. But there is no mention anywhere about a ransom either, which you would expect if this was yet another ransomware attack on healthcare or other critical infrastructure. What we do know is that it was labelled as a “powerful” attack that disabled all the region’s systems, including the information site Salute Lazio portal, which was still unreachable at the time of writing.
Unofficial sources claim to know that the attackers managed to get hold of the credentials for an administrator’s account and released a “cryptolocker” which would suggest that this was a ransomware attack, or possibly a “wiper” attack, where attackers use ransomware to scramble a target’s computer, but with no intention of asking for a ransom or providing a way to unscramble them. The investigation will be  done by the Italian Postal and Communications Police Service which is the police department responsible for cybercrime.
The region’s officials have called the attackers both criminals and terrorists. The question which of the two qualifications is the most accurate is closely correlated with the nature of the attack. There have been a lot of protests in Italy against the introduction of the so-called Green Pass, which shows people have been vaccinated, tested negative or recovered from COVID-19. Based on the Green Pass, which comes into effect on 6 August, holders will have access to places where non-holders will be barred.
While some see the Green Pass as a way to increase vaccination rates and persuade the undecided, some see it as a step too far. Looking at the number of vaccination requests the persuasion technique seems to work. Which might have triggered this attack on the Lazio region’s systems. But it might just turn out to be the next ransomware or wiper attack (although this scenario would be very surprising).
Even though most IT systems were offline, some have been restored, including emergency networks, time-dependent networks, and hospital systems. The local government has reiterated that the vaccination drives would continue in spite of the attack. The vaccination appointment system for the Lazio region has been transferred to the Italian national vaccination to keep the momentum going.
The disruption of Lazio’s vaccine appointment system is just one of a number of notable and disturbing attacks against critical infrastructure in 2021. To learn more about the threat cybercriminals pose to critical infrastructure, Lock and Code podcast host David Ruiz spoke to Lesley Carhart, principal threat hunter with Dragos and a globally-respected expert on the subject.
You can hear their conversation below, or find it on your preferred platform, including Apple PodcastsSpotify, and Google Podcasts.
SHARE THIS ARTICLE
COMMENTS
RELATED ARTICLES
ABOUT THE AUTHOR

Malware Intelligence Researcher
Was a Microsoft MVP in consumer security for 12 years running. Can speak four languages. Smells of rich mahogany and leather-bound books.
Silouette of person
Contributors

Malware
Threat Center

Book with bookmark
Glossary

Suspicious person
Scams

Pencil
Write for Labs

Want to stay informed on the latest news in cybersecurity? Sign up for our newsletter and learn how to protect your computer from threats.
Imagine a world without malware. We do.
FOR PERSONAL
FOR BUSINESS
COMPANY
ABOUT US
CAREERS
NEWS AND PRESS
MY ACCOUNT
SIGN IN
CONTACT US
GET SUPPORT
CONTACT SALES
© All Rights Reserved
Select your language
Cybersecurity basics
Your intro to everything relating to cyberthreats, and how to stop them.

source