Hackers block Italian Covid-19 vaccination booking system
An investigation has been opened into the “very serious” attack on the IT system of the health department of Lazio, one of the most populated regions of Italy and home to capital Rome, according to a source from the Postal and Communications Police, which investigates cybercrime.
The attack by unknown perpetrators began early Sunday, a statement from the regional health department said. The attack, according to investigators, is likely still ongoing.
On Monday, Lazio regional health councillor Alessio D’Amato assured more than 500,000 citizens that had already booked their Covid-19 vaccines through August 13 would still be able to get their shot.
“The technicians are working to safely reactivate the new bookings and no data has been stolen,” D’Amato said in a post on the region’s official Facebook page.
Speaking at a press conference on Monday, D’Amato added called the attack “the most serious cyber-attack ever carried out on an Italian public administration.”
Local authorities said they have received a generic ransom request but with no further claims.
The malware attack used a “crypto locker” to encrypt the files and block all the system’s activities, including the Covid-19 vaccine reservation center, the cybercrime source said.
Due to the type of attack, encrypted files could still be corrupted as the malware continues its spreads in the system, the investigative source told CNN.
That’s because the “infected parts” have been isolated; however the “entrance door” of the virus has not yet been identified, the source said, meaning the attack can be relaunched.
Investigators, who haven’t been able to identify the attackers, say that sensitive health data, including that belonging to President Sergio Mattarella and Prime Minister Mario Draghi, has not been breached by the hackers.
The Rome prosecutor’s office have detailed the crimes as “unauthorized access” and “aggravated damage to an IT system.”
Speaking at a press conference, president of Lazio Nicola Zingaretti said that while the perpetrators hadn’t been identified they were “from a foreign country.”
Zingaretti said that emergency services were continuing to function as normal, and apologized to citizens for the delays in other services as tech workers continued to prevent the spread of further attacks.