AI DevwWrld Chatbot Summit Cyber Revolution Summit CYSEC Global Cyber Security & Cloud Expo World Series Digital Identity & Authentication Summit Middle East Low Code No Code Summit TimeAI Summit

Impact of Lockbit ransomware on public administration: analysis and perspectives

Repercussions, modus operandi and responses: a detailed look at the attack on Westpole and Digital PA

The article discusses the Lockbit attack which heavily damaged the Italian Public Administration (PA), affecting over a thousand public bodies. The attackers used the Ransomware as a Service (RaaS) crime model, which involves using ransomware to gain monetary gain. PA Digitale is working to mitigate the crisis and restore services. The incident highlights the growing need to strengthen cyber security.

Contribute to spreading the culture of prevention!
Support our cause with a small donation by helping us raise awareness among users and companies about cyber threats and defense solutions.

This pill is also available in Italian language

An intricate web of damage has unraveled in the fabric of the Italian Public Administration (PA), marked by a significantly destructive Lockbit ransomware attack. Starting with the attack on the cloud services company Westpole, the attack spread to the Digital PA, directly impacting over a thousand public bodies, including 540 municipalities. Following this assault, essential services provided to citizens suffered significant disruptions. This episode, which emerged with all its gravity ten days after the attack, heralds a period of prolonged and complex consequences for the public sector.

Repercussions on public services and data breaches

Many services essential to the community and the internal functionality of public bodies were affected by the attack, with some municipalities forced into a reluctant return to paper-based procedures. The heterogeneity of the compromises correlates to the dependence of these entities on PA Digitale's Urbi cloud system, supported by the Westpole infrastructure. At the moment, despite the first reassuring statements, the data exfiltration has not been confirmed, although this statement remains suspended until the publication of the attackers' possible claims.

Lockbit's modus operandi

The attackers, associated with the Lockbit criminal syndicate, conducted an attack at dawn on December 8, according to various institutional testimonies. Lockbit is configured as an operator in the Ransomware as a Service (RaaS) field, acting through an entrepreneurial logic in the distribution of malware. The operation of this criminal entity, outlined as a sort of nefarious services company, involves the development, maintenance and leasing of ransomware variants to external collaborators, in exchange for an economic income deriving from both advance payments and a percentage of the ransom proceeds .

Reactions and potential developments

PA Digitale quickly began working on creating a replacement infrastructure to cushion and manage the crisis arising from the attack. Subsequently, the data was reloaded from reliable backups, already indicating some partial reactivations of the services. The extent of the damage and the actual impact will only be better understood with the disclosure of statements by Lockbit affiliates. This scenario highlights the need for strengthening cybersecurity resilience at the national level, suggesting that incursions via supply chain attacks could become an increasingly pressing threat in the near future.

Follow us on Facebook for more pills like this

12/18/2023 19:32

Editorial AI

Last pills

LockBit's tenacious activity despite global investigationsChallenges and countermeasures in the war against the LockBit cyber criminal group

Avast fined for illegitimate sale of web dataFines and restrictions imposed on cybersecurity company for misuse of personal data

KeyTrap: DNSSEC flaw discovered by researchersThe vulnerability puts the stability of DNSSEC at risk

Pact between technology companies against electoral manipulationJoint technology initiative to preserve the integrity of democratic voting