Massive hacker attack in Italy and around the world

A “massive attack using a ransomware already in circulation” has been detected by the Computer security incident response team Italy of the National Cybersecurity Agency. The ACN technicians have already surveyed “several dozen probably compromised national systems and alerted numerous subjects whose systems are exposed but not yet compromised”. However, it is explained, “there are still some exposed systems, not compromised, of which it has not been possible to trace the owner. These are called immediately to update their systems”.

The agency then specified that the attack is underway all over the world, in about 120 countries, and concerns “a few thousand compromised servers” “from European countries such as France – the most affected – Finland and Italy, up to the North America, Canada and the United States“. The first to notice, they added, were the French, “probably due to the large number of infections recorded on the systems of some providers in France. Subsequently, the wave of attacks moved to other states including Italy”.

“In Italy there are dozens of realities that have encountered malicious activity against them but according to analysts they are destined to increase”.

The Agency recalls that “the vulnerability exploited by the attackers to distribute the ransomware has already been corrected in the past by the manufacturer, but not all those who use the currently affected systems have solved it”. By exploiting the vulnerability of operating systems, hackers can carry out ransomware attacks which, recalls the Acn, “encrypt the affected systems making them unusable until a ransom is paid for the decryption key”. For this reason it is “a priority for anyone to close the holes identified and develop an adequate protection strategy”.

What is a ransomware

Ransomware is malware that encrypts files on the victim’s computer, demanding payment of a ransom for its decryption. Ransomware is, in most cases, trojans spread via malicious or compromised websites, or via e-mail. These appear as seemingly harmless attachments (such as, for example, PDF files) from legitimate senders (institutional or private subjects). This element induces unsuspecting users to open the attachment, which contains as an object wordings referring to invoices, utility bills, payment orders and other similar objects.