Hackers Shut Down System For Booking COVID-19 Shots in Italy's Lazio Region

Hackers have attacked and shut down the IT systems of the company that manages COVID-19 vaccination appointments for the Lazio region surrounding Rome, the regional government said on Sunday. From a report: "A powerful hacker attack on the region's CED (database) is under way," the region said in a Facebook posting. It said all systems had been deactivated, including those of the region's health portal and vaccination network, and warned the inoculation programme could suffer a delay. "It is a very powerful hacker attack, very serious... everything is out. The whole regional CED is under attack," Lazio region's health manager Alessio D'Amato said.

CyberAttack?

[cygnusvis]

Is this considered a cyber attack? Civilians may be dying over this. Is this different than some foreign actor shooting civilians with bullets? Is causing the spread of a deadly virus even allowed in global politics?

Re:

[Anonymous Coward]

You’re struggling to understand why some people are vaccine hesitant. The “let me help you” megathread:

Imagine you’re a normal person. The year is 2016. Rightly or wrongly, you believe most of what you see in the media.
 
...

https://twitter.com/Konstantin... [twitter.com]

Re:

[rogoshen1]

It is absolutely the same! Assuming of course that those foreign actors have worse aim than storm troopers; missing roughly 99.87% of the time.

Re: CyberAttack?

[VaccinesCauseAdults]

And further assuming that the foreign actor attempts to shoot hundreds of millions of civilians, in major countries (billions worldwide).

THEN it's similar.

Probably just random attack

[SuperKendall]

At first I thought, how much of an asshole do you have to be to shut down a Covid vaccine distribution center....

But then I realized, it's probably just ransomware bots looking for any computer to infect.

Still pretty evil though, even if not exactly intentional....

Re: Probably just random attack

[javaman235]

I also wonder, did they really shut it down? Is there a problem giving life saving vaccines to people who need them without the IT component?

Re:

[dgatwood]

<sarcasm>You forgot to mention 5G and Bill Gates. :-D </sarcasm>

Re:

[gweihir]

I also wonder, did they really shut it down? Is there a problem giving life saving vaccines to people who need them without the IT component?

Yes. You need to a) organize things (no trivial mater with the numbers of people we are talking here) and b) hand out digital certificates. While politicians still pretend all over Europe that the vaccinations will not be mandatory, the number of restrictions that fall away when you have a vaccination certificate grows steadily. This is really not a legal or moral question, but one of medical realities. Medical realities do not care about some human constructs like laws or morals.

Re:

[havana9]

Problem is to book them. Now vaccination is going normally, but being impossible to book one doesn't know where and when to go for the shot. When I got my booking, still hat do stay 20 minute in a queue. Without booking I can imagine that the queue time will be half a day with angry people outside. For the vaccination sheets, the doctor could print and sign locally, I still have a booket with stamps and signatures for smallpox, polio and other vaccinations.

Re:

[gweihir]

Probably. Calling an attack "powerful" is just code for "our security sucks badly and now we have been hit".

Re:

[arQon]

Yeah, no kidding. I actually read TFA to see if there were any details on whether this was "hacked" hacked, or just "some idiot left the admin password and all the data in an unencrypted S3 bucket", but there aren't any - so, like you, since they trotted out the standard "powerful / highly-skilled / elite / etc group of hackers" line I'm going to assume it was the latter, like it is at least 99% of the time...

TBH, this whole "boy who cried wolf" behavior from orgs is getting really old. It makes it impossib

So awful... it's galvanizing

[mrobinso]

This is perhaps the most reprehensible behaviour ever shown by a hacker group. Just sickening. Quite frankly, it's exactly the sort of thing world powers need to see, so that they understand the severity of their gutless inaction on this type of activity. Twenty years ago hackers like this were celebrated with parades by their respective cultures for their hacker / cyber prowess.

This is exactly the type of event that can galvanize world powers. That so needs to happen. Programs to counter these groups need to be well-funded with billions and well-staffed with both powerfully skilled investigators (read: white hat hackers) and government intelligence. Countries need to begin treating this behaviour as terrorist activity. The culprits are absolutely terrorists. They need to be hunted down and disappeared permanently into the most awful prison systems we can find on this planet.

Re:

[ASDFnz]

Yes, that would be most cathartic, wouldn't it? We can always justify the most horrific acts when they are done for the right reasons, right?

Hay, if they don't want their rights impinged they should not go around trying to impinge the rights of others.

As the old saying goes "your right to swing your fist ends at the tip of someone else's nose".

Re:

[Arnonyrnous Covvard]

Just one problem with that plan: White hat hackers don't work for governments. Everyone worth their salt has learned very early on that governments don't fall into the white hat category and are not to be trusted.

Re:

[gweihir]

Probably just clueless or automatic targeting, combined with really bad security on the victim side. Remember that most criminals would have legal jobs if they were smart.

Still, anybody that deploys malware in this fashion willingly accepts this type of result, whether they know what the target is or not.

Re:

[Oligonicella]

And therefore the consequences.

Re:

[gweihir]

Well, yes and no. They should share the consequences, but the people that were operating a critical system insecurely should not be allowed to just walk away as if they had done nothing wrong. That said, I think if some attacker breaks an IT system and that ends up killing somebody and they could have reasonably known about a real risk in that respect with some target reconnaissance, I think they should at the very least go down for manslaughter. If they knew it and did not care, that should be upgraded to

Re:

[drinkypoo]

That said, I think if some attacker breaks an IT system and that ends up killing somebody and they could have reasonably known about a real risk in that respect with some target reconnaissance,

No! Whether they could/would/should have known about a risk is irrelevant to whether they should be punished for their willful and illegal acts. The only difference should be between manslaughter and murder, which is to say that they should be punished either way, but they should be punished more harshly if they knew.

Re:

[gweihir]

Never said anything about whet should be applied to them if they did not know about the risks. But the punishment still has to fit the crime.

Powerful attack

[Random361]

Ever notice how it's always a "very sophisticated" or "very powerful" attack? Just once I'd like to read an article like this and the spokesperson says, "We're under a pretty lame-ass attack from some script kiddie in his mother's basement. This guy, I mean, this guy is just so totally incompetent."

Re:

[DarkOx]

Think about that, who is going to say that ever? If a lam-as script kiddie attack is successful its because you were negligent.

Where as if its a sophisticated threat actor for realizes - well shit happens most orgs even with fairly good security practices have limited ability to defend against 0-days and unpublished vulnerabilities. At best they can hope detect compromises before either too much data gets out the door (bigger you are harder that becomes) or before the actors worm their way in to deep. Howev

Re:

[algaeman]

The fact that they mention how powerful the attack was makes it all the more likely that it was some VNC relay that a politician insisted be put in so he could "correct" the positivity rates.

Re:

[gweihir]

Ever notice how it's always a "very sophisticated" or "very powerful" attack? Just once I'd like to read an article like this and the spokesperson says, "We're under a pretty lame-ass attack from some script kiddie in his mother's basement. This guy, I mean, this guy is just so totally incompetent."

This is just a code-phrase for "our security badly sucks, but we prefer to not admit that".

Re:

[Xenna]

That's also why it's always the Chinese or the Russian mafia even though it's really difficult to know where an attack originates from since the attackers will almost certainly try to obfuscate that.

Well that was most informative :s

[takionya]

Any clue as to the computer platform was hacked?

Re:

[gweihir]

One built, configured and operated by clueless people. That already says everything. Even something as hardened as NetBSD falls if the application running on it is insecure.