• Coronavirus, INPS site on tilt. Tridico: 100 thousand requests per second. Conte: "System hacking"
  • Coronavirus, Spallanzani hacker attack failed

Share

April 09, 2020 It really seems to be raining in the wet, but right now that the school is in an educational emergency due to the coronavirus pandemic, this is subject to cyber attacks. This was reported by Axios Italia, a developer of systems for online education and electronic registers, which announced on April 9 that it had fallen victim to an activity aimed at rendering its services unusable. Among these, the electronic register provided to schools and other applications for sharing and correcting tasks, which are now indispensable to guarantee the continuity of the national educational service during the Coronavirus emergency, proved to be inaccessible. With around 2500 schools under its belt, Axios is one of the main IT service providers for teaching in Italy.

"Dear Customer, unfortunately since this night our structure has been continuously harassed by cyber attacks (DDoS type) by hackers", reads the home page of the company website: "We blocked this attack thanks to the timely intervention of our technicians and those of Aruba Enterprise, unfortunately, the service today may be subject to alterations and not work regularly ".

No danger for privacy and personal data therefore: the type of attack detected is what in technical jargon is called Distributed Denial of Service, DDoS, and consists in overloading the systems of a service through the automatic sending of millions of simultaneous requests from multiple different devices and in the availability of the attacker.

"Our structure - Axios says - is continually harassed by cyber attacks (DDoS type) by hackers. We blocked this attack thanks to the timely intervention" but "unfortunately the service may undergo alterations and not work regularly". The company adds that "our systems are secure, but the huge number of fraudulent accesses block regular access to services".

The primary objective is to cause a shutdown of the target system, which is unable to cope with the enormous amount of access (as happened to the INPS systems at the beginning of the month, except that in that case the users were real and there is no trace of hacker activity). Often this type of attack is aimed at pursuing commercial objectives to the detriment of competition, as repeatedly affirmed by victims and cyber security experts. Axios has however specified that the content of the systems intended for schools is safe and that the restoration of their full operation will take place as soon as possible. In parallel, the company has made it known that it will file a complaint with the postal police who are investigating the attacks and have been working for days on a series of intrusions verified during online lessons on different platforms to understand what happened and trace the perpetrators.

According to what was erroneously reported by numerous news sites, a previous computer attack would have allowed hackers to share pornographic images while streaming some video lessons, forcing schools to stop teaching. In reality, as verified by Agi, it is a single episode in which some students have consciously shared the unique address that allows access to the virtual room hosting the streaming to anyone in possession, thus allowing strangers - probably alumni - to access and abuse the service. The single episode occurred outside of class hours and was reported to the authorities to ascertain any responsibilities. No hacker, therefore, only trivial rudeness.