Cyber ​​attack on website: did hackers want to block vaccination data from Italians?

The hacker attack on the website of the central Italian region of Lazio, which also includes the capital Rome, puzzles authorities and investigators.

Access to the site has remained blocked on Tuesday since the attack early Sunday morning.

The booking portal for corona vaccination appointments and the data on people to whom one or two vaccination doses have been administered since the start of the national vaccination campaign is located on the site.

The data for issuing the national vaccination certificate, known as the “Green Pass” in Italy, is also on the infected computer system.

In addition to President Sergio Mattarella and Prime Minister Mario Draghi, numerous other members of the government and parliamentarians were vaccinated in vaccination centers in Rome and the surrounding area.

Matthias Rüb

Political correspondent for Italy, the Vatican, Albania and Malta based in Rome.

• Follow I follow

According to Regional President Nicola Zingaretti, the attack is “the most serious cyber attack that has ever been carried out on our national territory”.

The social democratic politician assured that they would defend themselves “against this criminal or terrorist attack”.

"We do not know who were responsible for the attack and what goals they are pursuing," said Zingaretti.

The hacker attack blocked access to many important data sets.

Hackers demand ransom in bitcoins

The investigations of the competent regional authorities as well as the national postal and telecommunications police go in all directions. The secret services are also taking part in the investigation. So far there is no evidence that data sets have been stolen from the data center in the region, it said. As Italian media reported, the attack did not take place via an email and via malware attached to it, but via a computer virus. The hackers smuggled the so-called ransomware into the system via a computer connected to the data center and not switched off overnight in an office in the Lazio region in the city of Frosinone.

So far, data records on the website should not have been destroyed, compromised or stolen. Rather, access to the data was blocked by a so-called cryptolocker. In an email, the hackers allegedly demanded payment of ransom in an unknown amount in Bitcoins.

As regional president Zingaretti and the region's health minister, Alessio D'Amato, announced, the cyber attack can be traced back to a server in Germany.

It is also possible that the hackers operated in a third country and only used the server in Germany to access the website of the central Italian region.

Health Minister D'Amato said there had been hacker attacks on the Lazio region's website before, but no cyberattack had penetrated the data architecture on the site as deeply as the most recent one.

Connection with vaccination success?

D'Amato suspected that the attack could have been carried out by anti-vaccination militants. The cyber attack may be related to the success of the vaccination in the central Italian region. In Lazio, almost 70 percent of the population are vaccinated with at least one dose and are therefore entitled to the “green passport”. Across Italy, according to the Ministry of Health in Rome, a good 65 percent have received at least one vaccine dose, 55 percent of all people are fully immunized.

D'Amato assured that the approximately 500,000 vaccination appointments, which had been booked through the region's website by August 13, would not be affected by the hacking attack. Vaccination certificates and the “green passport”, which will be required from Friday to access the interior of restaurants and public events, would be issued in paper form in Lazio until further notice.

It remained unclear whether the hackers' demand for payment of a ransom was meant seriously or was simply supposed to leave the wrong track. Regional President Zingaretti affirmed that Latium would under no circumstances enter into a deal with the hackers. It was still unclear until Tuesday afternoon how and when the attack could be ended and the website could be made accessible again. The emergency call system over the phone was not affected by the hacker attack, said Zingaretti.