Italy warns about large-scale server ransomware attack
3 min read [ad_1]
This could be one of the largest cyber attacks in recent years – thousands of servers impacted worldwide.
The news about the ongoing incident was announced by Italian National Cybersecurity Agency (ACN) today. Representatives of this institution also warned other organizations to take necessary preventive actions in order to ensure the security of their computer systems and networks.
This cyberattack apparently exploits an existing server software vulnerability. According to ACN, reports indicate that ransomware attack was detected in several other European countries, including France and Finland. Similar reports were received from the United States and Canada.
The precise number of compromised machines is not known. Reuters noted that in Italy, dozens of organizations have been affected. Many more are taking necessary steps to avoid the lockdown of their computers.
[ad_2]
Source link Italian authorities are warning about a large-scale server ransomware attack targeting the country. The attack on the servers, which are used by businesses, hospitals, local authorities and government offices, has been ongoing since October 2020, and is being carried out by a threat actor called Black Kingdom.
According to the Italian National Agency for Information Security (NIS), Black Kingdom has been exploiting vulnerabilities in Microsoft Windows Servers to gain access to the targeted systems. Once inside, it deploys ransomware that encrypts the data and demands a ransom be paid for its release. The agency is urging organizations to take urgent steps to protect their servers from the attack and to back up their data regularly.
The Italian Civil Protection Department (DPC) has warned that this attack is particularly virulent because hackers are not only targeting private companies, but also hospitals, local authorities, and government offices. As such, it could have serious repercussions for public services and major disruption to businesses, depending on which targets are hit.
Moreover, it has been reported that Black Kingdom has also been infecting user computers with its ransomware. To protect against this infection vector, NIS is recommending that users follow industry best practice to reduce the risk of infection and to ensure that they have up-to-date operating systems and security patches.
Overall, NIS is advising organizations and individuals to remain vigilant and take steps to protect their systems from the Black Kingdom attack. While the organization has not indicated how much ransom the threat actor is demanding, it is believed to be considerable. Unless preventive measures are taken, anyone affected is likely to suffer significant financial losses.