A massive explosion is underway attack hacker. reports theAgency for cybersecurity national. The attack is underway worldwide andItaly is one of the most affected countries. The hacker attack has moved from France, where it has been going on for three days, in our country.
Hacker attack in progress, Italy among the most affected countries
From what we can gather from other sources, there would be around twenty sites affected, while hundreds, including institutional ones, would be vulnerable. Italy – explains theACN – there are dozens of companies that have encountered malicious activity against them but according to analysts, this number is set to increase.
Exploiting the vulnerability allows, at a later stage, to carry out ransomware attacks which, as is known, encrypt the affected systems making them unusable until a ransom is paid to obtain the decryption key.
The vulnerability exploited by attackers to distribute ransomware has already been patched in the past by the vendor, but not all users of currently affected systems have it fixed.
The hacker attack started from France
The targeted servers, if they lack the patch, that is, adequate “corrections,” can open the doors to hackers busy exploiting it in these hours after the strong increase in attacks recorded over the weekend. The first to notice it were the French, probably due to the large number of infections recorded on the systems of some providers in France.
The wave of attacks subsequently moved to other countries including Italy. The national authority for cybersecurity reiterates in the note “that it is a priority for everyone to close the identified gaps and develop an adequate protection strategy”.
For ACN technicians, in fact, “we have been able to census several dozen national systems likely compromised and alerted numerous entities whose systems are exposed but not yet compromised. However, there are still some exposed, not compromised systems, of which it has not been possible to trace the owner. These are called immediately to update their systems”.
The vulnerability identified by recent analyses as CVE-2021-21974 (already patched by the vendor in February 2021), concerns systems exposed to the Internet that offer virtualization services based on the product VMware ESXi, and has a high impact, estimated by the technical community as “high risk/orange” (70,25 / 100).
However, it cannot be ruled out that other vulnerabilities can be exploited by malicious actors. In this regard, theAgency for Cybersecurity Skills National, through the CSIRT Italy, published a specific bulletin yesterday on the public portal https://csirt.gov.it, which also includes procedures for resolving the vulnerability, to which technical managers of public and private IT services are invited to refer.
In short
The National Cybersecurity Agency reports this.
- The attack is ongoing worldwide and Italy is one of the most affected countries.
- The hacker attack has moved from France, where it has been ongoing for three days, to our country.
- In Italy - explains the ACN - there are dozens of entities that have encountered malicious activity against them but according to...
Key questions
What is the main point of the news?
The National Cybersecurity Agency reports this.
Why is this news relevant?
The attack is ongoing worldwide and Italy is one of the most affected countries.
Which detail helps us understand the case better?
The hacker attack has moved from France, where it has been ongoing for three days, to our country.
Choose the social channel you want to subscribe to