Following the news that:
Italian city of Palermo shuts down all systems to fend off cyberattack
Italian city of Palermo shuts down all systems to fend off cyberattack (bleepingcomputer.com)
This story is a particularly concerning example of the impacts cybercrime can have on our daily lives. If recent trends are anything to go by, ransomware attacks such as this will only continue to increase in severity and frequency.
It should be noted that this is an example of attackers shifting from private to public targets. While this isn’t as significant as a CNI attack, the fact that attackers have brought a city in peacetime to a standstill makes for worrying reading. It’s hard not to imagine the potential implications of the ever present threat of “cyber war”.
With this in mind, it has never been more important to bolster cybersecurity. It’s not just private organisations that can be crippled by cybercrime, public infrastructure is at risk too. There has to be a holistic approach to cybersecurity, across the private and public sector. To do this, initiatives such as Cyber Essentials and cyber insurance are invaluable as they codify best practices, preventing the vast majority of cyber attacks and situations such as the one in Palermo.
We can expect to see attacks of this type continue to rise, thanks to the current war between Russia and Ukraine. Hackers are actively recruiting volunteers to assist them in attacks against European Union and Ukraine government agencies.
Sadly, we see more and more attacks of this nature. As the world continues on the path to become more connected, linking more services and information systems to the Internet, we can expect an even larger occurrence of this type of attacks. With the rise of “Smart Cities” and connected vehicles, this infrastructure becomes more appealing to ransomware attackers.
It is unclear from the current available information the exact nature of the attack currently impacting Palermo. The municipality’s move to shutdown its system is indicative of an attempt to limit the spread of the attack across different computing environments within their infrastructure. It is likely that a malicious actor successfully gained an initial foothold in one of the city’s systems and managed to proceed to attack adjacent systems within the municipality.
Information Security Buzz (aka ISBuzz News) is an independent resource that provides the experts comments, analysis and opinion on the latest Information Security news and topics