Mass hacker attack in Italy: here’s what happened to TIM and beyond

Yesterday was characterized by a massive disservice that hit TIM, but the problems didn’t just concern the main Italian operator, according to what is learned from theNational Cybersecurity Agency which speaks of a large-scale hacker attack.

According to what has emerged in the last few hours, in fact, they have ended up in the crosshairs of the bad guys “dozens of national systems“, all of which were the subject of a ransomware attack performed with known and well-known tools. During yesterday afternoon, the Computer Security Incident Response Team Italy – or the body that monitors and intervenes on a national scale in the event of cyber attacks – proceeded to discover that the attack was not carried out by ordinary hackersbut it could be something much more serious.

The Team also made immediate contact with many of the potentially risky realities, even if not for all it was possible to trace the owner, so even now there are still computer systems still exposed to the risk of possible compromise.

The attack that was discovered by the Agency – which also affected TIM – appears to be connected to the VMware ESXi vulnerability CVE-2021–21974for which a corrective patch was released 2 years ago (just in February 2021). This allowed the attackers to exploit a well-known flaw to be able to carry out a large-scale attack that not only affected Italy, but also thousands of systems around the world.

See also  Top 6 Virtual Blockchain Worlds to Explore in 2023

As usual, the issue of timely updating of the most critical systems for network infrastructures is central, since a large part of the attack could have been prevented precisely with the application of the corrective patches released by VMware, as the ACN experts explained. The flaw in question, in fact, makes the systems extremely vulnerable to ransomware attacks, which can block access to the equipment until the decryption key is released, usually granted in exchange for the payment of a ransom (almost always requested in Bitcoin ).

As far as TIM is concerned, it seems that the hypothesis that it has occurred is also being examined by the experts a problem on Sparkle’s routers, the company that manages, among other things, the operator’s fiber optic network. TIM’s downtime had important consequences throughout the country, not only due to the fact that several users were without a line for many hours, but mainly due to theinterruption of important services such as ATMs connected to the TIM network. At the moment it seems that the situation has improved.

Source link

Thank you for reading this post, don't forget to subscribe!

We will be happy to hear your thoughts

Leave a reply

%d bloggers like this: