LockBit would have published on the dark web the news of having stolen 78 giga bytes of data from the Revenue Agency through malware, ordering an ultimatum of five days for the payment of the ransom for the return of documents, scans, financial reports and contracts, of which soon screenshots of the stolen material will be published. Otherwise, the usual threat is to publish the available data. This is what Pierguido Iezzi, CEO of Swascan cybersecurity pole of the Tinexta Group, made known, who announced the cyber attack that hit the Italian Revenue Agency by the Russian ransomware gang LockBit, as shown by some screenshots reported.
Investigations underway by the Postal Agency and Police
Investigations into the alleged hacker attack are underway by the Postal Police and the IT technicians of the Revenue Agency to ascertain whether the Agency has been the victim of a hacker attack in which about 78 gigabytes of data were stolen.
Revenue Agency has requested Sogei intervention
For its part, the Agency clarified that “with reference to the news that appeared on social media and picked up by some press organs about the alleged theft of data from the tax information system, the Revenue Agency specifies that it immediately requested a response and clarifications to SOGEI SPA, a public company wholly owned by the Ministry of Economy and Finance, which manages the technological infrastructures of the financial administration and which is carrying out all the necessary checks “. At the moment, according to what is learned, no evidence has been found but all the investigations are underway at the end of which a report will be sent to the judicial authority.
Iezzi (Swascan): confirmation of the sad record earned by LockBit
«It is the confirmation of the sad record gained by LockBit – explained Iezzi – which in the last quarter has become by far the most active cybergang in the world in ransomware activities, with over 200 attacks carried out between April and June. Ransomware continues to be the main weapon of Criminal Hackers and, consequently, the main danger for public and private companies. Swascan itself, analyzing the numbers of attacks through this malware in the second quarter of this year, found that compared to the previous quarter there was an increase of 30%, even greater, + 37%, instead, compared to the same period in 2021. And it is not surprising – added the CEO of Swascan – that the PA is increasingly paying the costs. Among the victims, globally, the public administration is among the most targeted with 6% of all attacks, behind only sectors such as manufacturing and services ».
“Data processed by government agencies as a possible instrument of hybrid warfare”
“But there could also be another risk component linked to Cyber crime actions such as that of Lockbit 3.0. The last few months have in fact solidified even more the links between groups dedicated to cybercrime and state actors. An attack with the PA – concluded the CEO of Swascan – has potentially not only an economic value deriving from the request for a ransom: the data processed by government agencies can also be an instrument of hybrid warfare. Revealing sensitive information, normally the prerogative of the state alone, can be a powerful lever to create dissent and social tension in an “adversary” nation ».