At the Asl 1 Avezzano, Sulmona, L’Aquila is racing against time to tone down the serious disruptions in performance and services caused by the hacker attack suffered in recent days. The health company is also grappling with the request for a ransom.

The technicians and top management, coordinated by the general manager, Ferdinando Romano, have set up an “IT security emergency response” task force which is operating in support of the internal technical groups, but the return to normal seems far away: no one yet dares to make predictions, but according to rumours, the IT infrastructure could be off online for a month. The ASL would be in contact with some providers in an attempt to create a new IT system.

Meanwhile, in parallel with the work to restore services, the investigations of the postal police coordinated by the Public Prosecutor’s Office of L’Aquila.

What was stolen by cybercriminals

Medical data of HIV patients, cancer patients, newborn patients and infant mortality information. But also employee personal files, administrative information, for a total of over 500 gigabytes stolen. These would be the contents of the datasets stolen from the servers of the ASL of L’Aquila that the hacker group threatens to disclose if indeed a ransom is not paid.

The data was stolen on the night of May 3 with a cyber attack with a ransomware which locks and encrypts data making it unusable until a ransom is paid. “If our requests are not accepted,” reads a screenshot in English disclosed by the group referring to the bulletin board ‘Monti‘ In the dark web“we will be forced to publish the rest of the medical data on the ambulatory blood pressure monitoring, as well as the medical data of the patients, including the diagnosis and the prescribed treatment, in the areas of Pathophysiology and Obstetrics and other 50 random documents pulled from the server and the Archiflow system”.

The effects of the attack

In the meantime continue chaos for users, patients and doctors. It is not yet possible to book services at Cup counters, call centers and online services, while healthcare services already booked will be guaranteed. Those who have a reservation can go to the Cyo counter for payment and registration of the ticket on the day set for the service with a reservation sheet and binding letter. Those who have to book an urgent service or where priority class U is present on the referral can go to the Cup counter of a hospital which will contact the department concerned for the purpose of providing the service.

Meanwhile, a group of doctors has raised the alarm on consequences of the possession, by computer pirates, of bank data, including employee Ibans: “In the bank we are sure that there can be no undue payments, but with this availability of data it is possible to enter into purchase contracts. It is another sword of Damocles in a very serious health situation”.

The M5S announces a question

Concern in the face of the hacker attack on the Asl 1 Avezzano L’Aquila Sulmona servers was also expressed by politics, and in particular by the Senator of the 5 Star Movement Gabriella Di Girolamo announcing a query. “A story that has some kind of absurdity in regards to it the response of the bodies responsible for monitoring and protecting citizens’ data. The far from unpredictable attack needed to be responded to with adequate and timely measures. Today we discover that it could take over a month”. The senator points the finger at her”the silence of the regional institutions which, like the belated response, highlights the unpreparedness and superficiality with which it was decided to face the very serious episode. I thank our regional councilor George Faithful for the commitment with which he is following the story. In the next few days I will file a parliamentary question to get answers on the extent of the damage, on any liability on the part of the bodies responsible for monitoring and responding to the attack, as well as on the timing for restoring services”.

Fedele himself asked that in the Health Commission of the Abruzzo Region, on the calendar today, the hearing of the president of the Marco Marsilio Regionthe Councilor for Health Nicoletta Verì, the director of Asl 1 Ferdinando Romano and those responsible for the protection of privacy and information systems.

But the president of the Region appeals to a dutiful reserve

Marsilio, responding to the reservations of exponents such as the former parliamentarian of the Democratic Party Stefania Pezzopaneimmediately clarified not to demonstrate, faced with the issue, “no embarrassed silence, just a dutiful reserve, while defense actions are being implemented and investigations are being carried out to identify the culprits and responsibilities as soon as possible. “The Region therefore has nothing to add to the ASL press releases, even these dutifully synthetic, ASL which is strongly committed at the highest levels to repel this attack. We can only add that We consider an attack on computer systems in a healthcare company particularly criminal, an attack that risks endangering the health and life of citizens and patients. Every cyber attack is a criminal and vile action, but done against a healthcare facility it is even more so. At the end of the investigation it will be possible to make a final report and also take the consequent decisions regarding any responsibilities ascertained”.

And Action calls for the resignation of the leaders of Asl 1

“We are witnessing, by now it seems helpless, what has become the systematic form of remote economic extortion towards entities and companies called ‘ransomware blackmail’, on the basis of which certain subjects or criminal organizations, from the most varied parts of the globe, are able to inject into the attacked computer systems, a specific computer virus, precisely the ‘ransomware’ capable of encrypting, making inaccessible and unreadable, most of the files present in the computers, files necessary for the company to work”. This is the point of view of municipal councilor in L’Aquila, Enrico Verini, municipal secretary of Action, and Giorgio Ciocca, of the municipal management of L’Aquila di Azione.

Action has thus asked for the resignation of the top management of Local Health Authority 1. in the infected computers, the instructions and coordinates intended for administrators to pay, by a certain date, a high economic ransom to be paid into accounts linked to virtual currencies, therefore normally untraceable by the police and judicial authorities”, explained the two components of Action wondering if it could have been avoided, do something to avoid the block.

Action calls on politicians and local administrators to “take action for a prompt resolution and also a due explanation to the citizens. We regret that, from whatever angle we go to evaluate the work of the management of our ASL, we can only express total disappointment with a very presumptuous management and in fact very far from those essential levels of performance, also for data protection, which should offer- Soon we will provide other incredible circumstances of bad governance of which citizens, often sick, are victims. Even if alone, because no one goes further than a few facade protests, we loudly demand it: resignation of this ASL summit as soon as possible! We can’t go on like this.”

