Everything revolves around log files. In other words, the traces left by the cyber pirates who “broke down” the doors of Lazio’s regional health system on Saturday night, cheating on the security systems. Three days after the hacking of the public portal with the data of all the residents of the Region, the investigators, postal police and Digos, work day and night to reconstruct, backwards, the path taken to enter the PC left on by an official of the Asl of Frosinone. Few certainties, among these: the manager was not in smart working and the terminal was in his place, that is, in the office. The man was not surfing and no one entered the PC access system directly. From the presidency of the regional council they specify that this is not a carelessness, the computer can also remain on but without the credentials you cannot access anything. In short, no one has physically entered the structure itself. «The PC is like a window left open but with bars in front. The pirates ripped off those remotely, “they add.
The investigations, coordinated by the Rome Public Prosecutor’s Office, aim above all to establish whether or not it was an extortion act. No ransom note, as feared in the early hours of the breach. At risk, however, the data of the entire population, including personalities from “alert one”, such as the President of the Republic. The trojan used to enslave the LazioCrea system, a malware called cryptolocker ransomware, would have passed through the company that takes care of the security of the entire regional portal with the database of millions of clients, Engineering. But the investigators do not speak about this. All top secret, even if since yesterday to support the police, computer experts from Europol and the FBI would have arrived in the capital. Goal: Find the perpetrators, or perpetrators, of the cyberattack before the encrypted data can fall into the wrong hands. La Pisana, for its part, ensures that nothing has been lost and the Ced, despite being off, keeps every single data. For other days, at least until the end of next week, the Department of Health clarifies, it will not be possible to download medical records online, access bookings for visits and vaccines, obtain the vaccination green pass. Above all, connect with the Unica Reservation Center. “Users will be able to do it – explains the Department – by going in person to the Cups of hospitals and outpatient clinics”. From today, the temporary telephone booking system for visits and exams with priority class U and B will be operational for the residents of Asl 1. A decision, that of closing all web access, which takes you back over the years but necessary to make the police work and securing sensitive data that hackers probably didn’t have time to steal.
Arm wrestling on the responsibility of security systems. The Region defends LazioCrea and explains that it was “entrusted to Leonardo through the Consip agreement”. The company denies: «We have never had the operational management of LazioCrea’s monitoring and cyber protection services. So far we have only provided governance services for the design of a Security operation center (Soc) to define processes and procedures as well as support regarding the legislation on the protection of personal data “.