Lazio hacker attack, the site restarts to book vaccines. Ip addresses are sifted through the investigators

The site for booking vaccines in Lazio is active again. It has been a difficult week for the Region, which has been under hacker attack for 5 days. The reopening of the platform was scheduled for this Friday, but the technicians were able to anticipate the times. “After the work of these days – indicated the President of the Lazio Region, Nicola Zingaretti -, we are now able to present a first time schedule of the services we are reactivating: the vaccination booking system is operational from this afternoon (website link). The vaccination registry will start again during the day ».

«Entrance to the office in turn», guidelines for returning: avoid gatherings

Hunt for IP addresses. Investigators are trying to understand the origin of the hacker attacks. And I’m hunting for the IP addresses (the Internet Protocol address) from which they started. The raid hit the Data Center. The support of the FBI and Europol with which the Postal Police is working was decisive for the investigation. The data on the log files acquired in these days are being analyzed in order to understand from which country the action started.

Hacker attack: “A secret password stored on the PC”, this is how Lazio were punctured

Extracted backup files. Investigators investigating the hacker attack on the Ced of the Lazio Region were able to extract backup copies from the blocked servers. It is learned from investigative sources according to which, at a first analysis, the backup files would not have been touched by the attack. To have been encrypted, again according to what we learn, were the systems that managed the backup but not the backups themselves. Therefore, the sources point out, it was possible to access the backups by creating a system equivalent to the encrypted one and thus it was possible to recover them.

Il nodo Engineering. Engineering denies being involved in the hacker attack on the Lazio Region and the Postal Police, there is no evidence that there are links with the attack suffered by the same company. Engineering “has not received any notification from the investigators regarding possible links between the event blocked in the bud that affected the group and the attack on the Lazio Region” and “contrary to what some press reports reported, does not provide infrastructure or security services to the Lazio Region, which relies on other operators for this ».

Lazio vaccine booking site, record times

The Salute Lazio website should have been reactivated on Friday for the booking of vaccines, but the Region was able to anticipate the times. “24 hours ahead of schedule, the booking service for anti-Covid vaccines has been restored in Lazio in record time (only from the bookingavaccino-covid.regione.lazio.it link) – announced the regional health councilor Alessio D’Amato -. It is an important signal and I thank all our operators, including the IT part, who have never stopped. Despite the difficulties deriving from the hacker attack, today the functionality of the service is restarting, which has so far seen about 8 million bookings between first and second doses, and the consequent 7.1 million registrations in the regional vaccination register, where they have already been registered over 1,000 vaccinations today. The Lazio vaccination machine thus resumes at full capacity towards the next goal which consists of 80% of the vaccinated population ».

The temporary booking service

The hacker attack affected not only the vaccine booking site, but other services as well. So the various local health authorities have organized themselves to allow citizens to use them equally. From tomorrow, the “Temporary Booking Service” for visits and exams is operational for ASL Roma 1 residents. Users can call 06 77647714, active from Monday to Friday from 8 am to 4 pm, with a health card and prescription from the general practitioner. The operators will take charge of the request and will communicate the date and time of the appointment to the interested parties. The service will be operational until the recovery of the regional RECUP system.

NEXT Data theft risk, Tim alerts customers: “Identity in danger”