lockbit3 attacks Polizia Municipale
Incident Date:
September 5, 2022
Overview
Title
lockbit3 attacks Polizia Municipale
Victim
Polizia Municipale
Attacker
Lockbit3
Location
First Reported
September 5, 2022
Ransomware Attack on Comune di Gorizia's Polizia Municipale
Victim Profile
The Italian municipality of Gorizia, represented by the Comando di Polizia Municipale, has recently fallen victim to a ransomware attack by the Lockbit3 group. The attack was disclosed on the group's dark web leak site, highlighting the ongoing cybersecurity threats faced by local government entities.
Vulnerabilities and Industry Standing
The Comune di Gorizia, tasked with the administration of the city and maintaining law and order through its Polizia Municipale, encounters typical challenges in cybersecurity due to constrained resources and expertise. This vulnerability makes it, and similar local government entities, prime targets for ransomware attacks. The incident mirrors the situation faced by the Comune di Palermo earlier in 2023, underscoring a widespread issue within the Italian government sector. Addressing these vulnerabilities is crucial for safeguarding sensitive information and preventing future cybersecurity incidents.
Mitigation Strategies
Although specific details regarding the Comune di Gorizia's cybersecurity measures were not disclosed, it is imperative for local governments to adopt comprehensive cybersecurity practices. Effective strategies include ensuring timely updates and patches, conducting regular employee training on cybersecurity awareness, and implementing multi-factor authentication to enhance security postures against ransomware threats.
Sources
- Comando di Polizia Municipale: Gorizia - Comune di Gorizia
- AXITEA: La messa in sicurezza del Comune di Milano
- ICT Security Magazine: L'intervento dell'Ausiliario di Polizia Giudiziaria, ex art. 348 c.p.p. nelle perquisizioni informatiche
- Onorato Informatica: Attacchi informatici alle PA: il caso del comune di Palermo
- Cybersecurity360: Comune di Palermo sotto attacco, servizi indisponibili: "situazione seria"
- Privacy Affairs: GDPR Fines Tracker & Statistics
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.