vicesociety attacks Palermo
Incident Date:
June 9, 2022
Overview
Title
vicesociety attacks Palermo
Victim
Palermo
Attacker
Vicesociety
Location
First Reported
June 9, 2022
Vice Society Ransomware Attack on Palermo
The Vice Society ransomware group has claimed responsibility for a cyberattack on the Italian city of Palermo, which has caused a large-scale service outage. The attack occurred on June 2, 2022, and all internet-based services remain unavailable, affecting 1.3 million people and many tourists visiting the city. The authorities confirmed the severity of the incident on Monday, explaining that all systems had to be taken offline to control the damage.
Vice Society posted an entry on their dark web data leak site, threatening to publish all stolen documents by Sunday if a ransom is not paid. This indicates that the negotiations for the ransom payment are still in progress, and Vice Society is hoping that its threats to Palermo’s officials will have their intended effect. The ransomware group is known for exploiting known vulnerabilities on unpatched systems, such as the PrintNightmare flaws.
The Vice Society ransomware group has been active since June 2021 and is considered a spin-off of the HelloKitty ransomware. It primarily targets small or midsize victims, including public school districts and other educational institutions. The group uses a double extortion model, threatening to publish data stolen from the victims on a data leak site.
The City of Palermo is still investigating the incident with the help of local authorities, but at this time, it is not clear which data the ransomware gang has stolen. The attack impacted the municipal police, surveillance cameras, and ZTL traffic control systems, and the authorities confirmed that the problems can last for days.
About Palermo
Palermo is the capital city of the Italian region of Sicily and is known for its rich history and cultural heritage. The city is a major economic and cultural center in Sicily, with a population of approximately 670,000 people. Palermo is a significant player in the Business Services sector, offering a range of services to both local and international clients.
Vulnerabilities and Mitigation
The Vice Society ransomware attack on Palermo highlights the importance of maintaining up-to-date security measures to protect against known vulnerabilities. Public-facing state networks, like those in Palermo, are particularly vulnerable to ransomware attacks, as they often have a large attack surface and may not be as well-protected as private networks.
To mitigate the risk of ransomware attacks, organizations should prioritize patching known vulnerabilities, implement multi-factor authentication, and regularly back up critical data. Additionally, employee training and awareness programs can help prevent successful attacks by reducing the likelihood of phishing and other social engineering attacks.
Sources
- Heimdal Security: Palermo Suffers Cyberattack, Vice Society Ransomware Claims Responsibility
- Izoologic: Vice Society Hacker Group Claimed the Attack Against the City of Palermo
- Bleeping Computer: Vice Society Ransomware Claims Attack on Italian City of Palermo
- DataBreaches.net: More Details Emerge on Palermo Ransomware Attack
- Security Affairs: Vice Society Gang Adds the Italian City of Palermo to its Data Leak Site
- Palermo: History, Culture, and Economy
- Cybersecurity Best Practices for Ransomware Protection
Recent Ransomware Attacks
The Recent Ransomware Attacks (RRA) site acts as a watchtower, providing you with near real-time ransomware tracking of attacks, groups and their victims. Given threat actors’ overarching, lucrative success so far, ransomware attacks have become the most ubiquitous, and financially and informationally impactful cyber threat to businesses and organizations today.
The site’s data is generated based on hosting choices of real-world threat actors, and a handful of other trackers. While sanitization efforts have been taken, we cannot guarantee 100% accuracy of the data. Attack updates will be made as source data is reported by reputable sources. By viewing, accessing, or using RRA you acknowledge you are doing so at your own risk.