Not even the time to point out in an article that Italy is the second country in Europe most exposed to cyber offensives after Spain, and here a hacker attack has been launched, this time against SIAE.
Thus continues the black period for Italian IT security systems, which began with the sensational attack against the Lazio Region in the night between July 31st and August 1st. And that has, indeed had by now, the latest episode in the cyber attack on the CGIL site. In the same hours of the physical attack, much more regrettable, at the national headquarters of the union, which took place on 9 October last.
Now here we go again, and this time the Italian Society of Authors and Publishers, which deals with copyright in Italy, was hit.
The hacker attack on Siae was huge due to the amount of stolen data. And above all it intersects with another leitmotiv of recent times, Bitcoin. Because the ransom demanded by cybercriminals was demanded precisely in the most famous of cryptocurrencies.
Let’s see everything we know for now about the hacker attack against the Siae site.
Siae hacker attack: what happened
The news has been leaked very recently but, from what is known, the cyber offensive dates back to a few days ago. The most likely date of the attack appears to be Monday 18 October. To claim the action was a group called Everest.
The Guarantor was immediately informed of the crime, on which the postal police are investigating through the Roman compartment of the Cnaipic (National Cybercrime Center for the Protection of Critical Infrastructures).
Considering the delicacy of the material it manages, Siae has made it known that it will deploy all possible forces to protect its members, and above all their intellectual works.
The stolen data
After days, checks are still underway to accurately quantify the extent of the damage.
However, news leaked according to which the data stolen from the SIAE site by the hacker attack would amount to about 60 gigabytes (70 for some sources).
There is talk of about 28 thousand documents stolen. Including sensitive data such as identity documents, health cards, addresses and contracts, already on sale on the dark web.
It is not clear whether the hackers also got their hands on the works of the SIAE members.
The company in recent days had already suffered a series of small attacks, which had alarmed the security systems.
The mode of the hacker attack on Siae
Even this latest cyber offensive, like almost all those that have characterized the past months, was brought by a ransomware.
Ransomware, let us remember again for the benefit of readers, is a malware (i.e. malicious software) that once introduced into a system blocks its operation, encrypting its data. The cybercriminal who introduces it to a system then takes control of it. And it usually requires a ransom (ransom) to return it, or rather return the command, to its rightful owners.
The ransom
And in fact, those who launched the hacker attack on Siae asked for a ransom, under the threat of publishing the artists’ material on the dark web. It is useless to imagine the setback that a company that was born for the protection of copyright would face.
Furthermore, the ransom in question has two peculiar characteristics. The first is the entity, not small. Cybercriminals would have asked for three million to return the stolen data to Siae.
Three million in euros? No, and this is the second peculiarity. The ransom was requested in Bitcoin.
Siae does not intend to pay
However, SIAE does not seem willing to pay any ransom to the self-styled Everest group. This is because there would be no concrete guarantees that by paying the sum in cryptocurrency the dissemination of data on the dark web would be interrupted.
This was confirmed to Ansa by the general director of the Italian Society of Authors and Publishers, Gaetano Blandini. The chief executive said: “Siae will not proceed with the ransom request. We have already made the report to the postal police and to the privacy guarantor as usual. All authors who have been subject to attack will then be promptly informed. We will constantly monitor the progress of the situation trying to secure the data of SIAE members ”.
The attack of 2018
Already in November 2018, Siae had suffered a hacker attack, by the Anonplus group.
At that time about 4 gigabytes of data had been stolen, but it seems that no sensitive data had been withdrawn and resold.
In those months the Anonplus group had launched a series of sensational attacks, even on the sites of IT companies such as Norton Antivirus and Symantec, as well as those of banks and municipalities in Central America.
Leave a Reply
View Comments