Behind the hacker attack that hit yesterday Trenitalia there is the group of Russian-speaking cybercriminals Hivewho asked for a millionaire ransom to the State Railways. The group would indeed have asked $ 5 million in Bitcoin.
Trenitalia, the ransom requested by Hive after yesterday’s hacker attack
Yesterday morning a malware hit Trenitalia’s computer system. There ticket sales in the self-service and ticket offices in the stations it appeared impossible. And Trenitalia’s security team asked employees to turn off their computers to continue the IT analysis.
While the sale of tickets continued online and directly from the conductor without surcharge, the computer scientists of the State Railways and the Postal Police they looked into the attack. A ransomware, which blocked access. And in fact it seems that the ransom demand has arrived: $ 5 million in Bitcoin.
The request for a ransom excludes the biggest concern, that it was an attack on national infrastructure by Russia. Though totally exclude this hypothesis it remains impossible: In recent years there have been several links between ‘private’ hackers and the Kremlin secret services.
Roberto Baldoni, director of the National Cybersecurity Agency, explains to Corriere della Sera: “It is a hacker attack similar to others that have hit companies and infrastructures in Italy in recent times as well”. In particular, “In the context of the Ukraine crisis, since January 14 we have sent about eight thousand alerts, in particular to companies that make part of the cyber security perimeterto. Some of these communications also involved small and medium-sized companies that had outsourced production to Ukraine and that used the same authentication systems adopted in Italy “.
Hive Ransomware has in the past affected companies such as Mediaworld and Alia SpA. Now he asks Ferrovie dello Stato to pay the sum within three days, or will double the amount requested. At the moment, however, it seems that Ferrovie does not want to give in to blackmail. We will keep you posted.