{"id":6819,"date":"2021-08-04T19:05:52","date_gmt":"2021-08-05T02:05:52","guid":{"rendered":"https:\/\/blogs.infoblox.com\/?p=6819"},"modified":"2021-08-04T19:05:52","modified_gmt":"2021-08-05T02:05:52","slug":"coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system","status":"publish","type":"post","link":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/","title":{"rendered":"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System"},"content":{"rendered":"

Ransomware has struck once again at another healthcare institution. Threat actors have targeted and disabled an Italian vaccine registration system in Lazio, one of Italy\u2019s largest regions. Lazio is a central Italian region bordering the sea which includes Rome, Italy\u2019s capital. The Italian government\u2019s post in Facebook noted that a \u201cpowerful\u201d attack had disabled Lazio\u2019s databases and systems, including the system that manages the COVID-19 vaccination scheduling and appointments1<\/sup><\/span>.\u00a0<\/span><\/p>\n

According to Nicola Zingaretti, president of the Lazio Region, the attack took place starting Saturday night and continued into Sunday morning \u201cblocking almost all of the files in the data center.\u201d Zingaretti noted that the \u201csituation is serious and we immediately alerted the police and the highest levels of the state, which we thank.\u201d The cyberattack hasn\u2019t so far interfered with any existing vaccination appointments, but it caused the temporary suspension of new appointments.\u00a0<\/span><\/p>\n

The regional health councilor of Lazio, Alessio D\u2019Amato assured more than 500,000 citizens that had already scheduled their vaccinations through August 13th that they would still be able to receive the vaccination. D\u2019Amato further described the recent incident \u201cas the most serious cyberattack ever carried out on an Italian public administration.2<\/sup><\/span>\u201d\u00a0<\/span><\/p>\n

Verification of the exact source of the attack, and the ransomware used, is still unfolding. There is unverified data3<\/sup><\/span> that the attack may have been promulgated by the use of RansomExx4<\/sup><\/span>. In a ransom note that appears to be used in the Lazio attack, the ONION URL listed appears to be a known TOR site for the RansomEXX operation. RansomEXX \u201cnegotiation pages\u201d are unique for each victim. They may also include exfiltrated data including screenshots of files and more. The Italian security threat researcher JAMESWT has pointed out that the ransomware attack may be attributable to LockBit 2.05<\/sup><\/span>.\u00a0<\/span><\/p>\n

2021 has turned out to be one of the worst years for ransomware and perhaps for healthcare. Threat actors are shameless in their pursuit of extorted dollars and know that healthcare systems are essential for the public welfare. Even back in 2020, CISA published and HHS published joint advisory on ransomware, most notably Ryuk ransomware, <\/span>targeting the healthcare sector<\/span><\/a>.\u00a0<\/span><\/p>\n

According to the <\/span>Infoblox 2021 Healthcare Cybertrend Research Report6<\/sup><\/span><\/a>, there were over 416 major healthcare data breaches reported in 2020 in the United States which was a substantial increase over the 312 major healthcare data breaches reported in 2019. 62 percent of the largest of these healthcare cyberattacks in 2020 were directly attributable to ransomware per the Infoblox analysis. Ransomware remains by far the most predominant weapon of choice used by threat actors in their war on healthcare.\u00a0<\/span><\/p>\n

Chart 1 below, excerpted from the report, illustrates the research statistics on major healthcare data breaches from 2016 – 2020 due to cyberattacks. This data reflects a total of <\/span>approximately 91.8 million data records breached versus the total estimated U.S. population of 331 million. Assuming no overlap of patient data records breached, then the total percentage of patient data records breached would be 27.7 percent of the U.S. population. That is, almost 3 in 10 U.S. citizens had their personal data breached in the past five years by cyberattacks. In context, a simple analysis of healthcare data records breached in 2020 would yield the conclusion that approximately 8 percent of the U.S. population was compromised that year.<\/span><\/p>\n

Chart 2 below, also excerpted from the report, further illustrates that 27.7 percent of the entire U.S. population\u2019s healthcare records were breached, in great part due to ransomware over the past 5 years.\u00a0<\/span><\/p>\n

\"\"<\/p>\n

\"\"<\/p>\n

DNS plays a critical role in execution of ransomware campaigns, and is the mechanism by which compromised devices make C&C calls to download additional malicious commands and execute them. Using threat intelligence and AI\/ML based analytics deployed on <\/span>DNS platforms<\/span><\/a>, organizations can disrupt the use of DNS as a malware channel, stop DNS based data exfiltration, notify the broader security ecosystem of any suspicious activity and improve the security posture of the entire organization.\u00a0<\/span><\/p>\n

The Infoblox CIU continues to observe the Lazio attack details as they unfold. The CIU has published this <\/span>Cyber Threat Advisory (CTA)<\/span><\/a> which will be updated as further details are released. In addition, the Infoblox CIU will update the Threat Intelligence Data Exchange (TIDE) with indicators of attack (IOCs) once they become available and can be confirmed7<\/sup><\/span>.<\/span><\/p>\n

1. https:\/\/www.zdnet.com\/article\/covid-19-vaccine-booking-website-for-italys-lazio-region-hit-with-cyberattack\/<\/a><\/p>\n

2. https:\/\/edition.cnn.com\/2021\/08\/02\/business\/italy-hackers-covid-vaccine-intl\/index.html<\/a><\/p>\n

3. https:\/\/www.bleepingcomputer.com\/news\/security\/ransomware-attack-hits-italys-lazio-region-affects-covid-19-site\/<\/a><\/p>\n

4. https:\/\/www.zdnet.com\/article\/covid-19-vaccine-booking-website-for-italys-lazio-region-hit-with-cyberattack\/<\/a><\/p>\n

5. https:\/\/twitter.com\/JAMESWT_MHT\/status\/1422652277467328517?s=19<\/a><\/p>\n

6. https:\/\/blogs.infoblox.com\/security\/infoblox-publishes-our-2020-healthcare-cybertrend-research-report\/<\/a><\/p>\n

7. https:\/\/blogs.infoblox.com\/cyber-threat-intelligence\/cyber-threat-advisory-attack-on-italian-regional-data-center\/<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Ransomware has struck once again at another healthcare institution. Threat actors have targeted and disabled an Italian vaccine registration system in Lazio, one of Italy\u2019s largest regions. Lazio is a central Italian region bordering the sea which includes Rome, Italy\u2019s capital. The Italian government\u2019s post in Facebook noted that a \u201cpowerful\u201d attack had disabled Lazio\u2019s […]<\/p>\n","protected":false},"author":324,"featured_media":6731,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"inline_featured_image":false,"_genesis_hide_title":false,"_genesis_hide_breadcrumbs":false,"_genesis_hide_singular_image":false,"_genesis_hide_footer_widgets":false,"_genesis_custom_body_class":"","_genesis_custom_post_class":"","_genesis_layout":"","footnotes":""},"categories":[2],"tags":[288,333,346,556],"class_list":{"0":"post-6819","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-security","8":"tag-ransomware","9":"tag-cyberattack","10":"tag-healthcare","11":"tag-italy","12":"entry"},"acf":[],"yoast_head":"\nColdhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System<\/title>\n<meta name=\"description\" content=\"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System. Ransomware has struck once again at another healthcare institution. Threat actors have targeted and disabled an Italian vaccine registration system in Lazio, one of Italy\u2019s largest regions. Lazio is a central Italian region bordering the sea which includes Rome, Italy\u2019s capital. The Italian government\u2019s post in Facebook noted that a \u201cpowerful\u201d attack had disabled Lazio\u2019s databases and systems, including the system that manages the COVID-19 vaccination scheduling and appointments\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/\" \/>\n<meta property=\"og:locale\" content=\"en_US\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System\" \/>\n<meta property=\"og:description\" content=\"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System. Ransomware has struck once again at another healthcare institution. Threat actors have targeted and disabled an Italian vaccine registration system in Lazio, one of Italy\u2019s largest regions. Lazio is a central Italian region bordering the sea which includes Rome, Italy\u2019s capital. The Italian government\u2019s post in Facebook noted that a \u201cpowerful\u201d attack had disabled Lazio\u2019s databases and systems, including the system that manages the COVID-19 vaccination scheduling and appointments\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/\" \/>\n<meta property=\"og:site_name\" content=\"Infoblox Blog\" \/>\n<meta property=\"article:published_time\" content=\"2021-08-05T02:05:52+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-24.jpg\" \/>\n\t<meta property=\"og:image:width\" content=\"612\" \/>\n\t<meta property=\"og:image:height\" content=\"408\" \/>\n\t<meta property=\"og:image:type\" content=\"image\/jpeg\" \/>\n<meta name=\"author\" content=\"Michael Zuckerman\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"Written by\" \/>\n\t<meta name=\"twitter:data1\" content=\"Michael Zuckerman\" \/>\n\t<meta name=\"twitter:label2\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data2\" content=\"4 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@graph\":[{\"@type\":\"Article\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/#article\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/\"},\"author\":{\"name\":\"Michael Zuckerman\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/212816c17be869578ba1574b5fc7abf4\"},\"headline\":\"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System\",\"datePublished\":\"2021-08-05T02:05:52+00:00\",\"mainEntityOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/\"},\"wordCount\":761,\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-24.jpg\",\"keywords\":[\"Ransomware\",\"Cyberattack\",\"Healthcare\",\"italy\"],\"articleSection\":[\"Security\"],\"inLanguage\":\"en-US\"},{\"@type\":\"WebPage\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/\",\"name\":\"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System\",\"isPartOf\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\"},\"primaryImageOfPage\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/#primaryimage\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/#primaryimage\"},\"thumbnailUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-24.jpg\",\"datePublished\":\"2021-08-05T02:05:52+00:00\",\"description\":\"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System. Ransomware has struck once again at another healthcare institution. Threat actors have targeted and disabled an Italian vaccine registration system in Lazio, one of Italy\u2019s largest regions. Lazio is a central Italian region bordering the sea which includes Rome, Italy\u2019s capital. The Italian government\u2019s post in Facebook noted that a \u201cpowerful\u201d attack had disabled Lazio\u2019s databases and systems, including the system that manages the COVID-19 vaccination scheduling and appointments\",\"breadcrumb\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/#breadcrumb\"},\"inLanguage\":\"en-US\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/\"]}]},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/#primaryimage\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-24.jpg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/ciu-image-24.jpg\",\"width\":612,\"height\":408,\"caption\":\"Hackers using laptop computers to penetrate security systems to steal big data from the server room\"},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/security\\\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\\\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Security\",\"item\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/category\\\/security\\\/\"},{\"@type\":\"ListItem\",\"position\":3,\"name\":\"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#website\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"name\":\"infoblox.com\\\/blog\\\/\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-US\"},{\"@type\":\"Organization\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#organization\",\"name\":\"Infoblox\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/\",\"logo\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"contentUrl\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/wp-content\\\/uploads\\\/infoblox-logo-2.svg\",\"width\":137,\"height\":30,\"caption\":\"Infoblox\"},\"image\":{\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/logo\\\/image\\\/\"}},{\"@type\":\"Person\",\"@id\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/#\\\/schema\\\/person\\\/212816c17be869578ba1574b5fc7abf4\",\"name\":\"Michael Zuckerman\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"en-US\",\"@id\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_324_1628613720-96x96.jpg\",\"url\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_324_1628613720-96x96.jpg\",\"contentUrl\":\"https:\\\/\\\/blogs.infoblox.com\\\/wp-content\\\/uploads\\\/avatar_user_324_1628613720-96x96.jpg\",\"caption\":\"Michael Zuckerman\"},\"description\":\"Michael Zuckerman is a seasoned B2B product marketing and marketing strategy consultant with experience in the cybersecurity marketplace. Zuckerman\u2019s domain experience in cybersecurity over the past 10 years includes DNS security, threat intelligence, threat intelligence platforms (TIP), container security, mobile device security, moving target defense, network threat analysis (AI), sandbox, deception technology, cloud access security brokers (CASB), SASE, AI based SIEM, secure collaborative governance, and related technology sets to include data loss prevention (DLP), user and entity behavior analytics (UEBA), and encryption.\",\"url\":\"https:\\\/\\\/www.infoblox.com\\\/blog\\\/author\\\/michael-zuckerman\\\/\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System","description":"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System. Ransomware has struck once again at another healthcare institution. Threat actors have targeted and disabled an Italian vaccine registration system in Lazio, one of Italy\u2019s largest regions. Lazio is a central Italian region bordering the sea which includes Rome, Italy\u2019s capital. The Italian government\u2019s post in Facebook noted that a \u201cpowerful\u201d attack had disabled Lazio\u2019s databases and systems, including the system that manages the COVID-19 vaccination scheduling and appointments","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/","og_locale":"en_US","og_type":"article","og_title":"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System","og_description":"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System. Ransomware has struck once again at another healthcare institution. Threat actors have targeted and disabled an Italian vaccine registration system in Lazio, one of Italy\u2019s largest regions. Lazio is a central Italian region bordering the sea which includes Rome, Italy\u2019s capital. The Italian government\u2019s post in Facebook noted that a \u201cpowerful\u201d attack had disabled Lazio\u2019s databases and systems, including the system that manages the COVID-19 vaccination scheduling and appointments","og_url":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/","og_site_name":"Infoblox Blog","article_published_time":"2021-08-05T02:05:52+00:00","og_image":[{"width":612,"height":408,"url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-24.jpg","type":"image\/jpeg"}],"author":"Michael Zuckerman","twitter_card":"summary_large_image","twitter_misc":{"Written by":"Michael Zuckerman","Est. reading time":"4 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"Article","@id":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/#article","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/"},"author":{"name":"Michael Zuckerman","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/212816c17be869578ba1574b5fc7abf4"},"headline":"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System","datePublished":"2021-08-05T02:05:52+00:00","mainEntityOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/"},"wordCount":761,"publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-24.jpg","keywords":["Ransomware","Cyberattack","Healthcare","italy"],"articleSection":["Security"],"inLanguage":"en-US"},{"@type":"WebPage","@id":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/","url":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/","name":"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System","isPartOf":{"@id":"https:\/\/www.infoblox.com\/blog\/#website"},"primaryImageOfPage":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/#primaryimage"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/#primaryimage"},"thumbnailUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-24.jpg","datePublished":"2021-08-05T02:05:52+00:00","description":"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System. Ransomware has struck once again at another healthcare institution. Threat actors have targeted and disabled an Italian vaccine registration system in Lazio, one of Italy\u2019s largest regions. Lazio is a central Italian region bordering the sea which includes Rome, Italy\u2019s capital. The Italian government\u2019s post in Facebook noted that a \u201cpowerful\u201d attack had disabled Lazio\u2019s databases and systems, including the system that manages the COVID-19 vaccination scheduling and appointments","breadcrumb":{"@id":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/#breadcrumb"},"inLanguage":"en-US","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/"]}]},{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/#primaryimage","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-24.jpg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/ciu-image-24.jpg","width":612,"height":408,"caption":"Hackers using laptop computers to penetrate security systems to steal big data from the server room"},{"@type":"BreadcrumbList","@id":"https:\/\/www.infoblox.com\/blog\/security\/coldhearted-ransomware-attack-disrupts-italys-vaccine-registration-system\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.infoblox.com\/blog\/"},{"@type":"ListItem","position":2,"name":"Security","item":"https:\/\/www.infoblox.com\/blog\/category\/security\/"},{"@type":"ListItem","position":3,"name":"Coldhearted Ransomware Attack Disrupts Italy\u2019s Vaccine Registration System"}]},{"@type":"WebSite","@id":"https:\/\/www.infoblox.com\/blog\/#website","url":"https:\/\/www.infoblox.com\/blog\/","name":"infoblox.com\/blog\/","description":"","publisher":{"@id":"https:\/\/www.infoblox.com\/blog\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.infoblox.com\/blog\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-US"},{"@type":"Organization","@id":"https:\/\/www.infoblox.com\/blog\/#organization","name":"Infoblox","url":"https:\/\/www.infoblox.com\/blog\/","logo":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/","url":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","contentUrl":"https:\/\/www.infoblox.com\/blog\/wp-content\/uploads\/infoblox-logo-2.svg","width":137,"height":30,"caption":"Infoblox"},"image":{"@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/logo\/image\/"}},{"@type":"Person","@id":"https:\/\/www.infoblox.com\/blog\/#\/schema\/person\/212816c17be869578ba1574b5fc7abf4","name":"Michael Zuckerman","image":{"@type":"ImageObject","inLanguage":"en-US","@id":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_324_1628613720-96x96.jpg","url":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_324_1628613720-96x96.jpg","contentUrl":"https:\/\/blogs.infoblox.com\/wp-content\/uploads\/avatar_user_324_1628613720-96x96.jpg","caption":"Michael Zuckerman"},"description":"Michael Zuckerman is a seasoned B2B product marketing and marketing strategy consultant with experience in the cybersecurity marketplace. Zuckerman\u2019s domain experience in cybersecurity over the past 10 years includes DNS security, threat intelligence, threat intelligence platforms (TIP), container security, mobile device security, moving target defense, network threat analysis (AI), sandbox, deception technology, cloud access security brokers (CASB), SASE, AI based SIEM, secure collaborative governance, and related technology sets to include data loss prevention (DLP), user and entity behavior analytics (UEBA), and encryption.","url":"https:\/\/www.infoblox.com\/blog\/author\/michael-zuckerman\/"}]}},"_links":{"self":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6819","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/users\/324"}],"replies":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/comments?post=6819"}],"version-history":[{"count":1,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6819\/revisions"}],"predecessor-version":[{"id":6822,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/posts\/6819\/revisions\/6822"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media\/6731"}],"wp:attachment":[{"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/media?parent=6819"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/categories?post=6819"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.infoblox.com\/blog\/wp-json\/wp\/v2\/tags?post=6819"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}