On Friday, the municipality of Palermo in southern Italy was hit by a cyberattack that appears to have disrupted a wide variety of activities and services for both residents and visitors. Palermo has a population of roughly 1.3 million inhabitants, making it Italy’s sixth most populated city. Around 2.3 million tourists visit the area each year.
Despite the efforts of local IT specialists over the last three days to restore the systems, all services, public websites, and online portals remain unavailable. According to numerous local media reports, the municipal police operations center, the public video surveillance management system, and all of the municipality’s services are among the systems that have been affected.
It is not possible to communicate or seek services using digital technology, and all residents must contact government agencies using old-fashioned fax machines. Furthermore, tourists cannot make online reservations for museums and theaters (including the Massimo Theater) or even confirm their reservations for sporting facilities. Lastly, limited traffic zone cards are hard to get, thus, there is no regulation and no consequences for violators. Unfortunately, these tickets are required for entry to the old city core, which has a significant impact on tourists and locals.
The Killnet gang, a pro-Russian hacktivist organization that targets nations that support Ukraine with resource-depleting cyberattacks known as DDoS, has lately threatened Italy (distributed denial of service). While others pointed the finger at Killnet, the Palermo hack appears to be a ransomware attack rather than a DDoS.
Paolo Petralia Camassa, the councilor for innovation in the Palermo municipality, indicated that all systems were gently turned down and separated from the network. The outage might linger for some time. This is a common response to a ransomware attack, with networks being shut down to prevent the infection from propagating and encrypting files.
If this intrusion turns out to be ransomware, the perpetrators may have been able to acquire data in order to carry out double-extortion, which is usual in these types of attacks. In such an event, Palermo might face a major data breach impacting a huge number of people, as well as fines for GDPR violations.
