Lazio & BlackMatter Bring Ransomware Into the Spotlight…Again

2 minute read | Last updated 4-Aug-2021 |Cybercrime, Security

The region of Lazio was hit by a ransomware attack and is struggling to recover. The criminals have yet to be identified or claim responsibility for this attack on critical infrastructure.

At the same time, we see a new ransomware supergroup called BlackMatter emerge with a pledge not to attack critical infrastructure like this.

What does this mean for ransomware? For you?

More in this short…

Transcript

The Lazio region of Italy was hit by a ransomware attack that has locked out some of the regions critical IT systems, including its COVID-19 vaccination booking system.

Now, the region is working through an incident response process and trying to recover, but there’s no ETA on when the systems would be restored.

[00:00:16] This is a risky move by the cyber criminals involved.

The large public pressure can lead to a faster payout, but it brings increased scrutiny and law enforcement attention.

[00:00:26] This is exactly why new ransomware super-group BlackMatter has publicly stated that they won’t go after healthcare critical infrastructure and other sensitive targets.

Ransomware as a crime is a balancing act, hitting enough victims to make a profit while not drawing undue attention and getting shut down.

[00:00:42] The key takeaway here is that ransomware is a profit motivated crime and it’s run like a business.

Defend yourselves accordingly.

References

• ‘The Situation Is Very Serious’: Ransomware Hackers Hobble Covid-19 Vaccinations in Italy

• Hackers shut down system for booking COVID-19 shots in Italy’s Lazio region

• Hackers block Italian Covid-19 vaccination booking system in ‘most serious cyberattack ever’

• An interview with BlackMatter: A new ransomware group that’s learning from the mistakes of DarkSide and REvil