Hacker attack on Italian railway company, ransom in Bitcoin

Trenitalia and Ferrovie dello Stato, the companies that operate rail transport in Italy, have been hit by a ransomware hacker attack demanding a ransom in Bitcoin

Ferrovie dello Stato hacker attack: 5 million ransom in Bitcoin

According to a photo that appeared in Corriere della Sera, one of the most important national newspapers, cybercriminals have spread a Cryptolocker-type virus and demanded a $5 million payment in Bitcoin within three days in order to unlock the systems. After these three days, the ransom doubles to $10 million. 

This type of ransomware has blocked Trenitalia’s computer systems, so much so that yesterday there were disruptions in the purchase and sale of tickets and in the applications used by onboard staff via tablets. However, rail traffic continued as normal.

Hacker attack
Despite the hacker attack, railway traffic in Italy has not stopped

Russia denies the attack

One of the first rumours was that this attack was carried out by cybercriminals from Russia. But this hypothesis was denied yesterday evening. 

The director of the National Cybersecurity Agency, Roberto Baldoni told Corriere della Sera: 

“No to the psychosis of the attack linked to the war in Ukraine. Here there is a criminal matrix, as elsewhere. I repeat: this is a hacker attack similar to others that have hit companies and infrastructures in Italy in recent times. The Agency was created precisely to increase their resilience, especially when major players, such as the railways, are affected”.

He adds: 

“From my point of view, one should never negotiate. Instead, we need to increase awareness and prevention and mitigation practices. Understand that we have entered a new world where cyber risk is always present and has to be dealt with, whether in our home PCs or in the systems of large companies”.

Precedents in Italy

This is not the first time that Italian public and private companies have been hit by ransomware hacking attacks

In the summer of 2021, the most striking case involved the Lazio region. The ransomware took out the healthcare IT systems and blocked bookings for Covid vaccines and other healthcare services. 

In October, SIAE, the Italian copyright agency, suffered a data breach in which data was stolen and sold on the dark web. 

How to stay protected

The skills of hackers can be difficult to counter, but some precautions are always useful:

  • do not open suspicious emails;
  • do not download attachments from untrusted sources;
  • always check the sender of communications, even if they seem “official”.
  • Equip yourself with a good antivirus.

Moreover, once you have been hit by this type of attack, it is always a good idea to report it and not pay the ransom.  


Source: https://en.cryptonomist.ch/2022/03/24/hacker-attack-italian-railway-company-ransom-bitcoin/