ABI, the Italian banking association, was attacked by a group of cybercriminals who stole and later published some sensitive data of the association's employees. The attack, as well as others that have affected other institutions such as the Ministry of Ecological Transition and companies such as Trenitalia, was carried out with a ransomware, a software that allows you to steal data and keep it blocked with the aim of asking for a ransom .
It is not a new kind of attack, indeed it has existed for a long time and in recent years has affected large private companies, small businesses, municipalities, national institutions. Ransomware is an effective cyber attack: it causes a lot of damage, you don't need great tools to organize it, and it allows criminals to risk little because discovering the perpetrators of this type of attack is quite complicated. If the ransom is paid, the criminals will have achieved the goal, otherwise they can try to sell the data back to the highest bidder.
In the case of the ABI it seems that the attack was carried out by the group called the Vice Society, which emerged around mid-2021 with a series of actions mainly against medium-sized organizations.
Among the data published by Vice Society, dating back to April 18, there are identity cards and health cards of ABI employees and information on their credit cards as well as medical certificates and some company telephone numbers. The publication of the documents was confirmed by the ABI, which in a statement said it had been subject to cyber attacks since February. On April 7, the association's website was inaccessible for several hours. “The complaints have been presented to the Postal Police and the competent Authorities”, reads the ABI communication. “The association has already activated all actions for its own protection and that of personnel data and has taken all measures to further secure the infrastructures and data”. The association says it has not received ransom demands from criminals.
