Cristiano Ghidotti reports:
Unfortunately, the news of the cyber attack that has brought the systems of the Municipality of Brescia and the provision of services to citizens to their knees does not seem to be an April fool . This is communicated by the official website of the Lombard capital, with a brief statement that we report below.
The Municipality of Brescia informs that, starting from Tuesday 30 March, it was the victim of a cyber attack by unknown persons, which caused damage to the network, not allowing it to guarantee normal services.
Read more on PuntoInformatico. This site has not been able to find any updates on this story, which was published three days ago. The full notice from the Municipality of Brescia reads:
The Municipality of Brescia informs that, starting from Tuesday 30 March, it was the victim of a cyber attack by unknown persons, which caused damage to the network, preventing it from guaranteeing normal services.
The incident occurred despite the presence of antivirus and computer security systems in the municipality.
Soon a complaint will be filed with the competent authorities, meanwhile the technicians are working to try to restore the correct functioning of the technological supports and online practices, in order to return to full capacity when the Easter holidays return.
In other news out of Italy, the Municipality of Rho posted an almost identical notice on their web site on April 1:
The Municipality of Rho was the victim of a cyber attack by unknown persons, which caused damage to the network, preventing it from guaranteeing normal services, which also include those provided by the Quic – Sportelo del Cittadino.
The incident occurred despite the fact that antivirus and computer security systems are active in the municipality.
Soon a complaint will be filed with the competent authorities, meanwhile the technicians are working to try to restore the correct functioning of the technological supports and online practices, in order to return to full capacity when the Easter holidays return.
Do the municipalities share a common IT provider or host? Will we see other Italian municipalities with identical notices? Maybe Marco DeFelice of SuspectFile can find out more.
Thanks to @Chum1ng0 for both of these reports.
UPDATE: Chum1ng0 found an updated notice by Brescia that identifies the malware as Cryptolocker.
UPDATED April 5: In another update found by Chum1ng0, we learn that the Brescia attack was the DoppelPaymer threat actors.