Italian Vaccine Booking System Compromised by Hackers

According to NBC, hackers have attacked the vaccination registration system in one of Italy’s largest regions, temporarily blocking residents from booking new vaccination appointments.


With global healthcare systems carefully monitoring and responding to the Delta variant’s creation of a new phase of the pandemic, conflicting priorities are creating new opportunities for cyber criminals. Opportunities which hackers are already taking advantage of, as we are seeing with news of an Italian vaccine booking system being held hostage by hackers who gained access via crypto-locker malware. To make matters worse, this new COVID-related chaos is just putting more pressure on already strapped security teams who have been struggling to address the recent success rates of supply chain attacks.


Chuck Everette, director of cybersecurity advocacy at Deep Instinct weighed in on this latest attack:

"Hackers have recognized that the demand for COVID vaccines presents a wealth of opportunities due to the number of people flocking to be protected, and the personal data that is required to even book a time and date to receive the vaccine. The attack on Lazio’s vaccine portal appears to be part of a supply chain attack and is therefore not an isolated incident. As this attack is part of a wider campaign, it should be the cause of further concern for other government agencies and healthcare organizations across the world.


These are exceptional times and the roll out of vaccine booking portals in every country has been a literal lifesaver for many people. Governments are doing all they can to protect their citizens, however, the speed at which these online portals have been created means that they weren’t necessarily built with security in mind. Governments are finding it increasingly difficult to hire expert cyber professionals who can help prevent attacks such as this one, and it would have been challenging to ensure there are no vulnerabilities within these portals that could be exploited by bad threat actors.


The best protection against attacks such as this one is a multi-layered approach using a variety of solutions. A “prevention-first” mindset is also key. Organizations need to implement security at every stage of the development process and execute a DevSecOps approach in order to actually prevent cyber attacks, rather than mitigate them. Investing in solutions that use technology such as deep learning which can stop a ransomware attack, pre-execution, before it can take hold will also help add that extra layer of defense that government and healthcare organizations desperately need."


Terry Ray, Senior Vice President and Fellow, Imperva also shared his insights:


"The healthcare industry has always been a ripe target for cybercriminals. This isn’t going to change as demand for rapid access and mobile access increases burden on security teams. Organizations in this market have access to incredibly valuable personal data, yet commonly rely on unpatched and outdated systems, and third-party applications – a perfect storm that is resulting in more security incidents and web application attacks.

In healthcare, a global pandemic has forced the digital agenda to speed up at an astonishing pace. The transformed IT landscape in healthcare is creating numerous pathways for cybercriminals to exploit – from large-scale ransomware attacks on health systems caring for patients to attacks on vaccine scheduling sites - often under the nose of an already oversubscribed IT security team.

According to data from Imperva Research Labs, the number of records compromised each year increases by an average of 224%. While 2021 is far from over, we’re already on pace for another record-setting year. We’re on pace to see 40 billion records compromised by the end of 2021 -- more than double the total of last year. This is a staggering and concerning number considering that every piece of data is valuable and can be exploited for other attacks in the future. This follows an unprecedented year of cybersecurity activity in healthcare. Imperva data shows the industry experienced 187 million web application attacks per month globally, on average, or roughly 498 attacks per organization each month. That’s a 10% increase year-over-year, and it underscores the growing vulnerability of web applications for healthcare organizations.

Healthcare has an enormous cybersecurity issue on its hands, and it will only continue to grow. As the pace of digital transformation quickens, it’s critical for all healthcare organizations to prioritize the protection of data and all paths to it."


###