INPS’s website in Italy was attacked as about 339,000 applications for the €600 benefits for VAT-registered and self-employed Italians were being processed
The online service of the Italian Department of Social Security and Welfare (INPS) is back in operation now, but the cyber-attack forced the website to go offline on 1 April. The attack slowed down the processing of super-urgent applications for coronavirus-related benefits.
Welfare agency leader Pasquale Tridico told Italian state broadcaster RAI that INPS was sorting out 339,000 applications for the €600 (£520) benefits for VAT-registered and self-employed Italians, when hackers created a denial of service blocked access to the website, Reuters have reported.
The Italian Ministry of Labour and Social Policies, to which this agency reports, tweeted on 1 April, that the INPS website was now temporarily suspended due to “hacker attacks”.
The Italian media and the government PR have refrained from attributing this attack to any particular groups. Vigilante hacking groups have a history of targeting government services in Italy, but the nature and timing of this attack rules them out, said Ray Walsh, a digital privacy expert at ProPrivacy.
Immuniweb founder and CEO Ilia Kolochenko agrees that though it seems like a DDoS attack, the information available is too limited to form any firm conclusions.
“The website was already tremendously overloaded with legitimate users desperately seeking help among this unprecedentedly disastrous crisis. So even a tiny botnet is now apt to substantially disrupt the website’s availability and performance.”
Worst possible predictions now are the footprints of a professional cyber-gang behind this attack, and they will likely exploit some weaknesses and architectural flaws of the web application to boost the amplitude of the DDoS, eventually expecting to get a ransom for stopping their activities, noted Kolochenko.
“The victims are now between Scylla and Charybdis, as paying the ransom will be a signal to many other gangs about this low-hanging fruit, while refusing will prevent the most vulnerable people in need from getting timely help that is so necessary in these uncertain times,” he said.
Given the present situation of crisis, coupled by the political tensions, it is wise to wait for the results of a formal cyber-security probe that analyses the digital footprints to carefully ascertain the origin of the attack, said Walsh.
“The world is on high alert since the outbreak, and political tensions between the US and China are already heightened, it is possible that politically motivated hackers could attempt to frame a particular country to add to that tension. For this reason, it is important not to jump to any conclusions or to point the finger without concrete evidence,” he observed.
The attack came to light late on 31 March as applications started pouring in to the INPS website. Italians took to Twitter to report the unresponsive website, with the hashtag #INPSdown trending that day.
Twitter users also started posting about the website throwing up personal information of applicants. That personal details of Italian users who attempted to apply for Covid-19 benefits being displayed online is exceptionally concerning, as the data could be used to identify targets for identity theft, fraud, and secondary phishing attacks, Walsh pointed out.
“It will now be necessary for the Italian government to ascertain exactly how it’s social security system was attacked in order to plug those holes, and anti-fraud measures that ensure those affected are protected will now be needed, adding to the problems that the Italian government are already facing dealing with the ongoing crisis.”
The utter heartlessness of those persons who witness the terrible suffering of the Italian people in the media, and then decide to exploit the situation for financial or political gain by making matters worse, truly beggars’ belief. Whilst the international crisis appears to make the good better, it obviously makes the very bad so very much worse.