Vice Society Ransomware Attack on Palermo

The Vice Society ransomware group has claimed responsibility for a cyberattack on the Italian city of Palermo, which has caused a large-scale service outage. The attack occurred on June 2, 2022, and all internet-based services remain unavailable, affecting 1.3 million people and many tourists visiting the city. The authorities confirmed the severity of the incident on Monday, explaining that all systems had to be taken offline to control the damage.

Vice Society posted an entry on their dark web data leak site, threatening to publish all stolen documents by Sunday if a ransom is not paid. This indicates that the negotiations for the ransom payment are still in progress, and Vice Society is hoping that its threats to Palermo’s officials will have their intended effect. The ransomware group is known for exploiting known vulnerabilities on unpatched systems, such as the PrintNightmare flaws.

The Vice Society ransomware group has been active since June 2021 and is considered a spin-off of the HelloKitty ransomware. It primarily targets small or midsize victims, including public school districts and other educational institutions. The group uses a double extortion model, threatening to publish data stolen from the victims on a data leak site.

The City of Palermo is still investigating the incident with the help of local authorities, but at this time, it is not clear which data the ransomware gang has stolen. The attack impacted the municipal police, surveillance cameras, and ZTL traffic control systems, and the authorities confirmed that the problems can last for days.

About Palermo

Palermo is the capital city of the Italian region of Sicily and is known for its rich history and cultural heritage. The city is a major economic and cultural center in Sicily, with a population of approximately 670,000 people. Palermo is a significant player in the Business Services sector, offering a range of services to both local and international clients.

Vulnerabilities and Mitigation

The Vice Society ransomware attack on Palermo highlights the importance of maintaining up-to-date security measures to protect against known vulnerabilities. Public-facing state networks, like those in Palermo, are particularly vulnerable to ransomware attacks, as they often have a large attack surface and may not be as well-protected as private networks.

To mitigate the risk of ransomware attacks, organizations should prioritize patching known vulnerabilities, implement multi-factor authentication, and regularly back up critical data. Additionally, employee training and awareness programs can help prevent successful attacks by reducing the likelihood of phishing and other social engineering attacks.

Sources

• Heimdal Security: Palermo Suffers Cyberattack, Vice Society Ransomware Claims Responsibility
• Izoologic: Vice Society Hacker Group Claimed the Attack Against the City of Palermo
• Bleeping Computer: Vice Society Ransomware Claims Attack on Italian City of Palermo
• DataBreaches.net: More Details Emerge on Palermo Ransomware Attack
• Security Affairs: Vice Society Gang Adds the Italian City of Palermo to its Data Leak Site
• Palermo: History, Culture, and Economy
• Cybersecurity Best Practices for Ransomware Protection