A suspected cyber-attack by hackers has paralyzed the operations of the 188 branches of the Banca di Credito Cooperativo (Bcc) in Rome, one of the largest Italian cooperative credit banks. Yesterday morning, during the daily security checks, the institute’s experts discovered a security loophole, which reduced the possibility of carrying out normal operations at the institute’s counters.

Threat actors targeted the internal network 

According to an unofficial source, a component of the IT infrastructure of the Bcc showed traces of activity not attributable to normal operation in some servers and internal workstations. To allow controls and secure the network, security experts isolated this piece of infrastructure. But this caution reduced the operations at the branches for 24 hours: the portals continued to work, but customers who showed up for withdrawals, deposits, and more struggled to be identified and supported at the branches.

Execution of the backup plan 

The institute would be examining the incident with its IT security experts, to be able to say in the next few hours whether it was a telematic attack or a simple technical malfunction. However, the bank announces that as of today, operations at the branches have been fully restored, by virtue of the activation of the emergency plan, which provides for analogue integration to digital deficiencies that could last for the whole week. Meanwhile, the DarkSide ransomware gang has taken responsibility for the attack.

In the afternoon the Bcc of Rome released a note, according to which “the technical malfunctions did not affect the information system in the strict sense, and the home banking systems, payment cards, and ATM services are all fully operational today”. 

The institute also points out that “today the agencies are regularly open to the public and the technical problems that affected their operations are in the final resolution phase, which will be gradually restored from Monday 3 May” for those who go to the branch. While, for what seems a paradox since it is a cyber-attack, “home banking services can be regularly used from PCs or smartphones and through them it is possible to carry out all information and dispositive operations”.

Source link