Frequent cyber attacks forced Italy’s social security and welfare department to temporarily shut down its website at a time when thousands of vulnerable citizens were trying to apply for financial assistance in the middle of the crisis.
Pasquale Tridico, president of INPS ( Istituto Nazionale della Previdenza Sociale, the Italian government's department of social security and welfare), told Reuters that the department had already received 339,000 applications for the €600 (£528.84) COVID-19 assistance. However, frequent cyber attacks had compromised visitors' access to their website.
Tridico also told state broadcaster RAI last week that "in the last few days we have suffered several hacker attacks that produced a major breakdown. They continued today and we had to close the website."
The COVID-19 pandemic, that has resulted in the death of over 16,500 people in Italy so far, has forced the government to impose a strict nationwide lockdown to prevent the virus from spreading any further. In order to help out self-employed and seasonal workers in this time of crisis, the government is allowing them to apply for a Coronavirus payout of €600 which is being processed by the department of social security and welfare.
The department is responsible for offering social security benefits, pensions, and other kinds of assistance to all waged labourers and self-employed citizens. Financial assistance provided by the department cover unemployment benefits, mobility assistance, maternity benefits, rural unemployment benefits, severance packages, and others.
On 1st April, when thousands of Italians were trying to apply for the benefit on the INPS website, they faced multiple disruptions. Some users said that they were able to view other individual’s information when they were tried to complete their requests. These included names, addresses, email addresses, phone numbers, tax codes, last login time and certain personal messages between the user and the INPS.
Overburdened social welfare website leaked personal data of thousands of applicants
Andrea Ganduglia, software developer and CEO of Frequenze Software, told The Daily Swig that "anyone who had visit[ed] the website during 9AM and 11AM (local time) had the visibility on those data, but I think that the leak has involved few tens of people (I saw randomly four profile[s])."
As of 2nd April, the website was up and running again. But the cyber attack did raise serious questions about the security of Italy's digital infrastructure especially when the country is fighting hard with the Coronavirus pandemic. Tridico, however, confirmed that he informed police about the cyber attack but did not mention anything in regards to a data breach.
"Notwithstanding that the website is already tremendously overloaded with legitimate users desperately seeking help among this unprecedentedly disastrous crisis. Hence, even a tiny botnet is now apt to substantially disrupt the website’s availability and performance," said Ilia Kolochenko, Founder & CEO of ImmuniWeb.
"The most dangerous scenario is, however, if a professional cyber gang is behind this disgraceful attack. They will likely exploit some weaknesses and architectural flaws of the web application to boost the amplitude of the DDoS, eventually expecting to get a ransom for stopping their activities.
"The victims are now between Scylla and Charybdis, as paying the ransom will be a signal to many other gangs about this low-hanging fruit, while refusing will prevent the most vulnerable people in need from getting timely help that is so necessary in these uncertain times. I hope DDoS protection companies will soon offer their help to the affected agencies, otherwise, we will see the first large-scale example when cybercriminals are factually taking human lives away," he added.