Cyber Incident Victim: Radio Azzurra

On or around December 4, 2020, Italian broadcaster Radio Azzurra experienced a cyberattack involving ransomware. The incident began when owner Ugo Ponzio attempted to download an application extension, though the specific software or source was not disclosed. Upon opening a file generated during this process, Ponzio encountered a ransomware demand requiring payment of hundreds of dollars to regain access to affected systems. The attack disrupted normal operations of the station, which had operated for 45 years prior to the incident. Ponzio expressed both surprise and dismay at the situation, emphasizing he "would not have expected this too" despite his extensive career experience. No technical details about the ransomware variant, initial attack vector beyond the downloaded extension, or scope of encrypted systems were disclosed in available reports.

The ransomware demand’s appearance immediately upon file opening suggests the malware activated rapidly after execution. Radio Azzurra’s public statements did not specify whether payment was made, what systems were compromised, or whether data was exfiltrated. Operational disruption was implied by Ponzio’s characterization of the event as unprecedented in the station’s history. No containment measures, system restoration processes, or engagement with law enforcement or cybersecurity firms were detailed in the limited public accounts. The incident highlighted ransomware threats to small media entities, though Radio Azzurra’s recovery timeline and financial or data loss impacts remained undocumented in available sources.