Comune di Gorizia

The Municipality of Gorizia, known in Italian as Comune di Gorizia, is a local public administrative body governing the city of Gorizia in northeastern Italy. As a municipal authority, its core function is to provide essential public services and manage local governance for its residents. This includes the administration of civil registry functions, such as address changes and the issuance of electronic identity cards (CIE), which are critical for citizen identification and access to various public and private services. The municipality also handles urban planning, local tax collection, public works maintenance, and the management of cultural and social services within its territorial jurisdiction. Its operational scope is confined to the geographic area of the city of Gorizia, serving the residents and businesses located there under the framework of Italian national and regional laws. The entity operates as a standard Italian comune, representing the primary point of contact between citizens and the state for numerous administrative procedures. Its services are fundamental to daily civic life, facilitating everything from property transactions to personal documentation. The municipality's role is defined by its statutory obligations to ensure public order, deliver local services, and implement policies set by the city council. It is a constituent part of the Italian decentralized public administration system, accountable to its electorate and superior governmental bodies.

A defining characteristic of the Municipality of Gorizia, as evidenced by a documented cybersecurity incident, is its reliance on digital IT systems to deliver core public services. In August 2022, the municipality suffered a significant ransomware attack attributed to the Lockbit 3.0 criminal group. This attack directly targeted its IT infrastructure, causing a temporary total blackout of municipal systems and disrupting operations for both staff and citizens. The incident highlighted the critical nature of its digital services, as the attack specifically blocked certification services and other administrative functions, though partial restoration was achieved for some services like electronic ID issuance through connections to external servers. The attackers exfiltrated data and threatened its public release, underscoring the municipality's responsibility for safeguarding sensitive citizen information. The event necessitated engagement with national law enforcement, specifically the Postale Police, for investigation and response. It also prompted the municipality to issue public warnings to citizens about heightened cyber risks, such as phishing attempts, following the breach. This incident serves as a notable case study of a local government entity facing advanced persistent threats, illustrating the vulnerabilities within public sector IT environments and the operational impact of such attacks on essential civic functions. The municipality's technical teams subsequently worked to restore the remaining blocked services, navigating the complex recovery from a sophisticated cyber extortion attempt.