A Cyber Assassination Confirmed?

By Kevin Coleman — Defense Tech Cyber Warfare correspondent

Almost three years ago here on DefenseTech we blogged about cyber assassination and received some ‘interesting’ feedback on and off the blog. Some events that were made public recently demand we revisit this topic.  Just recently, a news article appeared in the Daily Sun – Voice of the Nation that prompted a flood of conversations.  The article, “Cyber Terrorism Hits Nigeriaopenly disclosed a cyber assignation of a mob boss that took place not that long ago. 

In Italy, not too long ago, a mob boss was shot but survived the shooting. That night, while he was in the hospital, the assassins hacked into the hospital computer and changed his medication so that he would be given a lethal injection. He was a dead man a few hours later. They then changed the medication order back to its correct form, after it had been incorrectly administered, to cover their tracks so that the nurse would be blamed for the “accident.”

In March 2009 Joseph Weiss, a control systems expert and Managing Partner of Applied Control Solutions, testified before the Senate Commerce, Science and Transportation Committee stating that networks powering industrial control systems have been breached more than 125 times in the past decade, with one breach resulting in American deaths.

Clearly the evidence is mounting that cyber attacks are not only disruptive, but deadly.

  • Jacob

    I guess it’s time to disconnect our hospitals from electronic networks.

  • Cyberassisination can include pre rigged packages, wrong address, “faulty” GPS,
    wrong text message, wrong email, etc can Doom one.
    NO way to stop.
    Very scary indeed..
    Imagine changing a GPS map so target car turns OFF the road over a cliff at night, very doable.
    & many other venues to use.

  • Hunter78

    This is a great area of US vulnerability. I can tell you corp IT depts are, defensively speaking, primarily concerned with protecting top management, and secondarily the corp, from potential prosecutions and lawsuits by setting up email and record deletion programs. These efforts are doomed, because it is really hard to kill an e-record. Protecting the corp’s operations is not happening, because it is not recognized by management as a priority, and because IT has a very weak understanding of the corp’s operations.

  • Dennis Miller

    The cyber assassins were watching ‘The Net’

  • chaos0xomega

    I don’t understand why people don’t realize that you can have a network that is not externally accessible… There is absolutely no reason I can think of why a hospital medical system that has patient information and scheduling, etc. should be linked to the internet. It provides a certain level of convenience, this is true, but I can think of plenty of reasons why it wouldn’t be safe.

    Likewise, a lot of our nations vital infrastructure has its control systems linked to the internet… why? Shouldn’t that exist on a separate network entirely? I mean really, what could possibly be gained from connection to the internet? Is it so Joe the nuclear power plant worker can send an email to his body over at the water treatment facility? Or is it so Jake the rail traffic controller can check out some pornography in his down time?

  • the sun news article quote about the italian assassination is a little devoid of details and difficult to check, it sounds more like something someone heard from a friend who heard it from a friend who heard it from a guy on the bus.

    being from Italy i can say that nothing like this ever got to the mainstream news outlets and they usually carry a lot of details about everything regarding the mob and wouldn’t have lost such a opportunity for a “juicy news”. a quick search on the net still doesn’t yield any result about anything remotely similar.

    i doubt that the event reported ever happened.
    i’m not saying that it wouldn’t be possible. simply doubting the source.


  • dave

    Mmm, yes, I always go to the Nigerian popular press when i want to keep up to date with events in Italy.

  • Kevin

    Sounds like an inside leak – ok that was what I was told.

  • Mike

    Wow, this sounds like a credible story.

  • patchworkjumble

    A “cyber-assignation” doesn’t sound so bad, really. Kinky perhaps, but not bad. (see paragraph 1 of your blog).


  • Brian

    I call BS. First, you’re citing the Sun as your source. I look at the article and I get “How to give your woman earth-shaking orgasms” at the bottom. Second, their article mentions ZERO verifiable facts. “Some time ago” and “a mob boss” that happened somewhere “in Italy”? Impossible to verify. Finally, if it did happen, and these cyber-assassins went in and covered up their tracks, HOW THE HELL DID YOU FIND OUT ABOUT IT?

    Money where your mouth is, Kevin. Who is the nurse who was blamed for it? Was there a trial? When did this happen, specifically? I want a date. What was the mob boss’ name? Can you answer ANY of these questions? I’m betting the answer is a big fat “no”.


    The terrorist have been using the internet to communicate with each other for a few years. Whear do you think “electronic chatter” comes from? Furthermore, the US Army Doctor that killed US Army Troops, on the base, was researching the Taliban, Al Qaida, Islamic Radicals, via the internet, as a research project, if I remember correctly! Point is, it IS HERE!

    Cyber Security is also here – to help combat it – oh, look, the US Air Force has a CYBER COMMAND TOO!

  • Chinese_Gordon

    Brian and Patchworkjumble appear to have sorted it: The Sun, reporting on a story heisted from the Nigerian press, about mob boss in Italy, and linking back to an article promising “earth-shaking orgasms.” Sounds as if the original text – “cyber assignations” – was the more accurate.

    As to the other – “assassination” by cyber means: in a world where assassines have been known to use umbrella “guns” to inject their targets with lethally potent doses of radio active poisons, murder by computer hacking seems possible. In the instant case, timing it to catch the gent in hospital would have been crucial – otherwise you are looking at a method chosen out of opportunity. All this from a [sub] culture whose sense of subtlety traditionally has risen no higher than a bomb or a “lupo?”

  • Alfonse

    Stuxnet doesn’t target those systems, I believe.

  • Oblat

    Confirmed by the Nigerian Sun. I’m sure this will turn out to be just another in the long line of made up cyber-frauds that Kevin peddles. But if you are a believer then send me your banking details so we can do lucrative business together.

  • ohwilleke

    I misunderstood. The hospital was in Italy. Makes more sense now.

  • Kevin

    I have to disagree somewhat. The treatment equipment vendors provide wireless connection to update their systems. Many use built in cell phone technology and call the specific piece of equipment to make changes and updates.

    • Oblat

      This is the sort of made up nonsense that shows just how little Kevin knows about these areas and just extrapolates from windows on his laptop.

      Having down-loadable updates to treatment machines like many critical systems is doesn’t occur because even in a world with zero viruses you don’t want the vendors modifying your equipment without your permission.

      • blight

        Correct. If you have people messing around with your hardware, you are liable when a patient dies. Kind of the same reason why hardware vendors hate overclocking and Steve Job’s iOS is totally locked down without a jailbreak.

  • As much as I’ve looked I can’t find any corroborating evidence of the Italy mob cyber hit. I almost wish it were true. I hope Snopes can dig to the bottom of this one.

  • Hestia

    On the contrary, some medical systems vendors refuse to allow local patch management because they believe that this would invalidate their FDA certification. See Ram Dantu, PhD., Herman Oosterwijk, Prakash Kolan, Husain Husna, Securing medical networks, Network Security, June 2007, p. 13. Essentially, the vendors have a back door gateway to the radiology system and they go ahead and apply their patches at will. Whether this is allowed by pharmacy systems, I am not sure. But, I’ll bet that smaller hospitals do this because they don’t have sufficient staff to handle it safely themselves. I have been at 200 bed hospitals with a single part time IT administrator. No way they can handle complex updates alone.

  • mahdi iranpoor


    Hi im iranian -im hacker in ICA -Use our rich resource centre of ICA and other publications-
    you are very poor-im hacket yours web – please wait