Italy is once again under attack by pro-Russian hackers, less than 48 hours after Prime Minister Giorgia Meloni’s visit to Kiev: The sites of several companies and institutions have been targeted by the collective NoName057 with a Ddos attack that aims to unmask, they say, “Russian-phobic Italy”.
An action on several fronts which, however, underline the Italian investigators, has not yet fully succeeded in its intent as the cyber defense systems have managed to limit its effects. In reality, according to what the Collective has claimed on its Telegram channels, the attack started just as the Prime Minister was still on Ukrainian soil, to pay homage to the victims of Bucha and meet President Zelensky: “After breakfast with French croissants, we went to eat pizza in Italy” wrote the hackers claiming to have blocked access to the Ministry of Defense website. The motive? The weapons that Italy is giving to Ukraine to defend itself against Russian aggression. “Italy will provide Ukraine with the sixth package of military assistance, which will include three types of air defense systems. As Italian Prime Minister Giorgia Meloni said at a press conference in Kiev, we are talking about Sampt-t anti-tank systems, Skyguard and Spike”.
Therefore, they add, “we will continue our fascinating journey through Russophobic Italy”. Thus the sites of the Ministry of Foreign Affairs, that of the Viminale and that of Agricultural Policies, the portal for issuing the electronic identity card and that of the Carabinieri, but also the site of the Bper bank and that of the utility company ended up in the crosshairs. A2a as well as that of the Tim group. The attack is of the Ddos (Distributed denial of service) type: essentially, the servers that manage the sites are targeted by thousands of false access requests that slow down their functioning and make them unreachable. “We are analyzing the attack, which involves a dozen public and private entities, and following the events” confirm sources of the National Cybersecurity Agency, underlining that the one underway is a “direct attack on applications, therefore more complex”.
This time however, investigative sources say, the countermeasures worked and the problems of last May did not occur, when dozens of sites, including that of the Senate and of the Ministry of Defense itself, went down due to an attack by the hackers of Killnet, another pro-Russian collective which since the beginning of the war he targeted all countries that support Ukraine. In fact, the security procedures were immediately triggered and all accesses from foreign IP addresses were blocked. With the experts of the Postal Police, in close contact with the IT security managers of companies and institutions, who are constantly monitoring the size and extent of the attack and trying to identify its origin. The result is that access to the sites has not, for the moment, been blocked, but only slowed down. “Many services were promptly restored – the Cyber Agency reiterates – an alert was given” and the security system “overall reacted very well”. The NoName57 collective, according to the reconstructions of the experts, appeared in March 2022, close to the Russian invasion, and began to target Eastern European countries, from Poland to Latvia. “These formations use Telegram groups for real calls to arms – explains cybersecurity expert Pierluigi Paganini – these are criminal groups and activists who operate in various capacities in support of Moscow”. Groups that, in some cases, had and have direct ties to Russian military intelligence.
Read the full article on ANSA.it