Listen to the audio version of the article
Cyber attacks by Russian activists on Italian banks and transport companies, “revenge” for the meeting of Prime Minister Meloni with US President Biden. Six banks affected this morning, Bper, Monte dei Paschi di Siena, Banca Popolare di Sondrio, Fineco, Chebanca and Intesa San Paolo.
Yesterday instead it was the turn of transport companies, the South Tyrolean Sad, Trentino Trasporti, Amat of Palermo, Anm of Naples, the Venetian Transport Consortium Company, Cagliari Transport Mobility, Siena Mobility and Sardinian Regional Transport Company.
The claim came via Telegram from NoName, pro-Russian activists who have been attacking sites in our country for many months, accused of being “Russophobic” because of the support given to Ukraine in the war.
“Yesterday transport, today banks, tomorrow who knows”, report institutional sources who are managing the issue.
The damage, it must be said, is limited. Apparently, at most about 30 minutes, for Intesa San Paolo. A few minutes for the others. Some disservice in e-banking, at most, therefore. The meaning is mostly political.
What does the Csirt say?
“During its daily monitoring activities, the Csirt Italia (Computer Security Incident Response Team – Italy) of the Agency has identified the reactivation of Distributed Denial of Service (DDoS) type attack campaigns by pro-Russian hacktivist groups against of national institutional subjects”, writes the Agency today in a note. “However, it does not appear that the attacks – of a “demonstrative” nature – have affected the integrity and confidentiality of the information and systems concerned”. “The subjects affected by the DDoS attacks of these days – in particular public transport companies, banks and financial institutions – were promptly notified together with the competent authorities as part of a now consolidated contrast and prevention methodology”.
What kind of attacks?
Ddos-type attacks flood targets with data in order to saturate their resources and thus prevent them from maintaining services to users. But, as we said, there is above all an ideological sense behind these attacks, aimed at demonstrating opposition for the choices of a government and try to instill distrust in the security of its IT infrastructures. The claim mentions the meeting between Prime Minister Giorgia Meloni and US President Joe Biden, where it was said that Italy’s support for Ukraine it is “protection of international law”. The decision of the Senate which adopted a resolution recognizing the Holodomor (the famine caused by wrong agricultural policies during Stalin’s regime in the Soviet Union) as “genocide of the Ukrainian people” was also criticized. It is noteworthy that pro-Russian activists are closely linked between Putin’s war and the choices of the Soviet Union; but after all, the Russian premier Putin himself had defined the fall of the USSR “the most serious geopolitical catastrophe of the 20th century”.
Previous
Already in February Noname 057 (this is the full name of the collective of activists) had attacked the sites of the Carabinieri, the Ministry of Foreign Affairs, Defense but also those of companies such as Tim, the Bper bank and the utility company A2a. The reasons were clearly explained: “Italy will provide Ukraine with the sixth package of military assistance, which will include three types of air defense systems,” the hackers wrote on the Telegram channel. “As Italian Prime Minister Giorgia Meloni said during a press conference in Kiev, we are talking about the SAMP-T, Skyguard and Spike anti-tank systems. Today we will continue our fascinating journey through Russophobic Italy”. Limited impacts also in that case; practically nothing on users, but only of a reputational and therefore political nature. Perhaps the greatest practical damage occurred in March, with another NoName attack, which rendered ATAC Rome’s website and ticket office inoperative for what time. The National Cybersecurity Agency continues to keep a close eye on these threats, alerting victims in a timely manner and helping them to defend themselves, in order to minimize the effects of the attacks.