On the night between February 23 and 24, 2022, while the Russian military invaded Ukraine and ballistic and cruise missiles pounded the capital Kiev, a formally nameless and flagless army moved into cyberspace. The so-called hybrid war had begun, with hacker attacks actually coordinated by the Kremlin against NATO countries and with “alarming” peaks against Italy, recorded on critical infrastructures, financial systems, small and medium-sized enterprises and public bodies.
It is the reports of the Postal Police – an elite body headed by the State Police which today celebrates the 171st anniversary of its foundation – that provide the background to this systematic cyber attack on the country and the investigative prevention structure put in place.
Cyber domain
At the turn of February and March 2022, the hacker “incursions” of various collectives linked to Moscow’s secret services did not spare large state companies, operators of essential services, small local administrations, businesses and individuals. Suffice it to consider that the investigators of the Post Office, directed by Ivano Gabrielli, between February 2022 and February 2023 recorded and blocked 13,951 attacks, compared to 6,195 identified between February 2021 and February 2022. An increase of 125.2% which led to the Canipic ( National Anti-Cyber Crime Center for the Protection of Critical Infrastructures), specialized unit within the postal service, to disclose 113,420 alerts on computer piracy attacks throughout 2022, compared to 110,880 in 2021 and 83,416 in 2020.
According to investigative analyses, «in addition to the well-known campaigns of phishingincreasingly elaborated in terms of social engineeringthere is a massive diffusion of malware destructive (especially Ransomware), attacks Ddosdisinformation campaigns and leak of databases. In this scenario – we read – the role played by hacker groups is tangible, who have decided to take sides, some in favor of Russia, and some with Ukraine, effectively taking part in the conflict in the so-called “cyber domain”».
Cyberspionaggio
The global scenario of the cyber threat has long occupied a central role in the security policy agendas of the European Union.