Italy is once again under attack by pro-Russian hackers, less than 48 hours after the visit of Prime Minister Giorgia Meloni to Kiev
: the sites of various companies and institutions have been targeted by the
NoName057 collective with a Ddos attack which the goal of unmasking, they say, "Russian-phobic Italy".
An action on several fronts which, however, underline the Italian investigators, has not yet fully succeeded in its intent as the cyber defense systems have managed to limit its effects.
In reality, according to what the Collective claimed on its Telegram channels,
the attack started just as the prime minister was still on Ukrainian soil, to pay homage to the victims of Bucha and meet President Zelensky:
"
After breakfast with French croissants, we went to eat pizza in Italy" wrote the hackers claiming to have blocked access to the Ministry of Defense website.
The motive?
The weapons that Italy is giving to Ukraine to defend itself against Russian aggression.
"Italy will provide Ukraine with the sixth package of military assistance, which will include three types of air defense systems. As Italian Prime Minister Giorgia Meloni said at a press conference in Kiev, we are talking about Sampt-t anti-tank systems, Skyguard and Spike".
Therefore, they add, "we will continue our fascinating journey through Russophobic Italy".
Thus, the websites of the Ministry of Foreign Affairs, that of the Viminale and that of Agricultural Policies, the portal for issuing the electronic identity card and that of the Carabinieri, but also the website of the Bper bank and that of the utility company ended up in the crosshairs. A2a as well as that of the Tim group.
The attack is of the Ddos (Distributed denial of service) type: essentially, the servers that manage the sites are targeted by thousands of false access requests that slow down their functioning and make them unreachable.
"We are analyzing the attack, which involves a dozen public and private entities, and following the events" confirm sources of the National Cybersecurity Agency, underlining that the one underway is a "direct attack on applications, therefore more complex".
This time however, investigative sources say, the countermeasures worked
and the problems of last May did not occur, when dozens of sites, including that of the Senate and of the Ministry of Defense itself, went down due to an attack by the hackers of Killnet, another pro-Russian collective which since the beginning of the war he targeted all countries that support Ukraine.
In fact, the security procedures were immediately triggered and all accesses from foreign IP addresses were blocked.
With the experts of the Postal Police, in close contact with the IT security managers of companies and institutions, who are constantly monitoring the size and extent of the attack and trying to identify its origin.
The result is that access to the sites has not, for the moment, been blocked, but only slowed down.
"
according to the reconstructions of the experts, it appeared in March 2022, close to the Russian invasion, and began to target Eastern European countries, from Poland to Latvia.
"These formations use Telegram groups for real calls to arms - explains cybersecurity expert Pierluigi Paganini - these are criminal groups and activists who operate in various capacities in support of Moscow".
Groups that, in some cases, had and have direct ties to Russian military intelligence.
according to the reconstructions of the experts, it appeared in March 2022, close to the Russian invasion, and began to target Eastern European countries, from Poland to Latvia.
"These formations use Telegram groups for real calls to arms - explains cybersecurity expert Pierluigi Paganini - these are criminal groups and activists who operate in various capacities in support of Moscow".
Groups that, in some cases, had and have direct ties to Russian military intelligence.