Recent Cyber Attacks in Italy
A Look at Recent Cyber Attacks in Italy & How the Country Is Responding.
The last few years have been tough on cyber security and not even Italy, land of La Dolce Vita, is immune to the bitterness of cyber crime. Even the expression ‘Roman Holiday’ gained new meanings last year, when cyber security researchers associated the catchphrase with a cyber-espionage campaign in which hacking group APT28 (a.k.a. Fancy Bear) targeted the Italian Navy and its subcontractors over the Summer of 2018.
A few months later, 500,000 Italian certified email accounts for public administration were breached, reported Reuters in November 2018. Little is known about this breach and its hackers. “The only thing we know for sure is that this attack was not launched from Italy,” said Roberto Baldoni, Director of the Italian Cyber Security National Laboratory at the time, who added that “this was the worst attack we’ve had since January 2018.”
He was referring to yet another popular episode among 2018 national headlines, where hacker group Anonymous erased 40 gigabytes worth of infringement photographs from a speed camera ticket database. This time, a local police computer system in Correggio was targeted. According to newspaper Gazzetta di Reggio, Anonymous also accessed internal emails and documents, which they released to the media.
Almost a year later, in December 2018, the international media turned to Italian oil firm Saipem, which was attacked by a malware allegedly resembling Shammon – the infamous malware which knocked 30,000 computers offline at oil giant Saudi Aramco in 2012. This time, approximately 400 of Saipem’s servers and 100 personal computers were crippled, the company’s head of digital and innovation, Mauro Piasere, told Reuters.
Although it is unclear who was behind the Saipem incident, similarities between the attacks and the Italian company’s connection with Saudi Aramco (Saipem is one of Saudi Aramco’s main foreign contractors), has led many to recall the 2012 Shamoon episode widely accredited to Iran.
Finally, just when attack-related headlines were quietening in Italy, The Economic Times announced that Chinese hackers had stolen $18.5 million from the Indian arm of Italian company Tecnimont SpA in January 2019. This was an elaborate case of social engineering: the hackers impersonated Tecnimont’s CEO and lawyers over several email and telephone conversations and convinced the company’s local managers in India that the money was needed for a confidential acquisition abroad. The criminals probably used malware to penetrate Tecnimont’s communication channels and access the information they used to imitate the CEO and other relevant characters of this plot.
Cyber security research firm Symantec ranked Italy as the 7th country in the world with the highest rate of cyber crime. Unsurprisingly, as in most places where cyber threats are booming, the desire and need for cyber security is growing in Italy. As a result, writer and hacktivist Arturo Di Corinto said, “the Italian cyber security scenario is starting to get a bit crowded. Fortunately.”
Sicurezza Nazionale, the set of bodies and authorities responsible for the Republic’s information security system, proudly declared in December 2018 that Italy, alongside Germany and the UK, is one of the EU member states to have concretely followed the European Network and Information Security Directive (a.k.a. the NIS Directive or the Cyber Security Directive).
The NIS Directive is the first piece of EU-wide cyber security regulation. It was adopted in 2016 by the European Commission as part of the EU cyber security strategy and played a crucial role in Italy – it led to the implementation of the Italian Legislative Decree 65/2018 in May 2018. Before the Decree, says technology lawyer Rocco Panetta, “there had been no definition of cyber security and cyber crime in the Italian legal system, neither in statute nor in case law.”
The implementation of the Directive has spurred much national interest – and placed the cyber security industry more prominently in Italy, due to necessity and opportunity. Small and medium-sized Italian cyber security companies have been quickly emerging, such as Cybaze and Omnitech. Cyber security summits dedicated to Italy have been launched, such as ItaliaSec, dedicating prime panel slots to examine cyber security regulations in the country.
Hopefully the recent Italian cyber security legislations will soon become actions, and there will come a day when Italy’s digitalised Dolce Vita won’t be forced to go on ‘Roman Holidays’.
Written by Paula Magal for ItaliaSec – the Cyber Security Summit returning to Rome on May 14th-15th 2019. Follow ItaliaSec’s Newsroom for more content like this & to learn more about the summit.