Hacker attacks in Italy against bank and company websites: who is behind it and what we know

Last weekend Italy suffered a wave of hacker attacks which, in this case, affected Italian institutional and corporate sites, raising important concerns about the digital security of the “Bel Paese”. The offensives, claimed mainly by the pro-Russian collective Noname057(16) and by pro-Palestinian groups, such as Alixsecthey targeted ministerial portals, banks, transport companies and other key infrastructures. These attacks were perpetrated via the technique of DDoS (Distributed Denial of Service), which consists of sending massive fake requests to a server to overload it and make it inaccessible. Although the tangible effects consisted mainly of temporary inconveniences, the frequency and choice of objectives reveal a broader and more structured strategyintrinsically linked to the current geopolitical context which, in one way or another, also affects our country.

What are the objectives of hacker attacks in Italy

The collective Noname057(16) It has been operating since March 2022, conducting cyber offensives against countries perceived as enemies of Russia. DDoS attacks, one of their favorite techniques, use networks of compromised devices – so-called botnets – to send massive amounts of requests to target servers. This tactic, while not directly compromising data, can cause significant disruptions to essential online services. For example, last December 28, their targets included the website of the Ministry of Foreign Affairs and the portals of Malpensa and Linate airports.

Saturday 11 January hackers from the Noname057(16) collective have struck again and, according to what was reported by the agency HANDLEthey did so with respect to the sites belonging to the «ministries of Foreign Affairs, Infrastructure and Transport, Consob, Carabinieri, Navy, Aeronautics, as well as some local public transport companies»

Sunday 12ththen, the group Alixsecknown for his support of the Palestinian cause, has claimed attacks against Italian company sites (Vulcanair and Olidata), by some banks (Monte dei Paschi di Siena and Intesa Sanpaolo) and some ports (Taranto and Trieste).

To counter this threat, theACN (National Cybersecurity Agency) mobilized it CSIRT (Computer Security Incident Response Team), responsible for coordinating responses to cyber incidents and supporting those affected in restoring functionality. Meanwhile, the Bank of Italy has launched a project to enhance the security of its networks with an infrastructure OOBM (Out-of-Band Management), designed to withstand large-scale critical events.

The geopolitical implications of cyber attacks in Italy

The connection between cyber attacks and geopolitical dynamics is now evident. Noname057(16) have expressed their dissent towards Italian pro-Ukraine policies, with messages mentioning meetings between Premier Meloni and President Zelensky. Specifically, the proponents of the attack made the following statements on Telegram:

Italian Prime Minister Giorgia Meloni confirmed continued full support for Ukraine in a meeting with Vladimir Zelensky during his visit to Rome. According to Meloni, Italy will help Ukraine defend its interests and pursue a just and lasting peace. The negotiations lasted about an hour and were aimed at strengthening Kiev’s position. (…) Italy should start helping itself and, first of all, its cybersecurity.

This type of operation, therefore, should not be considered as isolated acts of sabotage, but also as propaganda tools: hackers communicate openly on social media (as we have just shown you), exhibiting the results of their offensives as if they were “digital trophies”. ” and giving “advice” (not to mention threats) to those who govern the country.