The DDA (District Anti-Mafia Directorate) of Milan brought out a unprecedented spy system against Italian political figures – among them Ignazio La Russa (President of the Senate), Matteo Renzi (Senator) and even the President of the Republic in office, Sergio Mattarella – which he allegedly involved in espionage 800,000 people in everything. The investigators identified a well-organized hacking system that allowed access to the data stored in theSDI (Joint Investigation System), the heart of the Interior Ministry databases. The alleged dossier occurred through the infiltration of a Trojan RAT (Remote Access Trojan), a particular type of malware, with which cybercriminals would have had total control over sensitive data, such as criminal records and judicial information, which could be collected and processed (and possibly sold to clients in the business world) via a digital platform advanced call Beyond.
What emerged from the investigators’ investigation: the alleged dossier on politicians
He was at the helm of this apparatus Enrico Pazzali president of Fondazione Fiera and owner of Equalize (the investigation company at the center of the investigation), the former high-ranking police official Carmine Gallosupported by his partner Nunzio Samuele Calamucciprofessional hacker, as well as a group of collaborators, some of whom are connected to universities and research centers abroad. Their business, Equalizehad developed digital tools that allowed continuous and discreet access to surveillance data and confidential information, without generating internal alarms to report suspicious access. Thanks to the RAT, a malware (more precisely a trojan) which grants the hacker complete remote control of a device, they could monitor information in the most discreet and detailed way possible.
The RAT malware was installed on the servers of Ministry of the Interior and allowed you to perform actions as a system administrator, with the ability to manage and manipulate data, control devices and, in the context of this operation, access extremely confidential records. In practice, the RAT trojan, often hidden as apparently legitimate software, allows it to operate undisturbed on affected systems, without the user or security software detecting any anomaly.
The information collected through Beyond covered broad scope, come on financial aspects at investigations into criminal linkspassing through the monitoring the activities of prominent figures. As emerges from the wiretaps, Gallo’s clients could receive complete details on any person of interest, and for those requesting even more in-depth data – such as court cases or connections to criminal activities – an extra thousands of euros were required. This information arsenal was distributed to customers through a digital platform where detailed searches could be carried out, powered by a mass of data taken from multiple official databases, such as the Chamber of Commerce and the Revenue Agency. Furthermore, the integrated artificial intelligence allowed for rapid analysis and linking of information, making Beyond an extremely attractive resource for those who wanted to have a complete and up-to-date picture of potential adversaries or investments.
A disturbing aspect of the investigation concerns theabsence of notifications of intrusions on the infiltrated devices: the searches were carried out without the action of policemen, but through the work of the technicians of Gallo’s network. This operational advantage – combined with a maintenance decree that granted them access for four years without having to update or restore permissions – gave the group a almost total freedom to withdraw sensitive data in massive quantitiesand moreover without the risk of being discovered.
How the Beyond system works and how the espionage occurred
Gallo himself, intercepted while explaining the operating mechanism of the Beyond platform to a potential customer, used these terms, which give a good idea of the gravity of the system in question:
The platform was created to provide precise and timely information on the commercial, financial and reputational aspects. It collects a series of information that we acquire from a vast complexity of databases, from the Chamber of Commerce to the Revenue Agency, to Cerved and we assemble it through the platform and its artificial intelligence, with the reputational aspect that we acquire from the ministry databases of the Interior, Presidency of the Council to verify the investigations, convictions and links to organized crime. Here is the platform gives this.
The investigation brought to light the huge sums that the group obtained from customers, exceeding 3 million eurosand the ease with which Gallo was able to sell the data collected. In fact, the former policeman boasted of owning a real one “parallel archive” of confidential documentsa body of information accumulated over the course of his career, which included biographical data, criminal operations and detailed mappings of the activities of families linked to Italian organized crime in other countries.
All this material was systematically computerized and transmitted to foreign servers and, to ensure maximum secrecy, was destroyed daily. The extent of the espionage activity reveals the vulnerability of national IT structures, but also a worrying picture of the integrity of the security systems that store information of extreme relevance for the security of our country.
The Milanese prosecutors, credited with having discovered and revealed the dossier perpetrated against various prominent figures in Italian politics, defined the affair as «the most dramatic and worrying moment of the investigation, in consideration of the disturbing implications that the entire affair assumes, at this juncture, in terms of national security, together with the awareness of being faced with highly dangerous and unscrupulous subjects, as well as driven by somehow subversive».
Now we will have to wait for the investigations to take their course to ascertain in detail the alleged criminal facts that we described above and the related consequences that will affect Pazzali, Gallo, Calamucci and the other protagonists of this affair.
