Unauthorized access to the computer system was the accusation with which the investigators of the Rome Prosecutor's Office opened the file. The investigations opened on the basis of a report from the Postal Police: according to what has been verified, the pirate action was claimed on Telegram by the pro-Russian collective "Killnet" 12 May 2022 F. Me
Unauthorized access to the computer system. For this accusation, the investigators of the Public Prosecutor's Office, an anti-terrorism group, have launched an investigation file into the hacker attack on various institutional websites, including those of the Senate and the Higher Institute of Health. The investigations, against unknown persons, were opened on the basis of information sent to the magistrates by the investigators of the Postal Police. According to what has been verified, the pirate action was claimed on Telegram by the pro-Russian collective "Killnet". The investigations on the hacker attack on institutional sites are followed by investigators from the Cnaipic - National Cybercrime Center for the Protection of Critical Infrastructures of the Postal Police. According to what has been reconstructed so far, the attack would have been of the DDos (Denial of Service) type by several 'zombie' computers remotely controlled by hackers. The hacker attack A hacker attack claimed on Telegram by a pro-Russian IT group called "Killnet" knocked out, yesterday afternoon, seven Italian sites - both institutional and private companies - including that of the Senate, that of the Higher Institute and that of the Italian Automobile Club. Also unreachable is the Defense portal which - as specified by the General Staff - was the subject of planned maintenance for some time. Around 8 pm the targeted sites were once again visible to users. Creating disservices through an overload of clicks: this is the goal of hackers. An attack defined in technical terms "Ddos" (distributed denial of service) launched through the so-called "zombie" computers, or devices that, without the user's knowledge, have been infected by a virus in order to allow unauthorized persons to take control of it. Generally these computers become part of a "botnet" - that is, a network made up of many other "twins", all infected. However, it was a less sophisticated attack than the malware-type attack that acts through a trojan or ransomware. Hackers therefore would not have aimed to 'steal' data but to send them into 'tilt' by making the targeted sites inaccessible - as indeed happened -. Meanwhile, investigations are underway by the National Cybercrime Center for the Protection of Critical Infrastructures (Cnaipic) of the Postal Police to also assess any damage. At the moment in the prosecutor's office, in Rome, no file has been opened. An initial report from the police is expected in the next few hours to launch an investigation. Among the targets is also the site of the “Eurovision” singing event - in particular the voting system - currently underway in Turin. However, an attempt at 'sabotage' was unsuccessful. "The latest Killnet DDoS attacks against the Senate, the Higher Institute of Health (Iss) and other organizations and institutions in Italy are an example of hacktivism motivated by geo-political reasons capable of affecting people's real and daily lives - explains Toby Lewis, Darktrace's Global Head of Threat Analysis DDoS attacks are Killnet's preferred modus operandi: attacks not particularly sophisticated and relatively easy to mitigate, but the hackers of this group know they can make headlines and generate discussions on a global level ”. "The inaccessibility of the website of the Istituto Superiore di Sanità, although it creates inconvenience, will not prevent medical staff from completing their work and will probably not have long-lasting effects. This is another typical aspect of hacktivist activity, in which groups such as Anonymous or Killnet launch attacks that generate hype for advertising purposes, but generally do not access the victims' digital properties in depth ". Killnet is a group of cyber activists considered by most experts to be affiliated with the Russian state that has already carried out several attacks on countries and organizations that are supporting Ukraine. One example is the attempted DDoS attack on a website of an airport in the United States that was directly involved in the shipment of aid to Ukraine. Killnet also threatened and launched similar attacks on the websites of national organizations in Germany, the UK, Moldova and Romania, where the attack was motivated mostly as a response to the country's involvement in the arrest of a Killnet member.
pm