Hacker attack on the police website, Giannini: "We are working"

The announcement of the Chief of Police, however, does not clarify whether killnet's cybercriminals are still in action. The director of ACN, Roberto Baldoni: "Intrusions against which, at this moment, it is complicated to react" 17 May 2022 F. Me.

"We are working carefully." This is the response of the Chief of Police, Lamberto Giannini, to the reporters who in Milan, on the sidelines of the commemorations for the 50th anniversary of the murder of Commissioner Luigi Calabresi, asked him about the situation after the hacker attack suffered by the website of the State Police. Giannini did not want to specify if the site is still under attack. Index of topics • The hacker attack on the Police website • Baldoni's audition The hacker attack on the Police website Yesterday the Police site suffered an attack by the pro-Russian hackers of the Killnet collective, the same who in recent days have hit some institutional sites including those of the Senate and Defense and who have tried to block Eurovision. The action, which began last night, was faced by Police technicians supported by specialists from the National Cybercrime Center for the Protection of Critical Infrastructures (Cnaipc) of the Postal Police, for the progressive restoration of the full functionality of the site.

To claim the attack was the same killnet collective on its Telegram channels: "according to foreign media - it reads - Killnet attacked Eurovision and was blocked by the Italian police. But Killnet did not attack Eurovision. Today, however, we officially declare war on 10 countries, including the deceptive Italian police. By the way – the hackers conclude – your site has stopped working: why hasn't the attack been dealt with as for Eurovision?". The attack did not cause damage to infrastructure but only saturated connections and slowed down. Baldoni's audition In the aftermath of the hacker attack on the website of the Postal Police, the director of the National Cybersecurity Agency, Roberto Baldoni highlighted the difficulty in dealing with hacker attacks at this time. "You saw yesterday's episode on the website of the Police, but also that relating to "the Higher Institute of Health and the site of the Senate. These are attacks to which at this moment it is very complex to be able to react", explained Baldoni, heard by the Constitutional Affairs Committee in the Chamber of Deputies as part of the bills relating to the provisions on the exercise of the right to vote by voters temporarily domiciled outside the region of residence. "What we can do, of course, is to improve the defenses – Baldoni pointed out – But this means that within a voting operation we could be subjected to this type of attack". The hearing focused attention on the electoral green pass. "We are very open to evaluating. When it is submitted to us we will evaluate it carefully", said the director of ACN about the possibility of adopting the Green Pass model electoral card. Baldoni, who intervened in the context of the examination of the bills containing provisions on the exercise of the right to vote by voters temporarily domiciled outside the region of residence, explained that to indicate risks of hacker attacks at an acceptable level, "huge economic resources and design and development research times are needed. We also need an assessment that goes to analyze every part of the vote". Among the experiments that could be evaluated, that of the installation of totems without legal value, experimenting and investigating the risks to measure them. According to Baldoni, "with current technology and the protections of current technology all systems on the internet are inherently insecure. Which does not mean that we must not, as we have done in the last decades, continue to develop systems through research, so that they can be used in the future". Baldoni, who spoke at a hearing before the Constitutional Affairs Committee as part of the examination of legislative proposals containing provisions on the exercise of the right to vote by voters temporarily domiciled outside the region of residence, explained that in the case of elections, hackers "can be of the highest profile and with vast resources" and there is a risk of a "loss of trust of citizens", even with the mere suspicion that the right to vote may be destabilized. Baldoni then listed a series of possible critical issues related for example to privileged access to data and services, which "pose a very strong control problem. Then there is "the risk of interception and manipulation of communications and the risk of unknown vulnerabilities, the so-called 0-days, which could exist within the software libraries". For Baldoni "there is the possibility of raising the technological level in some phases of the vote and, instead, not to take this risk when it is too high by keeping in this case the technological part at the low level. With the use of Spid, for example, there may be attacks on the same availability of Spid. The risk would increase to the maximum through the vote with personal device and in any case there are also risks with fixed positions, the so-called totems ". "The risk is not zero, we must take the risk – explained Baldoni -. Blockchain systems are also subject to attack risks, which can lead to a restriction of election results. There is no mobile app that can guarantee that it is secure enough to be used. For example, the conditions could be created to maintain the corrupt vote without realizing it from the outside except from a forensic analysis that can last months: this would have deleterious effects on the credibility of the institution".