Hacker attack on the US and the police swoop into a mechanic's workshop in Italy

Blitz between wrenches and hammers, but the poor guy had nothing to do with it Umberto RAPETTO September 13, 2021

But the story that "dozens and dozens of policemen" surrounded a workshop in Tuscany is dramatically true, at least according to what Il Messaggero writes. The dynamics of the foray into the temple of oil change, brake adjustment and carburetor adjustment let us imagine the flagrant crime and the consequent urgency to intervene in order not to lose the evidence of a crime just committed. In reality, the patrols were catapulted to the scene due to a cyber attack that took place between December and January last year. It was a massive action, sent to sign (as tradition has it) using an infinite number of "zombie" computers, that is suitably infected by malicious instructions that direct them to carry out unwanted actions by users and harmful to the targeted systems. These apparatuses - generally not manned by their respective users (left, for example, turned on at night ...) - end up under the control of whoever is in charge of the criminal action and constitute the "soldiers" of a virtual army in this case with the flag Russian. As it is easy to imagine, the mechanic had nothing to do with the fierce digital raid which - exploiting a bug in the sophisticated SolarWinds solutions particularly widespread in the hi-tech ganglia of America - had hit many government entities, the Armed Forces, the NASA and even the NSA. As we read on the pages of other newspapers that have bounced the scoop "And this was also understood by the investigators of the CNAIPIC (National Cybercrime Center for the Protection of Critical Infrastructures) who limited themselves to identifying that security" hole " opened the door to the Russian offensive in this long digital cold war ”. Anyone who is familiar with the methods that characterize certain battles on the Net would certainly not have mobilized the leatherheads and much less would have brought the centuries of agents who - according to Il Messaggero and all the other newspapers that have taken up the piece - the craftsman of the automotive "he saw himself swooping into his workshop". The fact, then, that it was a "hack" of nine months earlier is a further element of evaluation intended not to give the service operation an unjustified urgency, unless - in consideration of the manager intervals - one wanted to run as apprehensive fathers in hospital at their first labor. The story is even more emblematic if we consider that the damned IP number that identified the alleged Italian attacker had been present for months in the logs of the affected systems and certainly communicated promptly to the territorially competent bodies. In the long interval of time that has elapsed, the hypothetical hacker (certainly not the mechanic) could have changed the computer three or four times, "plane" the hard drive if for emotional reasons he did not want to replace it with a new one, make any trace disappear even in the face to the most acrobatic expert in "digital forensics" ... The episode does not make you smile at all. Not even heartened by the superficiality of the press which probably only wanted to give rise to a clumsy exercise of institutional “captatio benevolentiae” in deference to “no one can get away with it”…. The investigators hope that they will be able to deny what happened, thus avoiding sarcastic comments on their investigative timeliness and surgical precision and on the much acclaimed ability of "cyber resilience" which is the watchword of Undersecretary Gabrielli. If the attack via SolarWinds was successful by exploiting thousands or more easily millions of PCs "possessed" by demonic hackers, how many plumbers, beauticians, prano therapists, palmists or bakers who were absolutely strangers and innocent were searched by cops from all over the world? Cyberwar, I swear to you, is serious despite this….

Here is the article of the Messenger Giuseppe Scarpa for the Messenger


The Russians have also used Italy to launch the largest cyber offensive the United States has ever undergone until now. It turns out only now. A massive hacker attack that the US suffered from the pirates of Moscow saw our country as a springboard: a broken PC and the stolen identity of a Tuscan mechanic. These were the two keys used by the infamous Kremlin-backed APT29 group. The US armed forces, the NSA and NASA were affected. In short, the institutional heart of America.

The Rome prosecutor has opened a file for unauthorized access to the computer system. The adjunct Angelantonio Racanelli and the substitute Maurizio Arcuri deal with the delicate case. The investigation is carried out by unknown persons and the investigation is in the hands of the specialists of the Cnaipic of the police.


THE WAR ON THE WEB The news of the attack had filled the pages of newspapers between December and last January: the target of the attackers was SolarWinds, a Texan IT company that produces Orion, a software for managing corporate networks. Clients include the five sectors of the US military, the Pentagon, NASA, NSA, various US ministries and the US presidency office. Numerous data and classified files were stolen.

Hacker attack

Experts had described it as one of the largest and most sophisticated hacking operations in history, against the government and major stars and stripes. After the heavy Russian blitz, the US State Department announced in mid-April the expulsion of 10 Moscow diplomats from the United States.

In this way, our country remains at the center of the new cold war which always sees Washington and Moscow opposed. In a conflict that is not fought by deploying armies but in a new theater, on the internet, hiring the best computer pirates who use servers and computers located in other countries, to try to disguise the identity and geographical origin from where they really start. aggression.


Following this criterion, the Russian hackers would have carried out the attack on the heart of the United States by passing from an infected computer in Italy and using the name of a Tuscan mechanic. The man, one day, saw dozens of policemen swoop into his workshop. The mechanic, who is not very well versed in computer science, at first struggled to understand what the agents were asking him. The Italian investigators of Cnaipic immediately realized that his identity had simply been stolen and then used it to pierce a PC in the Bel Paese and finally start the attack on the United States.


THE EVENT "The attack is much, much more serious than I initially feared," Mark Warner, an American senator, member of the Intelligence Commission, and one of the most experienced local politicians on the subject, explained to the most important American newspapers. Several specialists who had dealt with the issue noted that there were many problems within the US administration after the attack.

hacker 5

The first is that the attack would not have been identified by government experts but by FireEye, a private cybersecurity company. There is also the question of American strategy, which, as noted by Bruce Schneier (one of the leading computer experts), privileges the attack on defense, even in the distribution of resources by the state. Now NATO experts will have to understand how to collaborate in an increasingly fruitful way to avoid cyber attacks from the various member countries.