Cyber attacks from Russia: NoName057(16) targets Italy

Collettivo Hacker NoName057(16) colpisce siti istituzionali italiani
Luca Cadonici
28/12/2024
Powers

On 26 and 27 December 2024, the pro-Russian hacker collective NoName057(16) conducted a series of targeted cyber attacks against Italian institutional sites, motivating them as a response to alleged Russophobia. The attacks on the first day hit the sites of the Ministry of Infrastructure and Transport, the Ministry of Economic Development, the Guardia di Finanza, the Italian Armed Forces, the Carabinieri, and the Navy. On the following day, the action moved to the sites of Linate and Malpensa airports, as well as the Ministry of Foreign Affairs.

The cyber criminals claimed the operation on their Telegram channel, stating: ‘Italian Russophobes receive a well-deserved cyber response’.

DDoS attacks and the claim on Telegram

Through a campaign of DDoS attacks, the collective overloaded the servers of the affected sites, rendering them temporarily inaccessible. The attacks were claimed on Telegram with the message: ‘Italian Russophobes receive a well-deserved IT response’. Among the claimed targets were the Italian Transport Federation and the Autolinee Siena and Turin.

Distributed Denial of Service (DDoS) attacks exploit networks of compromised computers, called botnets, to generate massive, simultaneous traffic that leads to the collapse of systems. However, thanks to timely mitigation activities, the disruptions were limited to a short period of time.


Banner advertising

The announcement of the National Cybersecurity Agency (NCA)

In a statement released in recent hours, the National Cybersecurity Agency (NCA) provided further details:
“On 28 December 2024 from around 8am there were some disruptions to the websites of transport companies and the Farnesina website due to DDoS attacks. The attacks were claimed by the group NoName057(16) on their Telegram channel’.

ACN confirmed that the attacks temporarily made theMilan-Malpensa airport site, the Milan-Linate airport site and the Foreign Ministry site inaccessible. However, ‘the disruptions did not affect the regularity of flights’. In the case of airports, the attacks only affected sites accessible to users and not critical systems for air traffic management.

Thanks to the activities coordinated by the Computer Security Incident Response Team (CSIRT Italy) and the technicians of the companies involved, the sites were quickly restored to full operation.

The agency finally explained: ‘DDoS attacks, which tend to clog up web services by making them temporarily inaccessible, are generally short-lived and do not affect infrastructure when mitigation procedures are taken immediately’.

Statements by Minister Antonio Tajani

Foreign Minister Antonio Tajani commented on the attacks in an official statement:
“We are dealing with an attack by Russian hackers on the Foreign Ministry website. It is the third hacker attack on the Farnesina in recent days. This is also the reason why I have decided to initiate an internal restructuring of the Foreign Ministry precisely to strengthen cyber security’.

Tajani added:
“We are working to react very firmly to cyberattacks coming from abroad, we are repelling them all, but we will raise the security threshold for all Italian offices around the world”. He then announced the creation of a new directorate general at the Farnesina dedicated to cyber security and artificial intelligence.

Geopolitics of Artificial Intelligence by Alessandro Aresu