In the past few hours there has been a hacker attack on Italy, coming from Russia. The offensive, as we reported in another article, hit two important institutional sites, namely those of the Senate and of the Defense.
But not only that: the multiple attack was also directed against the sites of the Istituto Superiore di Sanità and the Automobile Club of Italy. Furthermore, against the Kompass portal, the Institute of Advanced Studies of Lucca and Infomedix. And an attempt was also made against the site of the Eurovision singing event.
It all happened on the afternoon of Wednesday 11 Maywhen these sites went haywire.
Let’s retrace what happened. After that we find out more about the Russian group Killnet, which claimed responsibility for the composite cyber offensive against Italy.
The (multiple) hacker attack on Italy
The massive hacker attack against Italy hit a number of institutional and non-institutional sites, which stopped working from 17.00 to 20.00 on Wednesday 11 May.
The methods are those of DDoS (Distributed denial of service). That sends systems haywire by means of a huge amount of access requests. These, slowing down or blocking the functioning of a site, make it unreachable. They are usually disruptive actions that do not cause damage to the targeted IT infrastructure.
The Postal Police has opened the investigation, and the Cnaipic (National Cybercrime Center for the Protection of Critical Infrastructures) is at work. As well as the National Cybersecurity Agency: “We are working closely with the affected administrations to restore their websites, analyzing the phenomenon, and at the same time suggesting the first suitable technical countermeasures”.
Meanwhile, the Senate has made it known that at 20.00 the portal is reachable again.
Between claims and declarations
The hacker attack on Italy was immediately claimed on Telegram by Russian hackers from the Killnet group. Who in a high-sounding way called it “Attack on Italy”, adding: “It could be the beginning of your end”. The Killnet group has made it known that their criminal action also affected Spain.
On the other hand, the note from the Ministry of Defense is curious. Which denies any relationship between the site’s inefficiencies and the hacker attack on Italy. We read in the press release: “With reference to the news circulated about the impossibility of reaching the website www.difesa.it, the Defense Staff specifies that it is due to maintenance activities planned for some time, in progress on the site”.
A political attack?
An explanation that, however, did not convince. What caught the attention of many was rather the timing of the Russian hacker group, which coincided with the press conference of Mario Draghi, visiting Washington. The hacker attack on Italy, paradoxically, was almost contemporary with the words of our premier, who in the US said: “Russia is no longer Goliath. You are not an invincible opponent ”.
The manner of the attack, and the claim on social networks, would suggest a warning, and above all the political nature of the offensive. But who is the Killnet group, and on behalf of who does it work?
The Killnet Group
Who is the Killnet group, which pompously claimed responsibility for the hacker attack on Italy?
It is about a collective of cybercriminals believed to be ideologically close to the Kremlin. He is ready to attack anyone who is critical of the Russian offensive against Ukraine. As happened recently to damage to the sites of the Ministry of Defense and that of the railways of Romania.
Among their most recent hacking actions at an international level, those at several British hospitals are reported, even with the threat of blocking the respirators of hospitalized patients. It was a retaliation, after the arrest – which took place in Great Britain – of Ioan Feher, one of the alleged leaders of the organization.
The hackers of the Killnet group are very young, presumably all in their twenties, and they manage a Telegram channel that boasts 57,000 subscribers.
Killnet is part of the Legion collective, a group of Russian hacking groups that aim to attack the sites of Western institutions and companies.
The reactions
On Twitter, the President of the Senate Elisabetta Alberti Casellati wrote: “No damage from the hacker attack that involved the external network of the Senate. Thanks to the technicians for the immediate intervention. These are serious episodes, which should not be underestimated. We will continue to keep our guard up ”.
Mon Facebook Ernesto Magorno, senator of Italia Viva and member of Copasir, was less staid. Magorno wrote: “A very serious fact. It is necessary to react immediately because, unfortunately, the progress of the war between Russia and #Ukraine risks going on for a long time and a cyber attack should be recognized as an act of terrorism ”.
Maurizio Lupi echoed him, of Us with Italy: “A hostile declaration that should not be underestimated. This is why it is necessary, now more than ever, to strengthen our cybersecurity “.