Italy under attack

(To Alessandro Rugolo)
20/11/18

Italy has long been in the sights of hackers, but until recently it seemed that nobody was interested. But this time it's different.

Rumors have already circulated about a cyber attack that would have hit the judicial offices. This time, however, the rumors follow the facts, and the facts consist of the first press conference held by Professor Roberto Baldoni, Cyber ​​Deputy Director General of the Department of Security Information.

This time the attack went to sign and it seems that many people are worried.

Online Defense is invited to the press conference, as the main newspapers. We are all together waiting for the arrival of Professor Baldoni, in a small but splendid room, with the ceiling completely frescoed, of Palazzo Verospi in Via dell'Impresa in Rome.

Object of the meeting: hacker attack on the PEC of judicial offices and ongoing initiatives of the Presidency of the Council of Ministers.

The meeting is cordial, Professor Baldoni illustrates the situation. Few are the details. On the other hand it is normal, there are ongoing investigations.

The occasion, not particularly festive, however, allows us to take stock of an increasingly popular topic in Italy and the world: computer security.

A company supplying PEC (Certified Electronic Mail) services to Public Administrations, but not only, has noticed that it is under attack, they are 17.15 of the November 12.

As a precaution, waiting to better understand what is happening, the services are blocked.

The 13 November at 12.00 the incident is notified to the CNAIPIC (National Anti-Crime Center for the Protection of Critical Infrastructures) of the Postal Police. From that moment the activities officially involve the DIS with its structures.

Between the 14 and the 15 November we inform the president of the council of ministers, while everyone is busy to evaluate the extent of the attack, the risks, the countermeasures to be adopted, the containment measures.

Monitoring of the situation is very important. Continuous analysis will try to understand who led the attack and especially if it is still inside the systems, dormant, waiting to hit again.

Frenzy activities continue between the 16 and the 19 November. The November 19 from the 15.30 to the approximately 17.00 meets the technical CISR (Interministerial Committee for the Security of the Republic). From the meeting emerge three urgent actions to pursue:

- of a regulatory nature, through the adoption of specific cyber security measures;

- contractual, through the inclusion of appropriate measures in procurement contracts for goods and services based on the impact on national security;

- operating, with the launch of the National Evaluation and Certification Center.

The briefing, institutional but clear, is followed by a session of questions and answers to which Professor Baldoni does not escape, even if he can not give details or confirm hypotheses or simple entries collected on the web.

There are those who speak of APT (Advanced Persistent Threat), there are those who admit that they are not an expert and asks to know the name of the company attacked, there are those who ask to know what kind of attack it was.

The deputy general manager is clear, it was the biggest hacker attack in Italy since his inauguration leading the new DIS structure. An extended attack, perhaps not too complex, but involving 30.000 domains, about 500.000 mailboxes, more than 90.000 PEC boxes, the service that allows the exchange of Certified Electronic Mail between Public Administrations, have been esfiltrati (read "stolen") personal data and passwords (encrypted).

Hundreds of people, technicians and others, have worked in these days to solve the problem.

The professor is sure that the attack is over, we wish it.

The fact remains that Online Defense for a long time he tries to say his, especially on the lack of adequate institutional investments and the opportunity is good to put the question directly at the top: what do you plan to do to change things?

Without adequate investment there will never be interest in Italy in developing such a complex capacity. Money does not do everything but help, move industries and push individuals to improve, study and invest in an expert Cyber ​​future.

We need a strong industry, European or national, that takes care of the problems of the sector, but first of all we need people who believe in it and want a different Italy and on a par with other countries.