Italy stops wide-ranging Russian attack on websites of parliament, military, health agency
The websites of Italy’s parliament, military and National Health Institute faced disruptions on Thursday by a pro-Russian hacking group previously implicated in a similar cyberattack on the Romanian government.
The attack also affected the Automobile Club d'Italia and several other Italian institutions. On Telegram, the Killnet hacking group took credit for the incidents. Several of the sites are back up and running after being down for several hours.
Italy’s National Cybersecurity Agency did not respond to requests for comment, but the president of Italy’s Senate, Maria Elisabetta Alberti Casellati, said there was no lasting harm to the parliament’s websites.
“No damage from the attack which involved the external network of the Senate. Thanks to the technicians for the immediate intervention. These are serious episodes, which should not be underestimated. We will continue to keep our guard up,” she wrote on Twitter.
Nessun danno dall’attacco #hacker che ha coinvolto la rete esterna del #Senato. Un grazie ai tecnici per l’immediato intervento. Si tratta di episodi gravi, che non vanno sottovalutati. Continueremo a tenere alta la guardia. @SenatoStampa
— Maria Elisabetta Alberti Casellati (@Min_Casellati) May 11, 2022
Two weeks ago, Romania’s national cybersecurity response team and intelligence agency said the websites for the ministry of defense, border police, national railway company were attacked by Killnet with distributed denial-of-service attacks.
At the time, Killnet said it launched the attack because Romania supported Ukraine after Russia invaded earlier this year.
The Romanian agencies added that Killnet specializes in DDoS attacks and has previously attacked sites connected to the governments of the U.S., Estonia, Poland, the Czech Republic and other NATO members.
On Telegram, members of Killnet said the attack on Italy was not as severe as their attack on Romania. They made several charged taunts toward the governments of Italy and Spain.
“Our Legion conducts military cyber exercises in your countries in order to improve their skills. Everything happens similarly to your actions - the Italians and the Spaniards are going to learn how to kill people in Ukraine,” an alleged member of the group said.
“Our Legion is learning to kill your servers! You must understand that this is training. Don't make too much noise, I'm sick of the amount of news about attacks on the Senate. I give you my word of honor that our cyber army will soon finish training in your territory, and we will go on the offensive. It will happen suddenly and very quickly.”
Italy has provided military and financial support to Ukraine.
Microsoft vice president Tom Burt said last month that the company’s experts believe cyberattacks will continue to escalate and widen as the war between Russia and Ukraine continues.
“Russian nation-state threat actors may be tasked to expand their destructive actions outside of Ukraine to retaliate against those countries that decide to provide more military assistance to Ukraine and take more punitive measures against the Russian government in response to the continued aggression,” Burt said.
“We’ve observed Russian-aligned actors active in Ukraine show interest in or conduct operations against organizations in the Baltics and Turkey – all NATO member states actively providing political, humanitarian or military support to Ukraine.”
Jonathan Greig
is a Breaking News Reporter at Recorded Future News. Jonathan has worked across the globe as a journalist since 2014. Before moving back to New York City, he worked for news outlets in South Africa, Jordan and Cambodia. He previously covered cybersecurity at ZDNet and TechRepublic.