Attackers claim to breach Italian cybercops’ network

26 Jul 2011

A group of cyber attackers are claiming to have breached the network of the Italian government agency responsible for guarding critical national infrastructure, obtaining access to more than 8GB of data.

Making the claim on a Twitter feed credited to AnonymousIRC, a group of hackers claims to have broken into the network of the Centro nazionale anticrimine informatico per la protezione delle infrastrutture critiche (CNAIPIC), which is Italy’s National Anti-Cybercrime Centre for the Protection of Critical Infrastructure.

Reports vary as to which group may be responsible – La Repubblica newspaper attributed the attack to Nkwd, while the Corriere Della Sera named LulzSec, the collective that reportedly disbanded in June. CNAIPIC has not made a formal statement, making it difficult to work out the veracity of the claims.

Some of the documents obtained in the breach have already been published online but estimates in the Italian press put the amount at little more than 1pc of the total that were taken.

La Repubblica said that while some of the documents are of little relevance, others are potentially much more interesting, such as scanned photocopies of documents originating from individuals in the Middle East, a reconstruction of the Bernie Madoff scandal, official letters in Russian and Arabic and plans relating to Exxon operations in Vietnam.

The files also contain reconstructions of cyber-attacks against the Medici Bank, the Genoa attorney and against fuel companies Gaxprom and Petrovietnam. There is even a report by an agent warning about an attempt to take down the website belonging to Prime Minister Silvio Berlusconi’s Popolo della liberta (People of freedom) political party. The would-be attackers dubbed this operation “Killusconi”.

The purported hack comes after Italian police made arrests in connection with the Anonymous hacktivist collective. At least one of the figures involved, known as Frey, was identified by CNAIPIC. It’s possible the latest hack and pilfering of secret documents is a form of reprisal, although no-one from Anonymous has made this explicit, if that is the reason.

Gordon Smith was a contributor to Silicon Republic

editorial@siliconrepublic.com