Agenzia per la Cybersicurezza Nazionale

Last updated
Agenzia per la Cybersicurezza Nazionale
Logo dell'Agenzia per la cybersicurezza nazionale.png
Agency overview
Formed8 April 2021;3 years ago (2021-04-08)
Headquarters Rome, Italy
Motto"Resilienza, Protezione e Innovazione"
Agency executives
  • Bruno Frattasi, Director
  • Nunzia Ciardi, Deputy Director
Website www.acn.gov.it

The Agenzia per la Cybersicurezza Nazionale (ACN; Italian: National Cybersecurity Agency) is an Italian government agency established by decree 82 of 14 June 2021. [1]

Contents

The ACN was established to provide cybersecurity to information technology, and also for the purpose of protecting national security in the cyberspace, and ensures coordination between the public entities involved in the matter.

It pursues the achievement of national and European strategic autonomy in the digital sector, in synergy with the national production system, as well as through the involvement of the university and research world. It favors specific training courses for the development of the workforce in the sector and supports awareness campaigns as well as a widespread culture of cybersecurity. [2]

Cyberattack alerts, monitoring, detection and prevention activities

The agency constantly carries out activities of alert, monitoring, detection and prevention of cyber attacks as in the case of the massive global cyberattack of 5 February 2023. [3] During the cyberattack, a large part of the TIM network was out of order due to a problem with data flows from the international network which also had an impact in Italy. [4] The attack exploited a vulnerability on VMware ESXi servers. [5] The damage to the Italian national network has amounted to millions of euros, and thousands of servers affected. [6] However, the following day, the agency reduced the scope of the attack, reporting that no critical systems were affected. On 22 February 2023, the agency issued a new alert against an attack perpetrated by Russian activists. The cyberattack is claimed by the pro-Russian group NoName057(16). [7] [8]

On 7 March 2023, the director of the agency, Roberto Baldoni resigned for differences with the Italian government, following the cyber-attacks suffered by Italy. [9] The pro-Russian group NoName057(16) comments on the resignation of Roberto Baldoni on its Telegram channel, claiming the attacks against the Italian internet infrastructure as a complete success. [10]

On 9 March 2023, the prefect of Rome, Bruno Frattasi, was appointed new director of the agency in place of the resigned Roberto Baldoni. [11]

On 19 March 2023, the pro-Russian group NoName057(16) attacked again the Italian institutional websites, in particular that of the CSM. In claiming the cyberattack, they directly addressed the director of the agency, Bruno Frattasi and Francesco Lo Voi, the chief prosecutor of Rome. [12]

On 27 March 2023, there was a new cyberattack against the websites of the Italian ministers and the postal police, however it did not achieve the objective of hindering users from using the sites under attack. The attack was considered failed, only that of Atac, the municipal transport company of Rome, suffered slowdowns and temporary unavailability. [13]

On May 13, 2023, during the visit to Rome in Italy of Volodymyr Zelensky, president of Ukraine, to the Italian president, Sergio Mattarella and the Italian premier Giorgia Meloni and to the Pope, the pro-Russian group Noname057(16) claims a new cyberattack on the website of the Viminale and on the Csm. However, the damage was mitigated and no malfunctions or slowdowns of the affected websites occurred. [14] [15]

On 19 June 2023, the agency sent the 2022 annual report to the Italian parliament which showed that 1,094 cyber attacks took place in 2022, a marked increase due to the conflict in Ukraine. [16] [17]

On 17 February 2025, the pro-Russian activist hacker group Noname057(16) returns to claim attacks against websites of Italian transport companies and banks as previously done, following the statements of the President of the Italian Republic, mainly DDoS (Distributed denial of service) attacks. Among the targets of the attack are the airports of Linate and Malpensa, the Transport Authority and the ports of Taranto and Trieste. [18] [19] An attack that finds no basis in the speech of the President of the Italian Republic, which Russian media reported as words of almost blasphemous outrage, the result of a bad translation and misinterpretation. The passage of the speech is this: "But, instead of cooperation, the criterion of domination prevailed. And they were wars of conquest. This was the project of the Third Reich in Europe. Today's Russian aggression against Ukraine is of this nature." Which means that the Russian aggression against Ukraine is motivated by a criterion of domination. Therefore the claims of this attack are completely refuted. [20] [21] [22]

The following day, the pro-Russian NoName057(16) return to attack the website of the Ministry for Business and Made in Italy and that of the Guardia di Finanza. While the President of the Italian Republic, during his visit to Montenegro, issues an invitation to Russia to respect international law. [23]

In the following days the attacks continued, the websites of the port of Genoa, Savona, Ravenna and Civitavecchia were hit, then those of Leonardo, Banca d'Italia, Transport Authority, Edison, Fininvest, Parmalat. [24] [25] [26]

Cyberwarfare

The agency carries out protection and prevention actions against Cyberwarfare. The cyberattacks mainly have affected hospitals, public facilities, government bodies, and energy production plants. [27] [28] [29] [30] [31] [32]

CSIRT

Computer Security Incident Response Team - Italia (CSIRT) operates within the agency with the following functions defined on the basis of Legislative Decree 18 May 2018, n. 65 and by the Decree of the President of the Council of Ministers of 8 August 2019 art. 4. [33]

References

  1. "DECRETO-LEGGE 14 giugno 2021, n. 82". gazzettaufficiale.it. gazzettaufficiale.it. Retrieved 9 November 2022.
  2. "Agenzia per la Cybersicurezza Nazionale (ACN)". acn.gov.it. acn.gov.it. Retrieved 9 November 2022.
  3. "Agenzia per la cybersicurezza, massiccio attacco hacker in corso. Compromessi migliaia di server". ansa.it. ansa.it. 5 February 2023. Retrieved 5 February 2023.
  4. "Tim, il down è rientrato, toccava il flusso dati dall'estero". ansa.it. ansa.it. 5 February 2023. Retrieved 5 February 2023.
  5. "Rilevato lo sfruttamento massivo della CVE-2021–21974 in VMWare ESXi (AL01/230204/CSIRT-ITA)". csirt.gov.it. CSIRT. Retrieved 5 February 2023.
  6. "Agenzia cyber: Italia sotto massiccio attacco hacker. Colpiti server in tutto il mondo occidentale. Vertice a Palazzo Chigi per valutare i danni". ilsecoloxix.it. ilsecoloxix.it. 5 February 2023. Retrieved 5 February 2023.
  7. "Hacker filorussi attaccano siti di aziende e istituzioni italiane dopo la visita di Giorgia Meloni a Kiev". tgcom24.mediaset.it. tgcom24.mediaset.it. 22 February 2023. Retrieved 23 February 2023.
  8. "Attacco hacker a siti istituzionali contro 'l'Italia russofoba'". ansa.it. ansa.it. 22 February 2023. Retrieved 23 February 2023.
  9. "Agenzia cyber perde direttore, Baldoni si dimette". ansa.it. ansa.it. 7 March 2023. Retrieved 7 March 2023.
  10. "Hacker russi esultano, 'rimosso Baldoni'". ansa.it. ansa.it. 7 March 2023. Retrieved 7 March 2023.
  11. "Bruno Frattasi nominato direttore dell'Agenzia cybersicurezza". ansa.it. ansa.it. 9 March 2023. Retrieved 9 March 2023.
  12. "Cybersicurezza, hacker filorussi rivendicano attacco al sito del Csm". tgcom24.mediaset.it. tgcom24.mediaset.it. 23 March 2023. Retrieved 23 March 2023.
  13. "Fallito attacco hacker a siti di ministeri e Polizia postale". ansa.it. ansa.it. 27 March 2023. Retrieved 14 May 2023.
  14. "Zelensky in visita a Roma Mattarella e Meloni: "Italia pienamente a fianco di Kiev" Il leader ucraino: "Tentazioni di fuga? Ho resistito"". tgcom24.mediaset.it. tgcom24.mediaset.it. 13 May 2023. Retrieved 14 May 2023.
  15. "Gli hacker russi attaccano i siti del Viminale e del Csm nel giorno della visita di Zelensky in Italia". tgcom24.mediaset.it. tgcom24.mediaset.it. 14 May 2023. Retrieved 14 May 2023.
  16. "Agenzia cyber, 1.094 attacchi nel 2022, deciso aumento". ansa.it. ansa.it. 20 June 2023. Retrieved 20 June 2023.
  17. "Cresce minaccia cyber, boom attacchi con guerra Ucraina". ansa.it. ansa.it. 20 June 2023. Retrieved 20 June 2023.
  18. "Nuovi attacchi hacker all'Italia, filorussi colpiscono siti di trasporti e banche". tgcom24.mediaset.it. tgcom24.mediaset.it. 17 February 2025. Retrieved 18 February 2025.
  19. "Mosca attacca ancora Mattarella e minaccia conseguenze". ansa.it. ansa.it. 17 February 2025. Retrieved 18 February 2025.
  20. "Ecco il passaggio del discorso di Mattarella criticato da Mosca". ansa.it. ansa.it. 17 February 2025. Retrieved 18 February 2025.
  21. ""Le sue parole avranno conseguenze". Dalla Russia un nuovo attacco a Mattarella". ilgiornale.it. ilgiornale.it. 17 February 2025. Retrieved 18 February 2025.
  22. "Hacker filorussi in azione, colpiti aeroporti e trasporto pubblico: "Attacco contro Mattarella"". ilgiornale.it. ilgiornale.it. 17 February 2025. Retrieved 18 February 2025.
  23. "Nuovo attacco hacker dei gruppi filorussi, ko i siti del ministero Made in Italy e della Gdf". tgcom24.mediaset.it. tgcom24.mediaset.it. 18 February 2025. Retrieved 19 February 2025.
  24. "Il fatto del giorno: la guerra cibernetica e l'attacco hacker nei porti di Genova e Savona". ilsecoloxix.it. ilsecoloxix.it. 21 February 2025. Retrieved 21 February 2025.
  25. "Quinto giorno di attacchi hacker filorussi a siti italiani, Leonardo tra i target". tgcom24.mediaset.it. tgcom24.mediaset.it. 21 February 2025. Retrieved 21 February 2025.
  26. "Sesto giorno di attacchi degli hacker russi a siti italiani". ansa.it. ansa.it. 22 February 2025. Retrieved 22 February 2025.
  27. "Gli hacker di Putin alla guerra dell'energia: "Italia sotto attacco"". repubblica.it. repubblica.it. 2 September 2022. Retrieved 5 February 2023.
  28. "Gli hacker colpiscono ancora il gas italiano: terzo attacco in una settimana". repubblica.it. repubblica.it. 6 September 2022. Retrieved 5 February 2023.
  29. "Attacchi hacker alle aziende dell'energia, il punto sulle indagini e cosa sappiamo finora". ilsole24ore.com. ilsole24ore.com. 7 September 2022. Retrieved 5 February 2023.
  30. "Cybersecurity, aumentano gli attacchi hacker al settore dell'energia". tg24.sky.it. tg24.sky.it. 30 September 2022. Retrieved 5 February 2023.
  31. "Attacco hacker ad Acea: sito ancora offline 24 ore dopo, sistemi infettati da un ransomware". repubblica.it. repubblica.it. 5 February 2023. Retrieved 5 February 2023.
  32. "Attacco hacker all'Italia, ecco perché ora l'intelligence è preoccupata". repubblica.it. repubblica.it. 22 February 2023. Retrieved 23 February 2023.
  33. "Computer Security Incident Response Team - Italia". csirt.gov.it. csirt.gov.it. Retrieved 24 May 2023.

See also

This page is based on this Wikipedia article
Text is available under the CC BY-SA 4.0 license; additional terms may apply.
Images, videos and audio are available under their respective licenses.