In recent days, Italy has been the scene of a series of cyber attacks involving numerous sectors, highlighting the vulnerability of the national digital infrastructure. The pro-Russian hacker group NoName057(16), active since March 2022, intensified its operations against institutional sites and major companies, exploiting the technique of Distributed Denial of Service (DDoS) to make strategic platforms inaccessible.

NoName057 attacks institutions and companies

The attacks, conducted for seven consecutive days, targeted the government sector, transport and banking. In particular, the sites of the Ministries of Foreign Affairs, Enterprise and Defence, together with those of theAir Force and the personal website of Prime Minister Giorgia Meloni. In recent days, other important Leonardo, the Bank of Italy, the Transport Authority, Edison, Fininvest and Parmalat have suffered similar attacks, and even the port of Genoa was the target of an attack last Friday. These attacks resulted in temporary blackouts, causing significant disruptions to users and interruptions in the smooth running of digital services.

DDOS: Modus Operandi

The strategy adopted by NoName057(16) is based on the use of botnets, i.e. networks of compromised devices - computers, servers, routers and IoT devices - controlled remotely to flood websites with a massive flow of requests. A distinctive element of this modus operandi is the use of the DDosia platform, which allows sympathisers to contribute to operations in exchange for financial rewards. This form of 'crowdsourcing' of cybercrime has broadened the scope of the offensive, causing problems not only in Italy, but also in other European countries.

Possible motivations for attacks

According to statements made on the group's Telegram channel, the attacks are a direct response to recent statements by the President of the Republic Sergio Mattarella. During a speech at the University of Marseille, the head of state had compared Russia's actions to Nazi expansionism, provoking a furious reaction from the hackers. In this context, the collective described their offensive as a 'punishment for Italy', in response to the political positions expressed by the president. The tension further increased when, this morning, Russian Foreign Ministry spokeswoman Maria Zakharova, stated that Mattarella's words 'will not go without consequences', underlining how the statements could trigger international reactions.

How to reduce attacks

To deal with this threat, Italian authorities have adopted advanced monitoring systems and implemented measures to mitigate malicious traffic. Techniques such as rate limiting, which limits the number of requests accepted in a time interval, and the use of anti-DDoS services as indicated by theAgency for National Cybersecurity (ACN) have helped reduce the impact of attacks. However, the continuous evolution of cyber threats requires constant updating of cyber intelligence and close cooperation with international partners.

In conclusion, the NoName057(16) offensive is not only a technical challenge for Italian digital security, but also a sign of growing geopolitical tensions. At a time when digital weapons are playing an increasingly central role, it is essential to strengthen cyber defences and promote international cooperation to effectively fight cybercrime and ensure the protection of critical infrastructures.