Agenzia per la Cybersicurezza Nazionale

Agenzia per la Cybersicurezza Nazionale
Agency overview
Formed8 April 2021; 3 years ago (2021-04-08)
HeadquartersRome, Italy
Agency executives
  • Bruno Frattasi, Director
  • Nunzia Ciardi, Deputy Director
Websitewww.acn.gov.it

The Agenzia per la Cybersicurezza Nazionale (ACN) is an Italian government agency established by decree 82 of 14 June 2021.[1]

The ACN was established to provide cybersecurity to information technology, and also for the purpose of protecting national security in the cyberspace, and ensures coordination between the public entities involved in the matter.

It pursues the achievement of national and European strategic autonomy in the digital sector, in synergy with the national production system, as well as through the involvement of the university and research world. It favors specific training courses for the development of the workforce in the sector and supports awareness campaigns as well as a widespread culture of cybersecurity.[2]

Cyberattack alerts, monitoring, detection and prevention activities

The agency constantly carries out activities of alert, monitoring, detection and prevention of cyber attacks as in the case of the massive global cyberattack of 5 February 2023.[3] During the cyberattack, a large part of the TIM network was out of order due to a problem with data flows from the international network which also had an impact in Italy.[4] The attack exploited a vulnerability on VMware ESXi servers.[5] The damage to the Italian national network has amounted to millions of euros, and thousands of servers affected.[6] However, the following day, the agency reduced the scope of the attack, reporting that no critical systems were affected. On 22 February 2023, the agency issued a new alert against an attack perpetrated by Russian activists. The cyberattack is claimed by the pro-Russian group NoName057.[7][8] On 7 March 2023, the director of the agency, Roberto Baldoni resigned for differences with the Italian government, following the cyber-attacks suffered by Italy.[9] The pro-Russian group NoName057 comments on the resignation of Roberto Baldoni on its Telegram channel, claiming the attacks against the Italian internet infrastructure as a complete success.[10] On 9 March 2023, the prefect of Rome, Bruno Frattasi, was appointed new director of the agency in place of the resigned Roberto Baldoni.[11] On 19 March 2023, the pro-Russian group NoName057 attacked again the Italian institutional websites, in particular that of the CSM. In claiming the cyberattack, they directly addressed the director of the agency, Bruno Frattasi and Francesco Lo Voi, the chief prosecutor of Rome.[12] On 27 March 2023, there was a new cyberattack against the websites of the Italian ministers and the postal police, however it did not achieve the objective of hindering users from using the sites under attack. The attack was considered failed, only that of Atac, the municipal transport company of Rome, suffered slowdowns and temporary unavailability.[13] On May 13, 2023, during the visit to Rome in Italy of Volodymyr Zelensky, president of Ukraine, to the Italian president, Sergio Mattarella and the Italian premier Giorgia Meloni and to the Pope, the pro-Russian group noName057 claims a new cyberattack on the website of the Viminale and on the Csm. However, the damage was mitigated and no malfunctions or slowdowns of the affected websites occurred.[14][15] On 19 June 2023, the agency sent the 2022 annual report to the Italian parliament which showed that 1,094 cyber attacks took place in 2022, a marked increase due to the conflict in Ukraine.[16][17]

Cyberwarfare

The agency carries out protection and prevention actions against Cyberwarfare. The cyberattacks mainly have affected hospitals, public facilities, government bodies, and energy production plants.[18][19][20][21][22][23]

CSIRT

Computer Security Incident Response Team - Italia (CSIRT) operates within the agency with the following functions defined on the basis of Legislative Decree 18 May 2018, n. 65 and by the Decree of the President of the Council of Ministers of 8 August 2019 art. 4.[24]

References

  1. ^ "DECRETO-LEGGE 14 giugno 2021, n. 82". gazzettaufficiale.it. gazzettaufficiale.it. Retrieved 9 November 2022.
  2. ^ "Agenzia per la Cybersicurezza Nazionale (ACN)". acn.gov.it. acn.gov.it. Retrieved 9 November 2022.
  3. ^ "Agenzia per la cybersicurezza, massiccio attacco hacker in corso. Compromessi migliaia di server". ansa.it. ansa.it. 5 February 2023. Retrieved 5 February 2023.
  4. ^ "Tim, il down è rientrato, toccava il flusso dati dall'estero". ansa.it. ansa.it. 5 February 2023. Retrieved 5 February 2023.
  5. ^ "Rilevato lo sfruttamento massivo della CVE-2021–21974 in VMWare ESXi (AL01/230204/CSIRT-ITA)". csirt.gov.it. CSIRT. Retrieved 5 February 2023.
  6. ^ "Agenzia cyber: Italia sotto massiccio attacco hacker. Colpiti server in tutto il mondo occidentale. Vertice a Palazzo Chigi per valutare i danni". ilsecoloxix.it. ilsecoloxix.it. 5 February 2023. Retrieved 5 February 2023.
  7. ^ "Hacker filorussi attaccano siti di aziende e istituzioni italiane dopo la visita di Giorgia Meloni a Kiev". tgcom24.mediaset.it. tgcom24.mediaset.it. 22 February 2023. Retrieved 23 February 2023.
  8. ^ "Attacco hacker a siti istituzionali contro 'l'Italia russofoba'". ansa.it. ansa.it. 22 February 2023. Retrieved 23 February 2023.
  9. ^ "Agenzia cyber perde direttore, Baldoni si dimette". ansa.it. ansa.it. 7 March 2023. Retrieved 7 March 2023.
  10. ^ "Hacker russi esultano, 'rimosso Baldoni'". ansa.it. ansa.it. 7 March 2023. Retrieved 7 March 2023.
  11. ^ "Bruno Frattasi nominato direttore dell'Agenzia cybersicurezza". ansa.it. ansa.it. 9 March 2023. Retrieved 9 March 2023.
  12. ^ "Cybersicurezza, hacker filorussi rivendicano attacco al sito del Csm". tgcom24.mediaset.it. tgcom24.mediaset.it. 23 March 2023. Retrieved 23 March 2023.
  13. ^ "Fallito attacco hacker a siti di ministeri e Polizia postale". ansa.it. ansa.it. 27 March 2023. Retrieved 14 May 2023.
  14. ^ "Zelensky in visita a Roma Mattarella e Meloni: "Italia pienamente a fianco di Kiev" Il leader ucraino: "Tentazioni di fuga? Ho resistito"". tgcom24.mediaset.it. tgcom24.mediaset.it. 13 May 2023. Retrieved 14 May 2023.
  15. ^ "Gli hacker russi attaccano i siti del Viminale e del Csm nel giorno della visita di Zelensky in Italia". tgcom24.mediaset.it. tgcom24.mediaset.it. 14 May 2023. Retrieved 14 May 2023.
  16. ^ "Agenzia cyber, 1.094 attacchi nel 2022, deciso aumento". ansa.it. ansa.it. 20 June 2023. Retrieved 20 June 2023.
  17. ^ "Cresce minaccia cyber, boom attacchi con guerra Ucraina". ansa.it. ansa.it. 20 June 2023. Retrieved 20 June 2023.
  18. ^ "Gli hacker di Putin alla guerra dell'energia: "Italia sotto attacco"". repubblica.it. repubblica.it. 2 September 2022. Retrieved 5 February 2023.
  19. ^ "Gli hacker colpiscono ancora il gas italiano: terzo attacco in una settimana". repubblica.it. repubblica.it. 6 September 2022. Retrieved 5 February 2023.
  20. ^ "Attacchi hacker alle aziende dell'energia, il punto sulle indagini e cosa sappiamo finora". ilsole24ore.com. ilsole24ore.com. 7 September 2022. Retrieved 5 February 2023.
  21. ^ "Cybersecurity, aumentano gli attacchi hacker al settore dell'energia". tg24.sky.it. tg24.sky.it. 30 September 2022. Retrieved 5 February 2023.
  22. ^ "Attacco hacker ad Acea: sito ancora offline 24 ore dopo, sistemi infettati da un ransomware". repubblica.it. repubblica.it. 5 February 2023. Retrieved 5 February 2023.
  23. ^ "Attacco hacker all'Italia, ecco perché ora l'intelligence è preoccupata". repubblica.it. repubblica.it. 22 February 2023. Retrieved 23 February 2023.
  24. ^ "Computer Security Incident Response Team - Italia". csirt.gov.it. csirt.gov.it. Retrieved 24 May 2023.

See also