Italian Bank Cyber Spy Attacks

Uploaded on 2017-03-15 in FREE TO VIEW, BUSINESS-Services-Financial, TECHNOLOGY--Hackers

Mario Draghi, president of the European Central Bank, and former Italian Prime Minister Matteo Renzi were among those hacked in a cyber-spying operation that targeted more than 18,000 e-mail accounts.

Operation “Eye Pyramid” revealed cyber-spying of institutions, state agencies, professionals, political figures and business people lasting for years, Italian police said in an e-mailed statement.

Police said two people were arrested: a nuclear engineer and his sister, both living in Rome and well-known in Roman financial circles.

The alleged hackers acted “with the aim of making a profit for themselves or for others,” the court document says. The Italian police inquiry was aided by the US Federal Bureau of Investigation, which said the hackers targeted victims in the US and Europe.

Draghi’s e-mail at the Bank of Italy was hacked in the summer of 2016, according to the suspects’ arrest warrant issued by Rome pre-trial Judge Maria Paola Tomaselli. Draghi served as governor of the Italian central bank from 2005 to 2011. An e-mail account belonging to Renzi was also hacked, the document says.

The ECB, Renzi’s Democratic Party and the Bank of Italy declined to comment when contacted by Bloomberg. A person familiar with the matter said the Frankfurt-based ECB had no indication of a successful e-mail breach there.

Eni, Enel

Among the hackers’ targets were oil group Eni SpA, multinational power company Enel SpA and technology company Leonardo Finmeccanica SpA, the court document shows. Political parties, law firms, politicians and ministries were also targeted.

The suspects tried to obtain confidential and sensitive data, especially on banks, at the ECB in Frankfurt and at the Bank of Italy in Rome, according to a person familiar with the investigation, speaking on the condition of not being identified by name.

The two arrested are suspected of obtaining information on national security, serious illegal access to a computer system and illicit interception of computer communications in an investigation led by Rome prosecutors, an Italian police statement said.

Thanks to a wide network of computers infected with malware called “Eyepyramid,” the pair allegedly obtained from a large number of victims “confidential information and sensitive data over many years” which was stored on US servers, according to the police statement.

Italian police, working with the Cyber Division of the U.S. FBI, have seized the servers, it added. The FBI said in a statement recently that the US Justice Department also provided support to the inquiry.

The network targeted individuals who possessed particularly sensitive or strategic data, or “of particular value for those working in specific financial circles,” the statement said.

Bloomberg

Rome: Cyber Spying Rings Security Bells:      Italian Brother & Sister Cyber Spies Arrested

 

 

 

« Could Hackers Turn the Lights Out?
Tim Berners-Lee’s Vision For The Web - Things Need To Change! »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

XYPRO Technology

XYPRO Technology

XYPRO is the market leader in HPE Non-Stop Security, Risk Management and Compliance.

ManageEngine

ManageEngine

As the IT management division of Zoho Corporation, ManageEngine prioritizes flexible solutions that work for all businesses, regardless of size or budget.

Practice Labs

Practice Labs

Practice Labs is an IT competency hub, where live-lab environments give access to real equipment for hands-on practice of essential cybersecurity skills.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

DigitalStakeout

DigitalStakeout

DigitalStakeout enables cyber security professionals to reduce cyber risk to their organization with proactive security solutions, providing immediate improvement in security posture and ROI.

Ascentor

Ascentor

Ascentor specialises in independent information and cyber security consultancy. We’re experienced industry experts, providing cyber security services since 2004.

MobileIron

MobileIron

MobileIron provides EMM capabilities to IT organizations that need to secure mobile devices, applications and content.

Vaddy

Vaddy

Vaddy provide an automatic web vulnerability scanner for DevOps that performs robust security checks to ensure that web app code is secure.

Cyber8Lab

Cyber8Lab

Cyber8Lab provides cybersecurity training programmes simulating real world cybersecurity incidents such as web defacement, malware, phishing, digital forensics analysis and wireless intrusion.

Lacework

Lacework

Lacework brings speed, scale, and automation to cloud security and allows security and DevOps teams to collaborate on keeping data and applications safe.

Kryptus

Kryptus

Kryptus provides a wide array of solutions for hardware, firmware and software ranging from semiconductors to complex digital certificate management systems.

TitanHQ

TitanHQ

TitanHQ offers ultimate protection from internet based threats and powerful Web filtering functionalities to SMBs, Service Providers and Education sectors around the World.

Vilnius Tech Park

Vilnius Tech Park

The region‘s most complex and integrated ICT hub, Vilnius Tech Park aims to attract and unite innovative talent from big data, cyber security, smart solutions, fintech and digital design.

OISTE Foundation

OISTE Foundation

OISTE foundation allows users to control their digital identities using well-understood and secure algorithms that ensure the continued validity of an identity and its claims.

US Fleet Cyber Command (FLTCYBER)

US Fleet Cyber Command (FLTCYBER)

US Fleet Cyber Command is responsible for Navy information network operations, offensive and defensive cyberspace operations, space operations and signals intelligence.

SK Shieldus

SK Shieldus

SK shieldus are a converged security provider with business capabilities in both cybersecurity and physical security based on Big-Tech.

xdr.global

xdr.global

Xdr.global is a cybersecurity consulting firm, focused on promoting and aligning Extended Detection and Response (XDR) security solutions.

Theta

Theta

Theta is a New Zealand owned technology consultancy. Our team of over 330 experienced professionals help organisations transform with technology.

Next DLP

Next DLP

Next DLP (formerly Jazz Networks) is a leading provider of insider risk and data protection solutions.

Keyrus

Keyrus

Keyrus is a global consultancy that develops data and digital solutions for performance management.

IT.ie

IT.ie

IT.ie are a comprehensive provider of Managed IT Services, Cloud Solutions, Cyber Security, and proactive IT support services.