Italian Bank Cyber Spy Attacks

Uploaded on 2017-03-15 in FREE TO VIEW, BUSINESS-Services-Financial, TECHNOLOGY--Hackers

Mario Draghi, president of the European Central Bank, and former Italian Prime Minister Matteo Renzi were among those hacked in a cyber-spying operation that targeted more than 18,000 e-mail accounts.

Operation “Eye Pyramid” revealed cyber-spying of institutions, state agencies, professionals, political figures and business people lasting for years, Italian police said in an e-mailed statement.

Police said two people were arrested: a nuclear engineer and his sister, both living in Rome and well-known in Roman financial circles.

The alleged hackers acted “with the aim of making a profit for themselves or for others,” the court document says. The Italian police inquiry was aided by the US Federal Bureau of Investigation, which said the hackers targeted victims in the US and Europe.

Draghi’s e-mail at the Bank of Italy was hacked in the summer of 2016, according to the suspects’ arrest warrant issued by Rome pre-trial Judge Maria Paola Tomaselli. Draghi served as governor of the Italian central bank from 2005 to 2011. An e-mail account belonging to Renzi was also hacked, the document says.

The ECB, Renzi’s Democratic Party and the Bank of Italy declined to comment when contacted by Bloomberg. A person familiar with the matter said the Frankfurt-based ECB had no indication of a successful e-mail breach there.

Eni, Enel

Among the hackers’ targets were oil group Eni SpA, multinational power company Enel SpA and technology company Leonardo Finmeccanica SpA, the court document shows. Political parties, law firms, politicians and ministries were also targeted.

The suspects tried to obtain confidential and sensitive data, especially on banks, at the ECB in Frankfurt and at the Bank of Italy in Rome, according to a person familiar with the investigation, speaking on the condition of not being identified by name.

The two arrested are suspected of obtaining information on national security, serious illegal access to a computer system and illicit interception of computer communications in an investigation led by Rome prosecutors, an Italian police statement said.

Thanks to a wide network of computers infected with malware called “Eyepyramid,” the pair allegedly obtained from a large number of victims “confidential information and sensitive data over many years” which was stored on US servers, according to the police statement.

Italian police, working with the Cyber Division of the U.S. FBI, have seized the servers, it added. The FBI said in a statement recently that the US Justice Department also provided support to the inquiry.

The network targeted individuals who possessed particularly sensitive or strategic data, or “of particular value for those working in specific financial circles,” the statement said.

Bloomberg

Rome: Cyber Spying Rings Security Bells:      Italian Brother & Sister Cyber Spies Arrested

 

 

 

« Could Hackers Turn the Lights Out?
Tim Berners-Lee’s Vision For The Web - Things Need To Change! »

Infosecurity Europe
CyberSecurity Jobsite
Perimeter 81
Cyrin

Real Attacks. Real Tools. Real Scenarios.
Schedule a demo

Sign Up: Cyber Security Intelligence Newsletter

Directory of Suppliers

Resecurity

Resecurity

Resecurity is a cybersecurity company that delivers a unified platform for endpoint protection, risk management, and cyber threat intelligence.

TÜV SÜD Academy UK

TÜV SÜD Academy UK

TÜV SÜD offers expert-led cybersecurity training to help organisations safeguard their operations and data.

The PC Support Group

The PC Support Group

A partnership with The PC Support Group delivers improved productivity, reduced costs and protects your business through exceptional IT, telecoms and cybersecurity services.

NordLayer

NordLayer

NordLayer is an adaptive network access security solution for modern businesses — from the world’s most trusted cybersecurity brand, Nord Security. 

Alvacomm

Alvacomm

Alvacomm offers holistic VIP cybersecurity services, providing comprehensive protection against cyber threats. Our solutions include risk assessment, threat detection, incident response.

OASIS Open

OASIS Open

OASIS Open is where individuals, organizations, and governments come together to solve some of the world’s biggest technical challenges through the development of open code and open standards.

ODVA

ODVA

ODVA is a global trade and standards development organization whose members comprise the world’s leading industrial automation companies.

Onspring

Onspring

Onspring is the cloud-based platform of choice for governance, risk and compliance (GRC) teams and business operations experts across multiple industries.

SCADAfence

SCADAfence

SCADAfence offers cutting edge cybersecurity solutions designed to ensure the operational continuity of industrial (ICS/SCADA) networks.

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute (SSPI)

Slovak Security Policy Institute is an independent non-governmental organization that focuses on research and analysis of security challenges including defence and cyber security.

Ledger

Ledger

Ledger is a leader in security and infrastructure solutions for cryptocurrencies and blockchain applications using its proprietary technology.

GuardSI

GuardSI

GuardSI was created to protect companies from growing threats to security such as fraud, hacking, internal theft, accidents and human mistakes that can directly affect the business.

Absolute IT Asset Disposals

Absolute IT Asset Disposals

Absolute IT Asset Disposals is an IT asset disposal (ITAD) company providing safe and secure recycling of IT assets.

Futurae Technologies

Futurae Technologies

Futurae - enabling trust and invisible security for your users on all devices and applications. Strong customer authentication (SCA) made easy.

Horizon3.ai

Horizon3.ai

Horizon3.ai is a leader in security assessment and validation enabling continuous security overwatch from an attacker’s perspective through our NodeZero SaaS solution.

BlockAPT

BlockAPT

BlockAPT, empowering you with an advanced, intelligent cyber defence platform. We protect our customers digital assets by unifying operational technologies against advanced persistent threats.

Airiam

Airiam

Airiam provides cybersecurity, managed IT, consulting, incident response, and digital transformation services so you can focus on what matters most.

Core to Cloud

Core to Cloud

Core to Cloud provide consultancy and technical support for the planning and implementation of sustainable security strategies.

TeKnowledge

TeKnowledge

TeKnowledge enables governments and enterprises around the world to navigate the challenges with digital transformation today and tomorrow with elite cybersecurity protection and managed services.

Endari

Endari

Endari specializes in building cybersecurity maturity within the operational DNA of early-stage startups and SMBs.

Liquid C2

Liquid C2

Liquid C2 offers leading solutions to streamline workplace operations, secure cloud storage, rapid data recovery, and scale growth.