Italy: An AI Cyber-terror War Begins


___di  Fabio Giuseppe Carlo Carisio per VT Italia

While in Italy the witch hunt is pursued following the anti-fascist monotonous alarm the data on the Cyber ​​attacks of 2018 record exactly the opposite: that is a boom of hackers to the Ministries of the Republic since the League of Deputy Prime Minister Matteo Salvini is at the Government together to the 5 Star Movement. A coincidence that it is not known whether it is random because it was not the object of specific deepening at least in the public National Security Document, attached to the annual report to the Parliament, prepared by the Information System for the Security of the Republic of the Presidency of the Council of Palazzo Chigi that collects the work of the 007 of the Aisi, the Internal Information and Security Agency that replaced the Sisde, and of the foreign counter-espionage Aise,

The Italian Intelligence Organization System for the Security of the Republic

From this intelligence dossier  (full text at the bottom of the page ) it emerges that the cybernetic attacks on networks and websites of public bodies have increased by 6 times compared to 2017 but in particular those at the departments’ portals have grown by 306%. Even the websites of Palazzo Chigi in 2018 have suffered numerous attacks equal to 1% of the total while the Quirinale, perhaps defended by more powerful systems, none. The same 007 and related national agencies have suffered 3% of the cyber attacks. To operate them especially anarchoid activists followers of Anonymous (66% of cases) engaged in propaganda activities but also cyber-spies (20%) and, as new attackers, terrorist groups for proselytizing: equal to 5% of the total.

Palazzo Chigi in Rome, seat of the Presidency of the Council

A type of attack that was almost non-existent until the year before or probably had not been detected given the complexity of the identification work. These few lines summarize a very alarming relationship also because it did not find space in the main national media but not even in the first issue of 2019 of the specialist quarterly magazine Gnosis, managed by Aisi itself: focused on debating, with para-Masonic theosophy, on history of religions and Christianity rather than exploring a hacker emergency that is difficult to manage and embarrassing to admit. On the other hand, in the newspapers, there was ample room for violations of the Pec certified email boxes of Courts of Appeal and Courts which took place in November 2018 and were repeated in early May 2019.


To a very serious cyber attack the document of the secret services dedicates a card to itself: “On November 13, 2018, the National Anti-crime Informatics Center for the Protection of Critical Infrastructures (CNAIPIC) of the Police Department reported to the Unit Alerting Unit for Cyber ​​Security (NSC) a cyber attack to a certified electronic mail service provider (Pec). 

The attack has affected about 3,500 domains for a total of 524,000 users, between public and private subjects, resulting also in a temporary interruption of the IT services of the judicial offices of the Court of Appeal districts. The NSC – constantly informing the President of the Council of Ministers – has therefore provided, in close collaboration with the Ministries of Justice and Defense, with the CNAIPIC and with the Italian CSIRT, to activate a cybernetic protection plan that has allowed to mitigate the damages and to proceed to the restoration of the functionalities ». 

Another very serious attack took place last May 8 in Central and Southern Italy against Pec lawyers’ boxes. The alarm was sounded by the president of the Bar Association of Bari, Giovanni Stefanì through Repubblica: “They violated – he explained – the system of one of the Pec operators most used by lawyers, finding the user ids and passwords of first access ». But as reported by the same newspaper the hacker attack would have potentially involved the whole Italian territory. “In Rome it involved 30 thousand lawyers, including the mayor Virginia Raggi” highlights the newspaper. to activate a cybernetic protection plan that has allowed to mitigate the damages and to proceed to the restoration of the functionalities ».


The International Book Fair of Turin, acting as the Health Committee of the Regime of Terror of the French Revolution (hatched by enlightened Masonic atheists against the Christian aristocracy), has recently launched its jihadist fatwa censoring the self-styled fascist publisher and denying an alternative thought to that of the democratic left: daughter of that Communism that made and makes holocausts worse than Nazism in history. But the real danger of an ideological matrix comes from very different parts and uses the Cyber-War, the cyber war (also called cyber warfare because it is not openly violent), which in 2018 hit the web sites of public bodies in a lesser way those of multinational energy companies, various companies or private individuals.

“In an international scenario in which the confrontation between actors and geopolitical alignments has taken on more and more bitter tones, the cyber – with its characteristics of widespread availability, accessibility, high” economic convenience “and reduced detection risks – has been confirmed for some He was one of the tools to be used to pursue strategic objectives – writes SISR in the introduction to its 2018 National Security Document published in February 2019 – The growing emphasis on the issue by Governments and international Organizations (primarily , NATO and the EU), increasingly committed to providing, in the field of defense and security documents, the strengthening of cybernetic structures in terms of both defense and offense ».As the Italian Intelligence analysts explain, the attitude of the States has been differentiated: “while some Governments have proposed the adoption of” advanced defenses “others have intervened by publicly assigning digital campaigns to some States (or to the connected devices government), in order to raise the “costs” for the conduct of such activities through the public display of those responsible and the imposition of sanctions “.in order to raise the “costs” for the conduct of such activities through the public presentation of those responsible and the imposition of sanctions “.in order to raise the “costs” for the conduct of such activities through the public presentation of those responsible and the imposition of sanctions “.


The controversy over the phantom pre-trial interference by Russian hackers or the nightmare of the 5G system in the hands of the Chinese multinational Huawei has produced rivers of journalistic articles often full of opinions and assumptions rather than facts and news. Alarms with much less substance than cyber attacks, ignored by almost all Western media, with which the electricity grid in Venezuela was targeted throughout the month of March with ongoing blackouts and very serious damage to citizens left without electricity and drinking water for days, among which at least 30 victims were registered in hospitals due to the sudden lack of electricity.


Attacks that Nicolas Maduro attributed without fear to the United States of America: the US Army can indeed boast the Cyber ​​Command (CyberCom) with its headquarters in Fort George G. Meade in Maryland and the Network Enterprise Techonology Command (NetCom) of Fort Huachuca in Arizona. But Washington also has numerous suppliers among the first American arms and defense system multinationals now specialized in cyber protection and sabotage. Because we know that any dirty work is always better to contract it to a private holding company …


The words of the SISR report, despite being general and having been written in unsuspected times because they predate the hacker attacks in Venezuela, well describe the reasons for the public alarm launched by the Caracas Government: “The goal in all these cases was the one to put in place forms of deterrence and deterrence in an attempt to undermine that sense of impunity and the unscrupulousness that have so far constituted the figure of the most active hostile actors “. These phrases of the Italian secret services appear to be prophetic in describing, unwittingly, the activities of the US, NATO allies, in an attempt to Golpe in the Caribbean country. But let’s go back to Italy and see the complete picture of cyber attacks.



“In 2018, both operations for the purpose of espionage and campaigns of influence / interference aimed at fostering social tensions or increasing the political instability of some countries in the Euro-Atlantic area have been attributed – the Italian secret services write – In the reference period, moreover, an increase in the quality and complexity of some types of attack was detected, with the synergic use of all the most advanced technological information search tools. The evidence gradually collected on the threat, brought directly to the infooperative activities carried out by AISE and AISI under the reinforced coordination of the “core” component of the DIS, were made available, with the necessary measures to safeguard the development of cyber operations and avoid any , further damage to the targets “. The Dis is the Department of Security Information which refers directly to the President of the Council.

Type and purpose of the Cyber ​​war according to the Aisi report

“The purposes of the attacks, perpetrated mainly for propaganda purposes (approximately 73%), appeared to be consistent with the renewed vigor – both ideologically and operationally – of the hacktivist movement, which continued to be characterized by the tendency to select the targets exclusively according to the type of vulnerabilities found, exploitable with reduced technical capabilities and with a low expenditure of resources. Although marginal in numerical terms (12%), the purpose of espionage has recorded a considerable increase, especially to the detriment of institutional and industrial assets “.


«As for hacktivism, in which minor acronyms have continued to operate under the aegis of the more well-known digital collective“ Anonymous Italy ”, the most meaningful sorties concerned the start, or the continuation, of a series of operations, including referred to as “#OpBlackWeek”, with the online publication of data filtered out by systems of institutions operating in the sectors of Education, Labor, Healthcare, Trade Unions, Law Enforcement, Municipalities and Regions – write the 007 Italians – The activism of individuals / groups attributable to cyber-terrorism was confirmed to be of limited significance, with the use of social platforms and messaging applications mostly for propaganda and proselytizing purposes recorded also in 2018 “.

Statistics on the perpetrators of hacker attacks according to the Aisi report

The 5% percentage referring to attacks by terrorist groups that appears in the 2018 statistic but was absent in that of 2017 is immediately justified: «In terms of method, it must be emphasized that confidentiality requirements on the numerical entity of the detected threats impose the transposition only in percentage values ​​and that the significant increase in attacks recorded in 2018 must be ascribed mainly to the greater detection capacities and to their more accurate classification and systematization, which made it possible to obtain a more granular mapping of the cyber threat scenario in Italy » . Given the damage caused by the excesses of secrecy in the peninsula we would have to comment at length on the choice not to publish even the arid numbers …

“As far as hostile actors are concerned, the trend of 2018, in line with that of recent years and in line with what has just been described, has identified hacktivism as the most consistent threat (66%), at least in numerical terms . This data must be ascribed to the phase of particular ferment that has affected the aforementioned Anonymous Italy, LulzSec ITA and AntiSec ITA, characterized by a renewed capacity to plan hostile campaigns and the search for greater independence from third-party technological resources – they add the services secrets – State-based attacks (20%) have remained almost unchanged, as well as the residual attempts at computer intrusion referable to terrorist groups (5%), finalized, the latter, mainly to the defacement of websites affected by easily exploitable vulnerabilities, a symptom of the possession of a limited know-how by those formations ». In reality, the attack by state-government subjects has increased by 6% compared to 14% in 2017, which is not really a small change …


«From the data of the period in question emerges a total number of hostile actions more than quintupled compared to 2017, mainly to the detriment of the computer systems of central and local public administrations (72%). A more in-depth analysis of the events that affected public bodies shows an increase of over six times (+ 561%) compared to the previous year ».

The objectives of the Cyber ​​attacks in the Aisi analysis of 2017 and 2018

This is the worst news of the entire report that raises the alarm above all with regard to the attacks against the Dicasteries of the Italian Republic: “A significant increase in attacks against ministerial networks was noted (24% of hostile actions, up 306 percentage points) and against IT infrastructures attributable to local authorities (39% of the total for the period in question, with growth in absolute terms equal to about 15 times). The aforementioned activities are to be ascribed largely to hacktivist actions, including the aforementioned “#OpBlackWeek” campaign, aimed at discrediting the national institutions, by the main crews active in the Italian scene: Anonymous Italy, LulzSec ITA and AntiSec ITA .

The two deputy premieres Luigi Di Maio (M5S) and Matteo Salvini (Lega)

As noted in the incipit of this article it is singular that the boom in cyber attacks occurred precisely in the year of the radical political change thanks to which the League of Deputy Prime Minister and Interior Minister Matteo Salvini became the first party, in clear contrast with the former leftist establishment, which elected two Democratic Party Presidents, and especially with progressive and post communist protest movements.

“To the same collectives is to be attributed also a conspicuous number of attacks – more than tripled compared to 2017 – to the detriment of private subjects, afferent mostly to the telecommunications sectors (6%) and transport (6%, tripled compared to 2017 ), with a particular focus on operators in the energy sector (11%) and their suppliers (the latter included in the “Other” category), in line with the international re-launch of the “#OpNuke” and “#OpGreenRights” campaigns: the first, born as a form of protest for the development of nuclear energy, the second, implemented in favor of the use of sustainable energy sources “.


«From the monitoring of the Techniques, Tactics and Procedures (TTPs) used, an increased level of complexity and sophistication of the actions emerged, the combined use of offensive tools developed ad hoc with those present in the target systems used in a hostile manner, as well as the“ reuse “Of malicious objects (malware) in order to bring the matrix back to other actors (so-called false flag operations).

In this context, the most significant effort made by the Sub-fund concerned the contrasting of digital espionage campaigns, most of which are probably attributable to structured hostile groups, contiguous to government apparatuses or which have received strategic guidelines from them and financial support – reports the dossier – With regard to the aims pursued, the attacks aimed, on the one hand, to steal information relating to the main international security dossiers, and, on the other, to damage the information systems of operators, even national, active in the Oil & Gas sector, as well as those of representatives of the Italian academic world, as part of a global campaign aimed at profiling sectors of excellence in universities and research centers “.

For cyber-espionage actions, commercial IT services (web domains, hosting services, etc.) were used, provided by providers located in different areas, to make the identification process difficult, while which carriers were used mostly « to spear-phishing techniques, which have once again guaranteed high success rates for intrusive actions, as well as the persistent, scarce awareness of the victims ». Attacks, however, preceded by a long activity of “analysis of digital habits”.

Among the popular methods there are the “Bug Hunting, consisting in the scanning of networks and systems in preparation for the exploitation of known vulnerabilities”, “SQL Injection (about 68% of the total)” or the inoculation of infected codes in data management sites with the inclusion of malicious http strings, the use of malware (about 4%) and password cracking tools (2.5%).


Precisely because of a greater coordination between all the governmental and investigative apparatuses involved, «the initiatives adopted to consolidate the security of the aforementioned structures were multiple: from the operational start-up of the Cybernetic Security Unit (NSC), the link between the administrations holding specific competences in the matter, to the nomination of a dedicated reference figure, in the person of a Deputy Director General of the DIS (Department of Information for Security) »adds the Aisi report in reference to the choice of Professor Roberto Baldoni, expert of CINI, Consortium National Interuniversity for Information Technology, which on 21 February presided over the first operational meeting of the NSC. This body meets on a monthly basis “in terms of prevention, preparation,

The Cyber ​​Security Nucleus has already implemented an extremely varied action plan in which it has had particular importance “the national participation in cyber exercises among which the” Cyber ​​Europe 2018 deserve special mention – aimed at increasing the capacity for reaction and intervention of the EU States – and the “European Union Hybrid Exercise-Multi Layer 2018 Parallel and Coordinated Exercise” (EU HEX-ML 18 PACE), addressed to EU institutions and states, as well as to NATO countries, in order to verify their management capacities of hybrid attacks, including the cyber component, against critical infrastructures of various sectors “.

Roberto Baldoni, deputy director of the Department of Security Information

There are countless other initiatives described in the plan which refers to the collaboration with the Agency for Digital Italy (AgID) for safer ITC services and the development of synergies with the Ministry of Economic Development and other subjects «also through the stipulation of a protocol between DIS, AgID and Confindustria »and« the launch of an initiative, in agreement with the Guarantor for the protection of personal data, aimed at facilitating the harmonious implementation of the regulations in force concerning computer security by of the private actors concerned “. To this is added an obvious contribution by the new deputy director Baldoni with “the creation, within the National Interuniversity Consortium for Computer Science (CINI), of a National Laboratory of Artificial Intelligence and Intelligent Systems (IA&SI),

Whether or not AI is a digital boomerang weapon, we’ll find out only in a few years. The impression is that the international intelligence systems are still based on the strategic role of people and that in the ramifications of the organization SISR, CISR, DIS, AISI, AISE are so many as to make genuine security very scattered and fragile. It is enough to reflect on the recent statements of the former 007 Bruno Contrada, number three of the Sisde,


Or think of the former president of Sicilian Confindustria Antonello Montante just condemned by the Gup of the Court of Catltanisetta to 14 years in prison for the charges of “criminal association aimed at corruption” and “abusive access to computer system” (information of the secret services) . Or even O finally to the three agents, including one from the Trapani Dia, who ended up in handcuffs for the revelations to former Sicilian deputy Giovanni Lo Sciuto, arrested for shady deals in a Masonic lodge in Castelvetrano …


The impression is that computer hyper-protection, exaggerated digitalization and artificial intelligence can only be new tools to allow states, governments and spies equipped to file and monitor free thinkers rather than terrorists: since the kamikaze imam of the massacres in Sri Lanka dialogued with ISIS jihadists in Syria thanks to military encryption codes. Given that the fake lawyer arrested in Buenos Aires for extortion was found in possession of sophisticated equipment used only for the counter-espionage of the Mossad of Israel or the Nsa of the United States of America. And it was among his CDs that the judge found the White House plot against Venezuela.


Without forgetting the tycoon of Sri Lanka Allirajah Subaskaran, owner of the commercial telephone company LycaMobile, among the largest anonymous CardSIM retailers in the world, forbidden by the Anti-terrorism laws in Italy (but not in other countries of the European Union and the world) precisely because they make it difficult to identify the user, even when they are used for hacking activities.


He is a wealthy Muslim film producer from Sri Lanka with British citizenship, resident in London, evader of VAT in Rome with LycaMobile Italy, investigated in France, finished on the cover of the Islamic financial magazine with an ambiguous name Isfire, financier of a former premier of His Majesty but also of the most important Sunni NGO Muslim Aid …

Fabio Giuseppe Carlo Carisio

Due to the nature of independent content, VT cannot guarantee content validity.
We ask you to Read Our Content Policy so a clear comprehension of VT's independent non-censored media is understood and given its proper place in the world of news, opinion and media.

All content is owned by author exclusively. Expressed opinions are NOT necessarily the views of VT, other authors, affiliates, advertisers, sponsors, partners or technicians. Some content may be satirical in nature. All images within are full responsibility of author and NOT VT.

About VT - Read Full Policy Notice - Comment Policy