The Italian foreign ministry recently confirmed Russia’s involvement in the hacking attack on government’s field offices in February. The ministry said that the malware attack that took place between 2013 and 2016 is worse than first thought and lasted years, not months. The hackers allegedly used a malware tool with apparent links to the Gru, Russian military intelligence.
In February, the ministry ordered an inquiry into the breach that compromised the field offices’ email systems and affected thousands of email communications. The malware went undetected for over four months, but, according to the officials, didn’t affect any sensitive encrypted data. However, the attack did reportedly compromise Italy’s mission to the EU as well as NATO and Ecofin meetings. There was also heavy traffic reported when some other sensitive issues were discussed.
It was suspected at that time that Russia was behind the attack. “There were no attacks on the encrypted level. So the information – delicate, sensitive information – that is usually shared in this net, which is restricted by code, has never been attacked or part of this attack,” a government official told The Guardian. However, Moscow denied the accusation, saying Italian ministry had “no facts”.