Italy’s cybersecurity agency recently uncovered a series of targeted hacker attacks against the websites of several major banks, causing temporary disruptions to their online services. The agency has identified these attacks as Distributed Denial of Service (DDoS) campaigns carried out by pro-Russian groups. The targeted financial institutions include Intesa Sanpaolo, Monte dei Paschi di Siena, BPER Banca, FinecoBank, and Banca Popolare di Sondrio.
In a DDoS attack, hackers flood a network with an abnormally high volume of data traffic to overwhelm and paralyze it, leading to service outages and website crashes. While some of the affected banks experienced brief website downtime due to the heavy traffic, their mobile apps remained operational, enabling clients to continue their transactions.The cyber attacks have been attributed to a hacktivist group known as NoName057(16). This pro-Russian group emerged in the wake of the 2022 Russian invasion of Ukraine and is characterized by its strong nationalist sentiment and support for Russia. NoName057(16) primarily conducts DDoS attacks against governmental and private entities in NATO member states and other European countries.
The group employs botnets, such as DDosia and previously Bobik, to execute its attacks. Botnets are networks of compromised computers or devices that are under the control of threat actors, allowing them to launch coordinated attacks without the users’ knowledge.
To counter the impact of these attacks, Italy’s cybersecurity agency has promptly extended assistance to the targeted banks. The agency’s efforts are aimed at mitigating the disruption caused by the hacktivist group’s actions.NoName057(16) operates through multiple Telegram channels and a chat group, using these platforms to communicate, coordinate, and possibly plan their cyber operations. This emphasizes the role of social media and encrypted messaging apps in facilitating the activities of such hacktivist groups.
As cyber threats continue to evolve and expand, financial institutions and organizations across all sectors must remain vigilant and invest in robust cybersecurity measures to safeguard their digital assets and protect their customers from potential disruptions caused by cyber attacks.