Now on Demand: Threat Detection and Incident Response (TDIR) Summit - All Sessions Available
Connect with us

Hi, what are you looking for?

SecurityWeekSecurityWeek

Cybercrime

Italy Says Two Arrested for Defense Data Theft

Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday.

The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare and global communications, according to its website.

Two people have been arrested for stealing defense data from the Italian aerospace and electronics group Leonardo, the interior ministry said on Saturday.

The company has a wide range of activities from naval electronics, network and protection systems, electronic warfare and global communications, according to its website.

Along with European partners, Leonardo is involved in the MBDA group that makes several kinds of missiles, for example.

“At the end of a complex investigation by the Naples prosecutor into a serious computer attack against Leonardo .. a former worker and a company director were arrested,” a ministry statement said.

A program inserted into dozens of work computers via a USB stick at the company’s plant in Pomigliano d’Arco, near Naples, allowed hackers to harvest data on projects, including strategic ones, over a two-year period.

The attack was uncovered by a computer crime unit at the prosecutor’s office, which issued arrest warrants for illegal access to a computer system, interception of IT communications and illegal use of personal data.

The head of Leonardo’s anti-hacking unit was also arrested for obstructing the investigation and providing false information on the nature of the attacks and their effects.   

Investigators said that from May 2015 until January 2017, the group’s IT system was targeted by an “Advanced persistent threat” led by a worker tasked with keeping the computers secure.

Advertisement. Scroll to continue reading.

They did not provide extensive details on which systems had been hacked

In January 2017, Leonardo officials uncovered abnormal data traffic from work stations that was generated by so-called malware dubbed “cftmon.exe“.

Hackers were able to intercept messages that were typed into the computers and capture images from their screens.

Some of the work stations were used to create strategic products and services for Italy’s defence.

A total of 94 computers were compromised, including 48 that belonged to companies working in the aerospace sector.

No less than 10 gigabytes of data, equivalent to around 100,000 files, were lifted from the plant in Pomigliano d’Arco, including information on components of civilian and military aircraft.

Written By

AFP 2023

Click to comment

Trending

Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Join the session as we discuss the challenges and best practices for cybersecurity leaders managing cloud identities.

Register

SecurityWeek’s Ransomware Resilience and Recovery Summit helps businesses to plan, prepare, and recover from a ransomware incident.

Register

People on the Move

Wendy Zheng named as CFO and Joe Diamond as CMO at cyber asset management firm Axonius.

Intelligent document processing company ABBYY has hired Clayton C. Peddy as CISO.

Digital executive protection services provider BlackCloak has appointed Ryan Black as CISO.

More People On The Move

Expert Insights