Home » Countering the cyber threat. The Italian and European approaches
Technology and Security

Countering the cyber threat. The Italian and European approaches

National cybersecurity Agency
The EU’s National Cybersecurity Agencies and government representatives are coordinating on a response to the consequences of the Ukrainian crisis. The Italian NCA is on it, too: Director Baldoni spoke with COPASIR, while Deputy Director Ciardi detailed the Italian response

The war in Ukraine has confronted the European Union with a “paradigm shift” in the digital environment, noted by Luukas Ilves, Undersecretary for Digital Development of the Estonian government. The comment was picked up by the Wall Street Journal at the informal meeting of European telecommunications ministers in Nevers, France, on March 8 and 9.

The event’s agenda was radically reshuffled in light of the Russian invasion of Ukraine, shifting towards resilience of infrastructure and networks, protection of cyberspace and combating online disinformation. Representatives from all 27 EU member States, as well as Switzerland and Norway, were in attendance. Italy was represented by Stefano Verrecchia, Deputy Permanent Representative to the EU.

They eventually produced a declaration to strengthen the EU’s cybersecurity capabilities, along with a request, addressed at the Commission, to create a new fund and increase existing European funding to support Member States’ efforts for a market of trusted service providers. 

Recent cyberattacks targeting Ukraine have demonstrated how important the cyber dimension is in today’s conflicts, noted the document, before focussing on the “possible spillover effect of such cyber attacks on European networks.”

COPASIR and the NCA’s Baldoni

In the same hours as the event, the Italian Parliament’s intelligence oversight committee (COPASIR) was auditing Roberto Baldoni, director of the National Cybersecurity Agency. The authority had recently issued an urgent warning about the possibility of cyber attacks against the Italian government and the industry, especially health care companies and hospitals.

While the secret services are responsible for reporting incoming threats to the NCA (their recently released annual report states that cyber attacks by State actors are on the rise), the latter is responsible for ensuring the resiliency of the national system, and ultimately render it capable of preventing the greatest number of attacks and mitigating the effects of successful ones.

The president of COPASIR, Senator Adolfo Urso, later noted that the authority and Mr Baldoni had compared the Italian initiatives and those of other EU countries. They also discussed “the use of products, mainly software, made by Russian companies in our countries’ technological landscape,” with a direct reference to Kaspersky.

CSIRT and the NCA’s Ciardi

While the leader of the NCA was at the COPASIR audit, his Agency’s Computer Security Incident Response Team (CSIRT) released a new warning about a vulnerability with high estimated impact that could be exploited to conduct DDoS attacks, which are among the most widespread in and around the Ukrainian conflict.

“According to our information, as well as national and international partners, the current level of cyberattacks in Italy, though worrying, has not gone beyond the security threshold,” said the NCA’s Deputy Director Nunzia Ciardi. Speaking at a Formiche Live Talk on Thursday, she noted that the Agency was in constant coordination with its Western counterparts, including through the EU’s Cyber Crises Liaison Organisation Network (CyCLONe).

With the Ukrainian conflict ongoing, Ms Ciardi remarked that Rome was as exposed to threats as all other EU and NATO members who’d supported Kyiv in its struggle against Moscow. Such threats could either be a directly-aimed cyberattack or a collateral menace – as with NotPetya, the 2017 malware unleashed against Ukraine that ended up contaminating several other countries, and “ordinary” cybercriminals taking advantage of the crisis and take aim at sensible targets to have a better chance at monetising their attacks.

Nevertheless, as the Ukraine scenario is in constant evolution, the NCA is following it “with the highest alertness” and has propped up cyber defences for at-risk entities. The cyber domain, she continued, cannot be distinguished from the physical ones: every modern conflict is “ever more hybrid and multi-domain.” And the risk is growing, as shown by the existence of self-trained AI malware or ransomware operations targeting critical infrastructures, such as power stations or the healthcare system.

Subscribe to our newsletter