by John Philips
THE INDEPENDENT
Up to 200 police officers and former intelligence operatives are being investigated by Italian magistrates on charges of organising an illegal “parallel” police force to combat terrorism.
The shadowy group appears to have set itself up as a private security firm, offering protection to senior figures, and illicitly using official police resources. Its leaders have been accused of “usurping” public functions and illegal usie of classified data.
Judge Francesco Lalla, Genoa’s chief prosecutor, said the self-styled “Department for Anti-terrorist Strategic Studies,” (Dssa) maintained an arsenal of weaponry, stored by its accused commanders Gaetano Saya and Riccardo Sindaco, both with links with the Italian far right. The revelations have heightened many Italians’ unease about the strategies of the government of Silvio Berlusconi, the Prime Minister, against Islamist terrorism.
Judicial sources said the Dssa recruited from police, paramilitary carabinieri, finance police and the armed services and presented itself to Italian institutions as well as potential recruits as an elite body specialising in fighting Islamic and Marxist terrorism.
Mr Saya, now under house arrest, had applied for €32m (£21.6m) in European Union finance and had allegedly sought contact with the Vatican to try to obtain a contract to protect of Pope Benedict against terrorist attack.
Magistrates focused on the Dssa after it allegedly claimed to have a video of the murder in Iraq of the Italian hostage Fabrizio Quatrocchi and tried to sell the footage. Investigators are trying to determine what official support the organisation may have had.
The Interior Minister, Giuseppe Pisanu, has suspended dozens of police officers who joined the network. But Carlo Taormina, an MP from Mr Berlusconi’s Forza Italia party, insists Dssa was a bona fide security company with nothing to hide and “the high commands of the police and intelligence services were aware of its existence”.
Il Messaggero quoted an investigator who said it was particularly disturbing that phone intercepts suggested Dssa members had been planning to kidnap Cesare Battisti, a Red Brigades activist living in exile in Paris. “We were seeing the genesis of something similar to the death squads in Argentina,” the magistrate is reported to have said.
The group was charged with making unauthorised use of interior ministry data bank information as well as equipping cars with sirens and flashing lights and the official “lollipop” sticks, used by Italian police to stop traffic or wave as they break traffic regulations.
Gilberto Di Benedetto, an associate of Mr Saya who acted as a middleman with the Vatican, said most members had joined the Dssa in good faith, despite its farcical aspect. “There were people who were hoping for power or to become private investigators, but there also were many police officers and sergeants who believed the Dssa would advance their careers,” he said.
La Repubblica newspaper quoted Michael Scheuer, a former CIA agent and head of the “Bin Laden unit” at CIA headquarters in Langley, Virginia, until last November, as saying the head of Italy’s military intelligence agency Sismi had authorised the CIA to abduct Abu Omar, a militant Islamic cleric who was flown from Milan to Egypt and reportedly tortured.
Mr Berlusconi’s government denies knowledge of the affair, which became public after Milan magistrates issued arrest warrants for 13 CIA agents.
It’s mega-hack time again. Although this isn’t like most mega-hacks. The actually number of people impacted is relatively small. But the impact could certainly be ‘mega’-league. At least when it comes to Italy’s political stability: multiple sensitive databases maintained by the Italian Interior Ministry have been hacked by a private intelligence outfit that has been selling confidential information on powerful Italian figures for at least the last 5 years. Impacted politicians include Prime Minister Georgia Meloni and former Prime Minister Matteo Renzi. The hack is being characterized as a threat to Italian democracy, with Foreign Minister Antonio Tajani warning how information of this nature is often used as leverage in “internal and political battles”.
The private intelligence firm before the hack, Equilize, is a Milan-based company run by former top police officer Carmine Gallo. The overall operation appears to have been managed by Enrico Pazzali, president of Fondazione Fiera Milano, an Italian trade fair and conference operator. Four people are under house arrest, with around 60 under investigation.
The actually data appears to have been stolen thanks to a team of moles working in the Interior Ministry under Nunzio Samuele Calamucci, a 44-year-old IT consultant who previously boasted of hacking the Pentagon as part of the Anonymous hacking collective. It was Calamucci’s team that was tasked with creating and maintaining these databases for the Interior Ministry. By night, the team reportedly downloaded the data on behalf of Equalize.
So what kind of information was stolen? We’ll, we’re told one of the databases logged suspicious financial activity, another traced private bank transactions and a third housed police investigations. According to wiretaps, Calamucci bragged about having stolen information on over 800,000 people. The data was, in turn, used to blackmail entrepreneurs and politicians, we are told by investigators, with €3.1 million in illicit proceeds was earned through the sale of this information.
It’s a big deal. But not the only big deal to hit Italy’s political establishment in recent weeks. There was another ‘mega-hacks’ of this nature that was also uncovered: the accounts of roughly 3500 Italians at the country’s biggest bank, Intesa Sanpaolo, were illicitly accessed by a rogue employee. The account holders range from Prime Minister Meloni to former Prime Minister Mario Draghi.
It remains unclear if this second story is at all related to the Interior Ministry hack. It’s also not really a story about a hack. Instead, it appears a bank employee in the bank’s agricultural department is solely responsible for roughly 6,600 illicit views of those accounts. The views took place from February 2022 to April 2024. It sounds like the bank’s internal controls never detected the activity because it was spread out over 500 working days and the employee technically had the authorization to view all of the accounts. We’re also told no information was downloaded and the employee claims to have done it purely out of curiosity.
Is it just a coincidence that a story about the improper accessing of the financial records of thousands of prominent Italians is hitting right around the same time we’re learning about this Interior Ministry mega-hack/blackmail operation? Who knows, but it’s worth keeping in mind that just because no records were downloaded from Intesa Sanpaulo that doesn’t mean no information was stolen. The banker could have simply confirmed things about accounts to a third-party. Or taken screen shots or photographs of the screen contents without downloading anything. There’s a range of possibilities.
Also keep in mind that what we’re looking at here — the illicit looting of sensitive government information for blackmail purposes — is the kind of scenario the US is aggressively inviting with the prospects of Donald Trump returning to the White House to implement the Schedule F/Project 2025 scheme, which will entail putting many of the least qualified people imaginable in positions of responsibility of one sensitive government database after another. People whose primary qualifications are a willingness to sign loyalty pledge to Donald Trump. Just imagine how much information with blackmail potential we can expect to see pilfered under the kind of partisan looting scenarios the US is courting. And that’s all why, on one level, this is an unfolding story about an Italian political nightmare. But for the United States, it’s more of a preview:
“The compromised material included information from the Ministry of Interior archives, which were allegedly accessed more than 50,000 times by a private investigative firm, and targeted former Prime Minister Matteo Renzi and Senate President Ignazio La Russa, a close ally of Prime Minister Giorgia Meloni, according to local media reports.”
A private intelligence firm was accessing Interior Ministry archives sensitive secrets on powerful people? That sounds like a pretty big deal. Especially since this illicit accessing of these archives took place for around 5 years, from 2019 to 2024. Whatever juicy secrets there was to be found, they were probably found, with the archives getting accessed more than 50,000 times. It sounds like kind of scandal that can take down a government. Alarmingly, we have Foreign Minister Antonio Tajani warning how information of this nature is often used as leverage in “internal and political battles”. So while this sounds like an unprecedented story, there appears to be quite a bit of precedent. It’s just the scale that’s perhaps unprecedented:
So what do we know about the private intelligence firm behind this? Well, as the following piece describes, the hack appears to have been the handywork of a mole working in the Interior Ministry: Nunzio Samuele Calamucci, a 44-year-old IT consultant who has been leading a team of software engineers in creating and maintaining databases for the ministry. Calamucci also has the distinction of previously boasting about having hacked the Pentagon with Anonymous. Yes, the hack was carried out by self-described former member of Anonymous. But it doesn’t sound like the hack required very sophisticated hacking techniques. Instead, it appears that Calamucci’s team planted malware on the ministry’s servers that gave them remote control and proceeded to secretly export the data in the evenings. The hacked databases included logs of suspicious financial activity, private bank transactions and even police investigations. The private intelligence firm that received the stolen data, Equalize, is run by a former top police officer, Carmine Gallo, who operates under Enrico Pazzali, president of Fondazione Fiera Milano, an Italian trade fair and conference operator. It’s an interesting set of culprits.
It’s not clear what the motive has been beyond making a profit. And that profit was, in turn, made by selling the information to clients or blackmailing entrepreneurs and politicians. We’re told €3.1 million in illicit proceeds was earned through the sale of the information. Calamucci and Gallo have already been arrested, along with two other individuals: private investigator Massimiliano Camponovo, and Giulio Cornelli, the owner of a tech and security firm. And it’s not hard to imagine the investigation is going to get a lot bigger, with Calamucci apparently having bragged about having information on 800,000 people:
“The breach was allegedly run by a private investigations company called Equalize, run by former top police officer Carmine Gallo under the auspices of Enrico Pazzali, president of Fondazione Fiera Milano, an Italian trade fair and conference operator.”
A former top police officer ran the private operation under the auspices of an Italian trade fair conference operator. It’s an interest collection of culprits. Will mafia ties emerge in this investigation? If not, who is the ultimate entity behind this operation? It’s hard to imagine this was purely the work of a retired cop and a trade fair conference operator:
But also note the remarkable background of the figure who appears to have played a key role as the insider ‘mole’ in the Interior Ministry: IT consultant called Nunzio Samuele Calamucci had been tasked with leading a team of software engineers in creating and maintaining databases for the ministry. Previously, Calamucci claimed to have hacked the Pentagon as part of Anonymous. So a former Anonymous hacker is reportedly the lead insider mole in this operation:
It’s already a sprawling investigation, with 60 people under investigation. All indications this is a story that’s going to get a lot bigger before it’s over.
And that brings us to the following other story about elite spying that has also rocked Italy’s political scene over in recent weeks: a banker at Intesa Sanpaulo has been caught improperly viewing the client accounts of a large number of prominent Italians, including Prime Minister Meloni and her sister, along with her predecessor, Mario Draghi. The accounts of around 3500 Italians were viewed roughly 6,600 times in total, from February 2022 to April 2024. The banker, who worked in the bank’s agricultural department, did have authorization to access the accounts and apparently never downloaded any data. Instead, he claims to have been motivated purely by curiosity:
“Prime Minister Giorgia Meloni and her sister Arianna’s accounts are among those allegedly hacked, as are those of numerous prominent Italian political figures, such as Senate President Ignazio La Russa, Defence Minister Guido Crosetto, Tourism and European Affairs Minister Daniela Santanchè and Italian European Commissioner-designate Roberto Fitto.”
It’s not just Prime Minister Giorgia Meloni and her sister whose accounts were ‘hacked’. At this point the question is which prominent Italian politicians weren’t potentially impacted by this hack.
Except it doesn’t appear to have been an actually hack. Instead, this was a bank employee who apparently did little to hide his excessive curiosity. From February 2022 to April 2024. Keep in mind that Meloni became Italy’s Prime Minister in October of 2022, so this activity started well before her time in office:
And as the following article describes, it appears that the reason this employee was able to surreptitiously look through around 3500 accounts before getting caught is simply by only looking at a few accounts each day and only looking once or twice at each account. That’s the picture that’s emerging, with the employee having looked at the accounts of around 3,500 customers about 6,600 times, spread over 500 working days. 11 or 12 rogue peeks each working day. It also sounds like the employee had authorization to access all of these accounts and no data was ever downloaded. Now, just because no data was downloaded that doesn’t mean no data was stolen. Screen captures or photos of the screens could have been gathered, for example. Or maybe this employee was just confirming or not certain financial details that had already been suspected on targeted individuals. Or maybe this really was just a very curious bank employee. We have no idea at this point. But it’s quite a coincidence that we got all these reports about the bust of this elite hacking ring right around the same time we’re learning many of these prominent Italians had their financial records spied on by a seemingly overly-curious banker:
“An Intesa employee at a branch in the small town of Bitonto, close to Bari in the Puglia region, is alleged to have accessed the current account data of around 3,500 customers, including many high profile figures such as Meloni and her predecessor Mario Draghi between February 2022 and April 2024.”
It wasn’t just Georgia Melona. Her predecessor, Mario Draghi, had his accounts illicitly accessed too. And yet, at this point in the investigation, it appears this employee did have authorization to view all of these accounts and it’s still unclear as to whether or not any data was actually taken:
If this really is how this ‘hack’ was carried out, you have to wonder how many other bankers have engaging in exactly this kind of ‘curious’ activity. Was this banker the only one who knew how to do this under the radar? If not, it’s not hard to imagine there’s a lot more cases like this. And not just at this bank.
But also keep in mind that this story is pointing to a shockingly thriving blackmarket for blackmail materials that shouldn’t be assumed to be just an Italian phenomena. How prevalent is blackmail, especially political blackmail, these days, with so much sensitive information just a hack away?
And who was doing the blackmailing here? We’ve only heard about the private intelligence firm. We know nothing about their clients. This feels like the kind of story that could get a lot bigger. Or the kind of story that gets quietly dropped entirely because it’s just too big for a society to face.
It’s official: Benjamin Netanyahu won the US 2024 election. The candidate who will effectively give him a green light to conduct the growing conflicts in the Middle East — and maybe even get the US directly involved in some new ones — will be returning to the White House in January. And this time it happened without any ‘foreign assistance’, like the still unexplained ‘assistance’ provided by Netanyahu to the 2016. Recall that March 2023 report by James Bamford about how it was a close Netanyahu aide who was providing Roger Stone with updates on the plans of the ‘Russian hackers’ to distribute hacked information to Wikileaks. The kind of report that strongly suggests it was ultimately Netanyahu’s office that was the source of the DNC hacks and subsequent dissemination of those hacked materials to Wikileaks. Nothing like that happened this year, and yet, it’s hard not to imagine that Trump is still very thankful to Netanyahu for all thaat covert 2016 campaign ‘assistance’.
How will that secret ‘favor’ shape the unfolding conflicts in the Middle East over the next four years? It’s one of the many ominous questions looming over the many geopolitical conflicts an increasingly fascist Donald Trump will now be tasked with managing. And that brings us to a fascinating update to a story that broke shortly before the US elections in Italy: the story of the Italian ‘mega-hack’, where a private intelligence firm was found to have stolen sensitive government databases and sold information on powerful figurs for the last five years. Figures including Prime Minister Georgia Meloni and former Prime Minister Matteo Renzi. The hack was described as a threat to Italian democracy.
Well, we’re now learning a bit more about some of those clients: it turns out Israeli intelligence was hiring the firm to conduct hacking operations, with the idea that the hacked information would also be shared with the Vatican. That’s the picture emerging in reports describing how the man accused of orchestrating the scheme, Nunzio Samuele Calamucci, met with two Israeli agents in February of 2023 to discuss a task worth €1 million. The targets of the operation were Russian oligarchs, including someone described as Vladimir Putin’s unidentified “right-hand man,” as well as financial trails leading from the bank accounts of wealth figures to the Wagner group. Keep in mind that the description of Putin’s “Right-hand man” is rather unclear. On the one hand, a man described as Putin’s “right-hand man”, Nikolai Patrushev, is assumed to have ordered the assassination of Wagner Group founder — and former close Putin ally — Yevgeny Prigozhin. But Prigozhin was long seen as a kind of Putin ‘right-hand man’ before their falling out. Also keep in mind Prigozhin died in August of 2023, so he still could have been a target during that February 2023. So were they targeting Patrushev? Prigozhin before he was assassinated? Someone else? We don’t know at this point, this it’s a pretty remarkable revelation. All the more so given that the Vatican was reportedly also to receive this hacked content as part of the operation. Interestingly, we’re also learning that the servers used in this hacking operation were located in Lithuania, the UK, and the US.
Beyond that, we are told the Israelis suggested a partnership to exchange information, offering “all of the original documents” from the EU’s so-called Qatargate. In other words, this wasn’t just a one-way relationship. The Israelis were offering this private firm intelligence of their own. Presumably to be resold in this black market.
So is this normal for modern spy operations? Because we’re talking about Israeli intelligence hiring a private Italian intelligence firm — a firm now know for acquiring vast repositories of political blackmail material — to hack Russian oligarchs and shared the information with the Vatican. International cooperation in spycraft is nothing new, but this is still a remarkable story. Or is it all that remarkable? That’s the big question at hand beyond the immediate implications to Italy’s democracy: how atypical is this kind of story? Are private political blackmail firms just a regular thing routinely shaping governments that no one talks about? Or is this a novel emerging threat? We don’t have answers on that, but the more we’re learning, the more it sounds like this is a much bigger story than just the initial reports on the mega-hack:
“The job was a cyber operation against Russian targets, including President Vladimir Putin’s unidentified “right-hand man,” and unearthing the financial trail leading from the bank accounts of wealthy figures to the Russian mercenary group Wagner. The information was then supposed to be passed on to the Vatican.”
It’s quite a spy caper emerging: the clients of this Italian private intelligence firm, Equalize, included Israeli intelligence and the Vatican, both of whom hired Equalize to spy on an unidentified “right-hand man” of Vladimir Putin and unearthing financial trials related to the Wagner group. It’s a little nebulous as to who exactly was being targeted here. On the one hand, a man described as Putin’s “right-hand man”, Nikolai Patrushev, is assumed to have ordered the assassination of Wagner Group founder — and former close Putin ally — Yevgeny Prigozhin. So were they targeting Patrushev? Or Prigozhin before he was assassinated? We don’t know at this point, although keep in mind that Prigozhin died in August of 2023 and the meetings to arrange these spying contracts reportedly happened in February of 2023. It’s a remarkable series of revelations either way. A joint Israeli/Vatican spying operation on a Russian oligarch utilizing a private Italian firm. Is this an unusual arrangement or just a reflection of a the commodified transnational nature of modern for-profit privatized spying?
But also note how the Israelis suggested a broader partnership of exchanging information, including offering “all of the original documents” on the Qatargate scandal. Again, is this unusual for intelligence agencies to offer of dossiers of blackmail material for trade with private intelligence firms? Or is this the quiet normal?
Finally, note this other interesting detail: the hackers who were actually carrying out these hacks working under Samuele Calamucci — a self-proclaimed former member of Anonymous — made use of servers in Lithuania and the United States, where they felt they were less vulnerable. It would be really interesting to know why they felt less vulnerable using servers in the US:
How many other countries will we see get wrangled into this story before it’s over? Time will tell, but this is turning into one of those stories where, the more we’re learning, the more it’s looking like there’s a lot more under this rock. Albeit a very sensitive rock that really doesn’t want to be turned over. Especially since it’s not just a sensitive Italian rock anymore.