Spitfire List Web site and blog of anti-fascist researcher and radio personality Dave Emory.

News & Supplemental  

Up to 200 Italian police ‘ran parallel anti-terror force’

by John Philips
THE INDEPENDENT

Up to 200 police offi­cers and for­mer intel­li­gence oper­a­tives are being inves­ti­gat­ed by Ital­ian mag­is­trates on charges of organ­is­ing an ille­gal “par­al­lel” police force to com­bat ter­ror­ism.

The shad­owy group appears to have set itself up as a pri­vate secu­ri­ty firm, offer­ing pro­tec­tion to senior fig­ures, and illic­it­ly using offi­cial police resources. Its lead­ers have been accused of “usurp­ing” pub­lic func­tions and ille­gal usie of clas­si­fied data.

Judge Francesco Lal­la, Genoa’s chief pros­e­cu­tor, said the self-styled “Depart­ment for Anti-ter­ror­ist Strate­gic Stud­ies,” (Dssa) main­tained an arse­nal of weapon­ry, stored by its accused com­man­ders Gae­tano Saya and Ric­car­do Sin­da­co, both with links with the Ital­ian far right. The rev­e­la­tions have height­ened many Ital­ians’ unease about the strate­gies of the gov­ern­ment of Sil­vio Berlus­coni, the Prime Min­is­ter, against Islamist ter­ror­ism.

Judi­cial sources said the Dssa recruit­ed from police, para­mil­i­tary cara­binieri, finance police and the armed ser­vices and pre­sent­ed itself to Ital­ian insti­tu­tions as well as poten­tial recruits as an elite body spe­cial­is­ing in fight­ing Islam­ic and Marx­ist ter­ror­ism.

Mr Saya, now under house arrest, had applied for €32m (£21.6m) in Euro­pean Union finance and had alleged­ly sought con­tact with the Vat­i­can to try to obtain a con­tract to pro­tect of Pope Bene­dict against ter­ror­ist attack.

Mag­is­trates focused on the Dssa after it alleged­ly claimed to have a video of the mur­der in Iraq of the Ital­ian hostage Fab­rizio Qua­troc­chi and tried to sell the footage. Inves­ti­ga­tors are try­ing to deter­mine what offi­cial sup­port the organ­i­sa­tion may have had.

The Inte­ri­or Min­is­ter, Giuseppe Pisanu, has sus­pend­ed dozens of police offi­cers who joined the net­work. But Car­lo Taormi­na, an MP from Mr Berlus­coni’s Forza Italia par­ty, insists Dssa was a bona fide secu­ri­ty com­pa­ny with noth­ing to hide and “the high com­mands of the police and intel­li­gence ser­vices were aware of its exis­tence”.

Il Mes­sag­gero quot­ed an inves­ti­ga­tor who said it was par­tic­u­lar­ly dis­turb­ing that phone inter­cepts sug­gest­ed Dssa mem­bers had been plan­ning to kid­nap Cesare Bat­tisti, a Red Brigades activist liv­ing in exile in Paris. “We were see­ing the gen­e­sis of some­thing sim­i­lar to the death squads in Argenti­na,” the mag­is­trate is report­ed to have said.

The group was charged with mak­ing unau­tho­rised use of inte­ri­or min­istry data bank infor­ma­tion as well as equip­ping cars with sirens and flash­ing lights and the offi­cial “lol­lipop” sticks, used by Ital­ian police to stop traf­fic or wave as they break traf­fic reg­u­la­tions.

Gilber­to Di Benedet­to, an asso­ciate of Mr Saya who act­ed as a mid­dle­man with the Vat­i­can, said most mem­bers had joined the Dssa in good faith, despite its far­ci­cal aspect. “There were peo­ple who were hop­ing for pow­er or to become pri­vate inves­ti­ga­tors, but there also were many police offi­cers and sergeants who believed the Dssa would advance their careers,” he said.

La Repub­bli­ca news­pa­per quot­ed Michael Scheuer, a for­mer CIA agent and head of the “Bin Laden unit” at CIA head­quar­ters in Lan­g­ley, Vir­ginia, until last Novem­ber, as say­ing the head of Italy’s mil­i­tary intel­li­gence agency Sis­mi had autho­rised the CIA to abduct Abu Omar, a mil­i­tant Islam­ic cler­ic who was flown from Milan to Egypt and report­ed­ly tor­tured.

Mr Berlus­coni’s gov­ern­ment denies knowl­edge of the affair, which became pub­lic after Milan mag­is­trates issued arrest war­rants for 13 CIA agents.

Discussion

2 comments for “Up to 200 Italian police ‘ran parallel anti-terror force’”

  1. It’s mega-hack time again. Although this isn’t like most mega-hacks. The actu­al­ly num­ber of peo­ple impact­ed is rel­a­tive­ly small. But the impact could cer­tain­ly be ‘mega’-league. At least when it comes to Italy’s polit­i­cal sta­bil­i­ty: mul­ti­ple sen­si­tive data­bas­es main­tained by the Ital­ian Inte­ri­or Min­istry have been hacked by a pri­vate intel­li­gence out­fit that has been sell­ing con­fi­den­tial infor­ma­tion on pow­er­ful Ital­ian fig­ures for at least the last 5 years. Impact­ed politi­cians include Prime Min­is­ter Geor­gia Mel­oni and for­mer Prime Min­is­ter Mat­teo Ren­zi. The hack is being char­ac­ter­ized as a threat to Ital­ian democ­ra­cy, with For­eign Min­is­ter Anto­nio Tajani warn­ing how infor­ma­tion of this nature is often used as lever­age in “inter­nal and polit­i­cal bat­tles”.

    The pri­vate intel­li­gence firm before the hack, Equi­l­ize, is a Milan-based com­pa­ny run by for­mer top police offi­cer Carmine Gal­lo. The over­all oper­a­tion appears to have been man­aged by Enri­co Paz­za­li, pres­i­dent of Fon­dazione Fiera Milano, an Ital­ian trade fair and con­fer­ence oper­a­tor. Four peo­ple are under house arrest, with around 60 under inves­ti­ga­tion.

    The actu­al­ly data appears to have been stolen thanks to a team of moles work­ing in the Inte­ri­or Min­istry under Nun­zio Samuele Cala­muc­ci, a 44-year-old IT con­sul­tant who pre­vi­ous­ly boast­ed of hack­ing the Pen­ta­gon as part of the Anony­mous hack­ing col­lec­tive. It was Cala­muc­ci’s team that was tasked with cre­at­ing and main­tain­ing these data­bas­es for the Inte­ri­or Min­istry. By night, the team report­ed­ly down­loaded the data on behalf of Equal­ize.

    So what kind of infor­ma­tion was stolen? We’ll, we’re told one of the data­bas­es logged sus­pi­cious finan­cial activ­i­ty, anoth­er traced pri­vate bank trans­ac­tions and a third housed police inves­ti­ga­tions. Accord­ing to wire­taps, Cala­muc­ci bragged about hav­ing stolen infor­ma­tion on over 800,000 peo­ple. The data was, in turn, used to black­mail entre­pre­neurs and politi­cians, we are told by inves­ti­ga­tors, with €3.1 mil­lion in illic­it pro­ceeds was earned through the sale of this infor­ma­tion.

    It’s a big deal. But not the only big deal to hit Italy’s polit­i­cal estab­lish­ment in recent weeks. There was anoth­er ‘mega-hacks’ of this nature that was also uncov­ered: the accounts of rough­ly 3500 Ital­ians at the coun­try’s biggest bank, Inte­sa San­pao­lo, were illic­it­ly accessed by a rogue employ­ee. The account hold­ers range from Prime Min­is­ter Mel­oni to for­mer Prime Min­is­ter Mario Draghi.

    It remains unclear if this sec­ond sto­ry is at all relat­ed to the Inte­ri­or Min­istry hack. It’s also not real­ly a sto­ry about a hack. Instead, it appears a bank employ­ee in the bank’s agri­cul­tur­al depart­ment is sole­ly respon­si­ble for rough­ly 6,600 illic­it views of those accounts. The views took place from Feb­ru­ary 2022 to April 2024. It sounds like the bank’s inter­nal con­trols nev­er detect­ed the activ­i­ty because it was spread out over 500 work­ing days and the employ­ee tech­ni­cal­ly had the autho­riza­tion to view all of the accounts. We’re also told no infor­ma­tion was down­loaded and the employ­ee claims to have done it pure­ly out of curios­i­ty.

    Is it just a coin­ci­dence that a sto­ry about the improp­er access­ing of the finan­cial records of thou­sands of promi­nent Ital­ians is hit­ting right around the same time we’re learn­ing about this Inte­ri­or Min­istry mega-hack­/black­mail oper­a­tion? Who knows, but it’s worth keep­ing in mind that just because no records were down­loaded from Inte­sa San­paulo that does­n’t mean no infor­ma­tion was stolen. The banker could have sim­ply con­firmed things about accounts to a third-par­ty. Or tak­en screen shots or pho­tographs of the screen con­tents with­out down­load­ing any­thing. There’s a range of pos­si­bil­i­ties.

    Also keep in mind that what we’re look­ing at here — the illic­it loot­ing of sen­si­tive gov­ern­ment infor­ma­tion for black­mail pur­pos­es — is the kind of sce­nario the US is aggres­sive­ly invit­ing with the prospects of Don­ald Trump return­ing to the White House to imple­ment the Sched­ule F/Project 2025 scheme, which will entail putting many of the least qual­i­fied peo­ple imag­in­able in posi­tions of respon­si­bil­i­ty of one sen­si­tive gov­ern­ment data­base after anoth­er. Peo­ple whose pri­ma­ry qual­i­fi­ca­tions are a will­ing­ness to sign loy­al­ty pledge to Don­ald Trump. Just imag­ine how much infor­ma­tion with black­mail poten­tial we can expect to see pil­fered under the kind of par­ti­san loot­ing sce­nar­ios the US is court­ing. And that’s all why, on one lev­el, this is an unfold­ing sto­ry about an Ital­ian polit­i­cal night­mare. But for the Unit­ed States, it’s more of a pre­view:

    Politi­co

    Mega Ital­ian hack is ‘threat to democ­ra­cy,’ FM says

    Anto­nio Tajani said the breach was “crim­i­nal,” as probe zeroes in on pri­vate inves­tiga­tive firm.

    Octo­ber 28, 2024 12:10 pm CET
    By Han­nah Roberts

    ROME — Italy’s for­eign min­is­ter lashed out Sun­day after a gang of alleged hack­ers was arrest­ed for steal­ing infor­ma­tion on high-pro­file politi­cians from state data­bas­es.

    The com­pro­mised mate­r­i­al includ­ed infor­ma­tion from the Min­istry of Inte­ri­or archives, which were alleged­ly accessed more than 50,000 times by a pri­vate inves­tiga­tive firm, and tar­get­ed for­mer Prime Min­is­ter Mat­teo Ren­zi and Sen­ate Pres­i­dent Ignazio La Rus­sa, a close ally of Prime Min­is­ter Gior­gia Mel­oni, accord­ing to local media reports.

    For­eign Min­is­ter Anto­nio Tajani said the hack was “unac­cept­able” and “crim­i­nal.”

    “This [hack­ing] is unac­cept­able, we have been say­ing it for a long time … Spy­ing on peo­ple’s pri­vate lives and then using the infor­ma­tion for eco­nom­ic or polit­i­cal pur­pos­es is real­ly a threat to democ­ra­cy.” Such infor­ma­tion can be used by Rus­sia “or oth­er coun­tries that are not our friends,” Tajani said at a par­ty event.

    He added that such infor­ma­tion is often used as lever­age in “inter­nal and polit­i­cal bat­tles.”

    Police put four peo­ple under house arrest on Sat­ur­day in con­nec­tion with the probe into pri­vate inves­ti­ga­tor Equal­ize, a Milan-based com­pa­ny run by a for­mer police offi­cer.

    The access­ing of con­fi­den­tial infor­ma­tion, which was alleged­ly sold to clients and could be used to lever­age or black­mail busi­ness­men and politi­cians, cov­ered a peri­od between 2019 and 2024, pros­e­cu­tors said.

    The pri­vate inves­ti­ga­tors alleged­ly accessed one data­base mon­i­tor­ing sus­pi­cious finan­cial activ­i­ties; anoth­er one used by the nation­al tax agency with cit­i­zens’ bank trans­ac­tions, util­i­ty bills and income state­ments; and the police inves­ti­ga­tions data­base, accord­ing to Reuters.

    Italy’s nation­al anti-mafia pros­e­cu­tor, Gio­van­ni Melil­lo, told reporters Sat­ur­day the probe “rang alarm bells” because it shed light on the “gigan­tic mar­ket for con­fi­den­tial infor­ma­tion” which has acquired “a busi­ness-like dimen­sion.”

    ...

    ———–

    “Mega Ital­ian hack is ‘threat to democ­ra­cy,’ FM says” By Han­nah Roberts; Politi­co; 10/28/2024

    The com­pro­mised mate­r­i­al includ­ed infor­ma­tion from the Min­istry of Inte­ri­or archives, which were alleged­ly accessed more than 50,000 times by a pri­vate inves­tiga­tive firm, and tar­get­ed for­mer Prime Min­is­ter Mat­teo Ren­zi and Sen­ate Pres­i­dent Ignazio La Rus­sa, a close ally of Prime Min­is­ter Gior­gia Mel­oni, accord­ing to local media reports.”

    A pri­vate intel­li­gence firm was access­ing Inte­ri­or Min­istry archives sen­si­tive secrets on pow­er­ful peo­ple? That sounds like a pret­ty big deal. Espe­cial­ly since this illic­it access­ing of these archives took place for around 5 years, from 2019 to 2024. What­ev­er juicy secrets there was to be found, they were prob­a­bly found, with the archives get­ting accessed more than 50,000 times. It sounds like kind of scan­dal that can take down a gov­ern­ment. Alarm­ing­ly, we have For­eign Min­is­ter Anto­nio Tajani warn­ing how infor­ma­tion of this nature is often used as lever­age in “inter­nal and polit­i­cal bat­tles”. So while this sounds like an unprece­dent­ed sto­ry, there appears to be quite a bit of prece­dent. It’s just the scale that’s per­haps unprece­dent­ed:

    ...
    For­eign Min­is­ter Anto­nio Tajani said the hack was “unac­cept­able” and “crim­i­nal.”

    “This [hack­ing] is unac­cept­able, we have been say­ing it for a long time … Spy­ing on peo­ple’s pri­vate lives and then using the infor­ma­tion for eco­nom­ic or polit­i­cal pur­pos­es is real­ly a threat to democ­ra­cy.” Such infor­ma­tion can be used by Rus­sia “or oth­er coun­tries that are not our friends,” Tajani said at a par­ty event.

    He added that such infor­ma­tion is often used as lever­age in “inter­nal and polit­i­cal bat­tles.”

    ...

    The access­ing of con­fi­den­tial infor­ma­tion, which was alleged­ly sold to clients and could be used to lever­age or black­mail busi­ness­men and politi­cians, cov­ered a peri­od between 2019 and 2024, pros­e­cu­tors said.

    The pri­vate inves­ti­ga­tors alleged­ly accessed one data­base mon­i­tor­ing sus­pi­cious finan­cial activ­i­ties; anoth­er one used by the nation­al tax agency with cit­i­zens’ bank trans­ac­tions, util­i­ty bills and income state­ments; and the police inves­ti­ga­tions data­base, accord­ing to Reuters.
    ...

    So what do we know about the pri­vate intel­li­gence firm behind this? Well, as the fol­low­ing piece describes, the hack appears to have been the handy­work of a mole work­ing in the Inte­ri­or Min­istry: Nun­zio Samuele Cala­muc­ci, a 44-year-old IT con­sul­tant who has been lead­ing a team of soft­ware engi­neers in cre­at­ing and main­tain­ing data­bas­es for the min­istry. Cala­muc­ci also has the dis­tinc­tion of pre­vi­ous­ly boast­ing about hav­ing hacked the Pen­ta­gon with Anony­mous. Yes, the hack was car­ried out by self-described for­mer mem­ber of Anony­mous. But it does­n’t sound like the hack required very sophis­ti­cat­ed hack­ing tech­niques. Instead, it appears that Cala­muc­ci’s team plant­ed mal­ware on the min­istry’s servers that gave them remote con­trol and pro­ceed­ed to secret­ly export the data in the evenings. The hacked data­bas­es includ­ed logs of sus­pi­cious finan­cial activ­i­ty, pri­vate bank trans­ac­tions and even police inves­ti­ga­tions. The pri­vate intel­li­gence firm that received the stolen data, Equal­ize, is run by a for­mer top police offi­cer, Carmine Gal­lo, who oper­ates under Enri­co Paz­za­li, pres­i­dent of Fon­dazione Fiera Milano, an Ital­ian trade fair and con­fer­ence oper­a­tor. It’s an inter­est­ing set of cul­prits.

    It’s not clear what the motive has been beyond mak­ing a prof­it. And that prof­it was, in turn, made by sell­ing the infor­ma­tion to clients or black­mail­ing entre­pre­neurs and politi­cians. We’re told €3.1 mil­lion in illic­it pro­ceeds was earned through the sale of the infor­ma­tion. Cala­muc­ci and Gal­lo have already been arrest­ed, along with two oth­er indi­vid­u­als: pri­vate inves­ti­ga­tor Mas­si­m­il­iano Cam­pono­vo, and Giulio Cor­nel­li, the own­er of a tech and secu­ri­ty firm. And it’s not hard to imag­ine the inves­ti­ga­tion is going to get a lot big­ger, with Cala­muc­ci appar­ent­ly hav­ing bragged about hav­ing infor­ma­tion on 800,000 peo­ple:

    Politi­co

    Mas­sive hack-for-hire scan­dal rocks Ital­ian polit­i­cal elites

    The pres­i­dent and for­mer prime min­is­ter were among tar­gets of hack­ers sell­ing high­ly sen­si­tive data.

    Octo­ber 29, 2024 12:48 pm CET
    By Han­nah Roberts and Antoane­ta Rous­si

    ROME — It’s The Ital­ian Job, but instead of a gold heist hack­ers stole con­fi­den­tial data of some of the coun­try’s most pow­er­ful politi­cians.

    From a sin­gle room behind Milan’s Duo­mo cathe­dral, a 44-year-old IT con­sul­tant called Nun­zio Samuele Cala­muc­ci pulled off a stun­ning­ly auda­cious, mul­ti-year breach of a nation­al secu­ri­ty data­base, accord­ing to alle­ga­tions revealed by Ital­ian pros­e­cu­tors in past days and detailed in a 518-page judi­cial doc­u­ment seen by POLITICO.

    Cala­muc­ci, who pre­vi­ous­ly boast­ed of pen­e­trat­ing the Pen­ta­gon with the Anony­mous hack­tivist col­lec­tive, led a squadron of young soft­ware engi­neers in cre­at­ing and main­tain­ing data­bas­es for the Inte­ri­or Min­istry as part of a remote team, accord­ing to wire­taps record­ed by inves­ti­ga­tors.

    By night, how­ev­er, when traf­fic on the servers was slow, the group down­loaded reams of pri­vate data belong­ing to thou­sands of Ital­ians, includ­ing Pres­i­dent Ser­gio Mattarel­la and for­mer Prime Min­is­ter Mat­teo Ren­zi.

    ...

    “I’m bit­ter and hurt for me and my fam­i­ly,” Ren­zi, leader of the cen­trist Italia Viva par­ty, told POLITICO. “This is not the first time some­thing like this has hap­pened to me. But as an Ital­ian I’m angry because this is a threat to democ­ra­cy and pri­va­cy.”

    As of Tues­day morn­ing, four peo­ple have been arrest­ed and 60 under inves­ti­ga­tion. On Thurs­day an inves­ti­gat­ing judge is expect­ed to hear the alle­ga­tions, which include con­spir­a­cy to hack, cor­rup­tion, ille­gal access­ing of data and the vio­la­tion of offi­cial secrets.

    The breach was alleged­ly run by a pri­vate inves­ti­ga­tions com­pa­ny called Equal­ize, run by for­mer top police offi­cer Carmine Gal­lo under the aus­pices of Enri­co Paz­za­li, pres­i­dent of Fon­dazione Fiera Milano, an Ital­ian trade fair and con­fer­ence oper­a­tor.

    Equal­ize tapped into gov­ern­ment data­bas­es through a com­put­er virus that allowed it to con­trol the servers remote­ly, as well as through moles work­ing on the inside. One com­pro­mised data­base logged sus­pi­cious finan­cial activ­i­ty, anoth­er traced pri­vate bank trans­ac­tions and a third housed police inves­ti­ga­tions. In wire­taps, Cala­muc­ci, who worked for Equal­ize, alleged­ly boast­ed of hav­ing hacked the infor­ma­tion of 800,000 peo­ple.

    The data was then sold to clients or used to black­mail entre­pre­neurs and politi­cians from at least 2019 until March this year, the judi­cial doc­u­ment said. The group is believed to have raised more than €3.1 mil­lion in illic­it pro­ceeds.

    The four appre­hend­ed have been placed under house arrest, includ­ing Gal­lo, Cala­muc­ci, pri­vate inves­ti­ga­tor Mas­si­m­il­iano Cam­pono­vo, and Giulio Cor­nel­li, the own­er of a tech and secu­ri­ty firm.

    The affair was “unac­cept­able” and “crim­i­nal,” For­eign Min­is­ter Anto­nio Tajani said on Sun­day. “Spy­ing on peo­ple’s pri­vate lives and then using the infor­ma­tion for eco­nom­ic or polit­i­cal pur­pos­es is real­ly a threat to democ­ra­cy.”

    Ignazio La Rus­sa, the pres­i­dent of the Sen­ate and mem­ber of the Mel­oni’s hard-right Broth­ers of Italy par­ty, was among the vic­tims of the hacks. He said on X he was “aston­ished” and “dis­gust­ed” about the claims that he and his sons had been spied on.

    The polit­i­cal oppo­si­tion has called for a par­lia­men­tary inquiry and wants Prime Min­is­ter Gior­gia Mel­oni to explain the secu­ri­ty breach to the leg­is­la­ture, giv­en that the infor­ma­tion was stolen from the Inte­ri­or Min­istry, which has cus­tody of high­ly sen­si­tive data.

    “We want to know if there is, and what, if any, degree of involve­ment of pieces of the state appa­ra­tus,” said Francesco Boc­cia and Chiara Bra­ga of the Democ­rats par­ty in a state­ment shared with Ital­ian media.

    Meloni’s own Broth­ers of Italy par­ty called for new leg­is­la­tion and tougher penal­ties for hack­ing in the wake of the rev­e­la­tions.

    ...

    ———–

    “Mas­sive hack-for-hire scan­dal rocks Ital­ian polit­i­cal elites” By Han­nah Roberts and Antoane­ta Rous­si; Politi­co; 10/29/2024

    “The breach was alleged­ly run by a pri­vate inves­ti­ga­tions com­pa­ny called Equal­ize, run by for­mer top police offi­cer Carmine Gal­lo under the aus­pices of Enri­co Paz­za­li, pres­i­dent of Fon­dazione Fiera Milano, an Ital­ian trade fair and con­fer­ence oper­a­tor.”

    A for­mer top police offi­cer ran the pri­vate oper­a­tion under the aus­pices of an Ital­ian trade fair con­fer­ence oper­a­tor. It’s an inter­est col­lec­tion of cul­prits. Will mafia ties emerge in this inves­ti­ga­tion? If not, who is the ulti­mate enti­ty behind this oper­a­tion? It’s hard to imag­ine this was pure­ly the work of a retired cop and a trade fair con­fer­ence oper­a­tor:

    ...
    Equal­ize tapped into gov­ern­ment data­bas­es through a com­put­er virus that allowed it to con­trol the servers remote­ly, as well as through moles work­ing on the inside. One com­pro­mised data­base logged sus­pi­cious finan­cial activ­i­ty, anoth­er traced pri­vate bank trans­ac­tions and a third housed police inves­ti­ga­tions. In wire­taps, Cala­muc­ci, who worked for Equal­ize, alleged­ly boast­ed of hav­ing hacked the infor­ma­tion of 800,000 peo­ple.

    The data was then sold to clients or used to black­mail entre­pre­neurs and politi­cians from at least 2019 until March this year, the judi­cial doc­u­ment said. The group is believed to have raised more than €3.1 mil­lion in illic­it pro­ceeds.

    The four appre­hend­ed have been placed under house arrest, includ­ing Gal­lo, Cala­muc­ci, pri­vate inves­ti­ga­tor Mas­si­m­il­iano Cam­pono­vo, and Giulio Cor­nel­li, the own­er of a tech and secu­ri­ty firm.
    ...

    But also note the remark­able back­ground of the fig­ure who appears to have played a key role as the insid­er ‘mole’ in the Inte­ri­or Min­istry: IT con­sul­tant called Nun­zio Samuele Cala­muc­ci had been tasked with lead­ing a team of soft­ware engi­neers in cre­at­ing and main­tain­ing data­bas­es for the min­istry. Pre­vi­ous­ly, Cala­muc­ci claimed to have hacked the Pen­ta­gon as part of Anony­mous. So a for­mer Anony­mous hack­er is report­ed­ly the lead insid­er mole in this oper­a­tion:

    ...
    From a sin­gle room behind Milan’s Duo­mo cathe­dral, a 44-year-old IT con­sul­tant called Nun­zio Samuele Cala­muc­ci pulled off a stun­ning­ly auda­cious, mul­ti-year breach of a nation­al secu­ri­ty data­base, accord­ing to alle­ga­tions revealed by Ital­ian pros­e­cu­tors in past days and detailed in a 518-page judi­cial doc­u­ment seen by POLITICO.

    Cala­muc­ci, who pre­vi­ous­ly boast­ed of pen­e­trat­ing the Pen­ta­gon with the Anony­mous hack­tivist col­lec­tive, led a squadron of young soft­ware engi­neers in cre­at­ing and main­tain­ing data­bas­es for the Inte­ri­or Min­istry as part of a remote team, accord­ing to wire­taps record­ed by inves­ti­ga­tors.

    By night, how­ev­er, when traf­fic on the servers was slow, the group down­loaded reams of pri­vate data belong­ing to thou­sands of Ital­ians, includ­ing Pres­i­dent Ser­gio Mattarel­la and for­mer Prime Min­is­ter Mat­teo Ren­zi.

    ...

    As of Tues­day morn­ing, four peo­ple have been arrest­ed and 60 under inves­ti­ga­tion. On Thurs­day an inves­ti­gat­ing judge is expect­ed to hear the alle­ga­tions, which include con­spir­a­cy to hack, cor­rup­tion, ille­gal access­ing of data and the vio­la­tion of offi­cial secrets.
    ...

    It’s already a sprawl­ing inves­ti­ga­tion, with 60 peo­ple under inves­ti­ga­tion. All indi­ca­tions this is a sto­ry that’s going to get a lot big­ger before it’s over.

    And that brings us to the fol­low­ing oth­er sto­ry about elite spy­ing that has also rocked Italy’s polit­i­cal scene over in recent weeks: a banker at Inte­sa San­paulo has been caught improp­er­ly view­ing the client accounts of a large num­ber of promi­nent Ital­ians, includ­ing Prime Min­is­ter Mel­oni and her sis­ter, along with her pre­de­ces­sor, Mario Draghi. The accounts of around 3500 Ital­ians were viewed rough­ly 6,600 times in total, from Feb­ru­ary 2022 to April 2024. The banker, who worked in the bank’s agri­cul­tur­al depart­ment, did have autho­riza­tion to access the accounts and appar­ent­ly nev­er down­loaded any data. Instead, he claims to have been moti­vat­ed pure­ly by curios­i­ty:

    EuroNews

    For­mer Inte­sa San­pao­lo banker accused of breach­ing 3,500 accounts, includ­ing PM Mel­oni’s

    By Ilar­ia Cicinel­li
    Pub­lished on Octo­ber 11, 2024 — 14:32 GMT+2•Updated 15:41

    A for­mer Inte­sa San­pao­lo employ­ee has ille­gal­ly and repeat­ed­ly accessed the accounts of the Ital­ian pre­mier, numer­ous politi­cians and law enforce­ment offi­cers, author­i­ties said Thurs­day.

    A for­mer employ­ee of a major Ital­ian bank has been accused of repeat­ed­ly gain­ing unau­tho­rised access to the bank accounts of about 3,500 indi­vid­u­als, retriev­ing the data some 6,000 times, author­i­ties said on Thurs­day.

    Prime Min­is­ter Gior­gia Mel­oni and her sis­ter Ari­an­na’s accounts are among those alleged­ly hacked, as are those of numer­ous promi­nent Ital­ian polit­i­cal fig­ures, such as Sen­ate Pres­i­dent Ignazio La Rus­sa, Defence Min­is­ter Gui­do Croset­to, Tourism and Euro­pean Affairs Min­is­ter Daniela San­tanchè and Ital­ian Euro­pean Com­mis­sion­er-des­ig­nate Rober­to Fit­to.

    Along­side high-lev­el politi­cians, the list of tam­pered accounts includes that of Gio­van­ni Melil­lo, the pros­e­cu­tor of the Nation­al Anti-Mafia and Anti-Ter­ror­ism Direc­torate, and sev­er­al offi­cers of the Cara­binieri and Italy’s finan­cial police, Guardia di Finan­za.

    The ex-Inte­sa San­pao­lo banker, Vin­cen­zo Coviel­lo, has now been entered into the Bari Pub­lic Pros­e­cu­tor’s Office’s reg­is­ter of sus­pects, and the police searched his home and per­son­al office Thurs­day, seiz­ing smart­phones, tablets, hard disks and com­put­er devices for foren­sic analy­sis.

    Curios­i­ty or some­thing else?

    The unusu­al access made to Inte­sa’s accounts was dis­cov­ered dur­ing rou­tine log-con­trol pro­ce­dures, accord­ing to the bank.

    The Bari pros­e­cu­tor’s office opened an inves­ti­ga­tion after Inte­sa informed one of its users in Bis­celie — where Coviel­lo was employed — that their account might have been tam­pered with, accord­ing to domes­tic press.

    ...

    The motives behind the hack remain unclear for now and are being fur­ther probed by the inves­ti­ga­tors. It is also unclear whether any alter­ations were made to the account data or if Coviel­lo made any hard copies of the infor­ma­tion he had access to.

    Coviel­lo’s ver­sion of events is that he act­ed out of curios­i­ty. “I did it on my own, I nev­er divulged that infor­ma­tion, and I did not copy it,” he alleged­ly told Inte­sa’s top man­age­ment.

    Mean­while, fol­low­ing the open­ing of crim­i­nal pro­ceed­ings, Coviel­lo is accused of unau­tho­rised access to the data of 3,572 cus­tomers in 679 branch­es of the group between 21 Feb­ru­ary 2022 and 24 April 2024.

    ...

    ————-

    “For­mer Inte­sa San­pao­lo banker accused of breach­ing 3,500 accounts, includ­ing PM Mel­oni’s” By Ilar­ia Cicinel­li; EuroNews; 10/11/2024

    “Prime Min­is­ter Gior­gia Mel­oni and her sis­ter Ari­an­na’s accounts are among those alleged­ly hacked, as are those of numer­ous promi­nent Ital­ian polit­i­cal fig­ures, such as Sen­ate Pres­i­dent Ignazio La Rus­sa, Defence Min­is­ter Gui­do Croset­to, Tourism and Euro­pean Affairs Min­is­ter Daniela San­tanchè and Ital­ian Euro­pean Com­mis­sion­er-des­ig­nate Rober­to Fit­to.”

    It’s not just Prime Min­is­ter Gior­gia Mel­oni and her sis­ter whose accounts were ‘hacked’. At this point the ques­tion is which promi­nent Ital­ian politi­cians weren’t poten­tial­ly impact­ed by this hack.

    Except it does­n’t appear to have been an actu­al­ly hack. Instead, this was a bank employ­ee who appar­ent­ly did lit­tle to hide his exces­sive curios­i­ty. From Feb­ru­ary 2022 to April 2024. Keep in mind that Mel­oni became Italy’s Prime Min­is­ter in Octo­ber of 2022, so this activ­i­ty start­ed well before her time in office:

    ...
    Along­side high-lev­el politi­cians, the list of tam­pered accounts includes that of Gio­van­ni Melil­lo, the pros­e­cu­tor of the Nation­al Anti-Mafia and Anti-Ter­ror­ism Direc­torate, and sev­er­al offi­cers of the Cara­binieri and Italy’s finan­cial police, Guardia di Finan­za.

    ...

    The unusu­al access made to Inte­sa’s accounts was dis­cov­ered dur­ing rou­tine log-con­trol pro­ce­dures, accord­ing to the bank.

    The Bari pros­e­cu­tor’s office opened an inves­ti­ga­tion after Inte­sa informed one of its users in Bis­celie — where Coviel­lo was employed — that their account might have been tam­pered with, accord­ing to domes­tic press.

    ...

    The motives behind the hack remain unclear for now and are being fur­ther probed by the inves­ti­ga­tors. It is also unclear whether any alter­ations were made to the account data or if Coviel­lo made any hard copies of the infor­ma­tion he had access to.

    Coviel­lo’s ver­sion of events is that he act­ed out of curios­i­ty. “I did it on my own, I nev­er divulged that infor­ma­tion, and I did not copy it,” he alleged­ly told Inte­sa’s top man­age­ment.

    Mean­while, fol­low­ing the open­ing of crim­i­nal pro­ceed­ings, Coviel­lo is accused of unau­tho­rised access to the data of 3,572 cus­tomers in 679 branch­es of the group between 21 Feb­ru­ary 2022 and 24 April 2024.
    ...

    And as the fol­low­ing arti­cle describes, it appears that the rea­son this employ­ee was able to sur­rep­ti­tious­ly look through around 3500 accounts before get­ting caught is sim­ply by only look­ing at a few accounts each day and only look­ing once or twice at each account. That’s the pic­ture that’s emerg­ing, with the employ­ee hav­ing looked at the accounts of around 3,500 cus­tomers about 6,600 times, spread over 500 work­ing days. 11 or 12 rogue peeks each work­ing day. It also sounds like the employ­ee had autho­riza­tion to access all of these accounts and no data was ever down­loaded. Now, just because no data was down­loaded that does­n’t mean no data was stolen. Screen cap­tures or pho­tos of the screens could have been gath­ered, for exam­ple. Or maybe this employ­ee was just con­firm­ing or not cer­tain finan­cial details that had already been sus­pect­ed on tar­get­ed indi­vid­u­als. Or maybe this real­ly was just a very curi­ous bank employ­ee. We have no idea at this point. But it’s quite a coin­ci­dence that we got all these reports about the bust of this elite hack­ing ring right around the same time we’re learn­ing many of these promi­nent Ital­ians had their finan­cial records spied on by a seem­ing­ly over­ly-curi­ous banker:

    Reuters

    Explain­er: What do we know about the data breach at Inte­sa San­pao­lo?

    By Valenti­na Za
    cto­ber 22, 2024 10:16 AM CDT
    Updat­ed

    MILAN, Oct 22 (Reuters) — Pros­e­cu­tors in the south­ern Ital­ian city of Bari are inves­ti­gat­ing an alleged data breach at the coun­try’s biggest bank Inte­sa San­pao­lo (ISP.MI), in which Prime Min­is­ter Gior­gia Mel­oni’s account may have been accessed.

    Here is what we know about the inci­dent so far.

    WHAT HAPPENED?

    An Inte­sa employ­ee at a branch in the small town of Biton­to, close to Bari in the Puglia region, is alleged to have accessed the cur­rent account data of around 3,500 cus­tomers, includ­ing many high pro­file fig­ures such as Mel­oni and her pre­de­ces­sor Mario Draghi between Feb­ru­ary 2022 and April 2024.

    WAS THE SYSTEM HACKED?

    There has been no cyber­se­cu­ri­ty breach, Inte­sa has said. The employ­ee worked in Inte­sa’s agri­cul­tur­al busi­ness, an indus­try where many com­pa­nies are so small, often a sin­gle-per­son enter­prise, that assess­ing their cred­it stand­ing means look­ing at account data. The per­son had autho­ri­sa­tion to access the data.

    ...

    HOW DOES THE CONTROL SYSTEM WORK?

    The sys­tem is designed to detect anom­alies, such as a sin­gle account being accessed too fre­quent­ly over a peri­od of time.

    There is no alert thresh­old linked to the num­ber of data requests by a sin­gle employ­ee with per­mis­sion, who would nor­mal­ly per­form hun­dreds of trans­ac­tions every day.

    The rogue Inte­sa employ­ee is alleged to have abu­sive­ly accessed the accounts of around 3,500 cus­tomers about 6,600 times, but this was spread over the course of 500 work­ing days, mak­ing it dif­fi­cult for the sys­tem to detect any­thing out of the ordi­nary.

    ...

    WERE THE DATA EXPORTED?

    Based on the inter­nal checks Inte­sa has con­duct­ed, no data was down­loaded, a per­son close to the mat­ter told Reuters.

    ...

    ———-

    “Explain­er: What do we know about the data breach at Inte­sa San­pao­lo?” By Valenti­na Za; Reuters; 10/22/2024

    “An Inte­sa employ­ee at a branch in the small town of Biton­to, close to Bari in the Puglia region, is alleged to have accessed the cur­rent account data of around 3,500 cus­tomers, includ­ing many high pro­file fig­ures such as Mel­oni and her pre­de­ces­sor Mario Draghi between Feb­ru­ary 2022 and April 2024.”

    It was­n’t just Geor­gia Mel­ona. Her pre­de­ces­sor, Mario Draghi, had his accounts illic­it­ly accessed too. And yet, at this point in the inves­ti­ga­tion, it appears this employ­ee did have autho­riza­tion to view all of these accounts and it’s still unclear as to whether or not any data was actu­al­ly tak­en:

    ...
    There has been no cyber­se­cu­ri­ty breach, Inte­sa has said. The employ­ee worked in Inte­sa’s agri­cul­tur­al busi­ness, an indus­try where many com­pa­nies are so small, often a sin­gle-per­son enter­prise, that assess­ing their cred­it stand­ing means look­ing at account data. The per­son had autho­ri­sa­tion to access the data.

    ...

    The sys­tem is designed to detect anom­alies, such as a sin­gle account being accessed too fre­quent­ly over a peri­od of time.

    There is no alert thresh­old linked to the num­ber of data requests by a sin­gle employ­ee with per­mis­sion, who would nor­mal­ly per­form hun­dreds of trans­ac­tions every day.

    The rogue Inte­sa employ­ee is alleged to have abu­sive­ly accessed the accounts of around 3,500 cus­tomers about 6,600 times, but this was spread over the course of 500 work­ing days, mak­ing it dif­fi­cult for the sys­tem to detect any­thing out of the ordi­nary.

    ...

    Based on the inter­nal checks Inte­sa has con­duct­ed, no data was down­loaded, a per­son close to the mat­ter told Reuters.
    ...

    If this real­ly is how this ‘hack’ was car­ried out, you have to won­der how many oth­er bankers have engag­ing in exact­ly this kind of ‘curi­ous’ activ­i­ty. Was this banker the only one who knew how to do this under the radar? If not, it’s not hard to imag­ine there’s a lot more cas­es like this. And not just at this bank.

    But also keep in mind that this sto­ry is point­ing to a shock­ing­ly thriv­ing black­mar­ket for black­mail mate­ri­als that should­n’t be assumed to be just an Ital­ian phe­nom­e­na. How preva­lent is black­mail, espe­cial­ly polit­i­cal black­mail, these days, with so much sen­si­tive infor­ma­tion just a hack away?

    And who was doing the black­mail­ing here? We’ve only heard about the pri­vate intel­li­gence firm. We know noth­ing about their clients. This feels like the kind of sto­ry that could get a lot big­ger. Or the kind of sto­ry that gets qui­et­ly dropped entire­ly because it’s just too big for a soci­ety to face.

    Posted by Pterrafractyl | October 30, 2024, 4:29 pm
  2. It’s offi­cial: Ben­jamin Netanyahu won the US 2024 elec­tion. The can­di­date who will effec­tive­ly give him a green light to con­duct the grow­ing con­flicts in the Mid­dle East — and maybe even get the US direct­ly involved in some new ones — will be return­ing to the White House in Jan­u­ary. And this time it hap­pened with­out any ‘for­eign assis­tance’, like the still unex­plained ‘assis­tance’ pro­vid­ed by Netanyahu to the 2016. Recall that March 2023 report by James Bam­ford about how it was a close Netanyahu aide who was pro­vid­ing Roger Stone with updates on the plans of the ‘Russ­ian hack­ers’ to dis­trib­ute hacked infor­ma­tion to Wik­ileaks. The kind of report that strong­ly sug­gests it was ulti­mate­ly Netanyahu’s office that was the source of the DNC hacks and sub­se­quent dis­sem­i­na­tion of those hacked mate­ri­als to Wik­ileaks. Noth­ing like that hap­pened this year, and yet, it’s hard not to imag­ine that Trump is still very thank­ful to Netanyahu for all thaat covert 2016 cam­paign ‘assis­tance’.

    How will that secret ‘favor’ shape the unfold­ing con­flicts in the Mid­dle East over the next four years? It’s one of the many omi­nous ques­tions loom­ing over the many geopo­lit­i­cal con­flicts an increas­ing­ly fas­cist Don­ald Trump will now be tasked with man­ag­ing. And that brings us to a fas­ci­nat­ing update to a sto­ry that broke short­ly before the US elec­tions in Italy: the sto­ry of the Ital­ian ‘mega-hack’, where a pri­vate intel­li­gence firm was found to have stolen sen­si­tive gov­ern­ment data­bas­es and sold infor­ma­tion on pow­er­ful fig­urs for the last five years. Fig­ures includ­ing Prime Min­is­ter Geor­gia Mel­oni and for­mer Prime Min­is­ter Mat­teo Ren­zi. The hack was described as a threat to Ital­ian democ­ra­cy.

    Well, we’re now learn­ing a bit more about some of those clients: it turns out Israeli intel­li­gence was hir­ing the firm to con­duct hack­ing oper­a­tions, with the idea that the hacked infor­ma­tion would also be shared with the Vat­i­can. That’s the pic­ture emerg­ing in reports describ­ing how the man accused of orches­trat­ing the scheme, Nun­zio Samuele Cala­muc­ci, met with two Israeli agents in Feb­ru­ary of 2023 to dis­cuss a task worth €1 mil­lion. The tar­gets of the oper­a­tion were Russ­ian oli­garchs, includ­ing some­one described as Vladimir Putin’s uniden­ti­fied “right-hand man,” as well as finan­cial trails lead­ing from the bank accounts of wealth fig­ures to the Wag­n­er group. Keep in mind that the descrip­tion of Putin’s “Right-hand man” is rather unclear. On the one hand, a man described as Putin’s “right-hand man”, Niko­lai Patru­shev, is assumed to have ordered the assas­si­na­tion of Wag­n­er Group founder — and for­mer close Putin ally — Yevge­ny Prigozhin. But Prigozhin was long seen as a kind of Putin ‘right-hand man’ before their falling out. Also keep in mind Prigozhin died in August of 2023, so he still could have been a tar­get dur­ing that Feb­ru­ary 2023. So were they tar­get­ing Patru­shev? Prigozhin before he was assas­si­nat­ed? Some­one else? We don’t know at this point, this it’s a pret­ty remark­able rev­e­la­tion. All the more so giv­en that the Vat­i­can was report­ed­ly also to receive this hacked con­tent as part of the oper­a­tion. Inter­est­ing­ly, we’re also learn­ing that the servers used in this hack­ing oper­a­tion were locat­ed in Lithua­nia, the UK, and the US.

    Beyond that, we are told the Israelis sug­gest­ed a part­ner­ship to exchange infor­ma­tion, offer­ing “all of the orig­i­nal doc­u­ments” from the EU’s so-called Qatar­gate. In oth­er words, this was­n’t just a one-way rela­tion­ship. The Israelis were offer­ing this pri­vate firm intel­li­gence of their own. Pre­sum­ably to be resold in this black mar­ket.

    So is this nor­mal for mod­ern spy oper­a­tions? Because we’re talk­ing about Israeli intel­li­gence hir­ing a pri­vate Ital­ian intel­li­gence firm — a firm now know for acquir­ing vast repos­i­to­ries of polit­i­cal black­mail mate­r­i­al — to hack Russ­ian oli­garchs and shared the infor­ma­tion with the Vat­i­can. Inter­na­tion­al coop­er­a­tion in spy­craft is noth­ing new, but this is still a remark­able sto­ry. Or is it all that remark­able? That’s the big ques­tion at hand beyond the imme­di­ate impli­ca­tions to Italy’s democ­ra­cy: how atyp­i­cal is this kind of sto­ry? Are pri­vate polit­i­cal black­mail firms just a reg­u­lar thing rou­tine­ly shap­ing gov­ern­ments that no one talks about? Or is this a nov­el emerg­ing threat? We don’t have answers on that, but the more we’re learn­ing, the more it sounds like this is a much big­ger sto­ry than just the ini­tial reports on the mega-hack:

    Politi­co

    Vat­i­can, Israel impli­cat­ed in Italy hack­ing scan­dal, leaked files reveal

    Police wire­taps show the sprawl­ing glob­al nature of an inves­ti­ga­tion into Milan-based pri­vate detec­tives and their clients.
    Novem­ber 1, 2024 4:15 am CET
    By Han­nah Roberts and Antoane­ta Rous­si

    ROME — A mas­sive hack­ing scan­dal that has engulfed Italy is now threat­en­ing to spill beyond its bor­ders, suck­ing in Israel, the Vat­i­can, the Unit­ed King­dom and Lithua­nia.

    New claims have been made via police wire­taps that for­eign pow­ers were among those using a Milan-based pri­vate inves­tiga­tive firm to pen­e­trate state secu­ri­ty data­bas­es with the aim of obtain­ing secret infor­ma­tion about finan­cial activ­i­ty, pri­vate bank trans­ac­tions and police inves­ti­ga­tions.

    Ital­ian intel­li­gence firm Equal­ize, which alleged­ly hacked infor­ma­tion on thou­sands of peo­ple includ­ing politi­cians, entre­pre­neurs, ath­letes and even musi­cians, is accused of work­ing for Israeli intel­li­gence and the Vat­i­can, police wire­taps leaked to Ital­ian media show.

    Mem­bers of the hack­ing net­work, includ­ing Nun­zio Samuele Cala­muc­ci — the man pros­e­cu­tors accuse of orches­trat­ing the scheme — met with two Israeli agents at the fir­m’s office in Milan in Feb­ru­ary 2023 to dis­cuss a task worth €1 mil­lion, accord­ing to the leaked wire­taps.

    The job was a cyber oper­a­tion against Russ­ian tar­gets, includ­ing Pres­i­dent Vladimir Putin’s uniden­ti­fied “right-hand man,” and unearthing the finan­cial trail lead­ing from the bank accounts of wealthy fig­ures to the Russ­ian mer­ce­nary group Wag­n­er. The infor­ma­tion was then sup­posed to be passed on to the Vat­i­can.

    It’s unclear from the leaked doc­u­ments why Israeli intel­li­gence and the Vat­i­can were involved with the con­tro­ver­sial Milan firm and what their rea­sons were for solic­it­ing infor­ma­tion on Russ­ian tar­gets, but their pres­ence in the dossier has dra­mat­i­cal­ly expand­ed the scope of Italy’s sprawl­ing inves­ti­ga­tion.

    ...

    Accord­ing to the wire­taps, the Israelis sug­gest­ed a part­ner­ship to exchange infor­ma­tion, offer­ing “all of the orig­i­nal doc­u­ments” from the EU’s so-called Qatar­gate scan­dal, which involved alle­ga­tions that peo­ple linked to the Euro­pean Par­lia­ment accept­ed mon­ey or gifts in exchange for doing the Gulf state’s bid­ding in Brus­sels.

    They also offered the Ital­ian firm infor­ma­tion that could help one of Equalizer’s alleged clients, the Ital­ian ener­gy giant Eni, with infor­ma­tion on the “illic­it traf­fick­ing of Iran­ian gas with Ital­ian com­pa­nies.”

    ...

    Eni con­firmed in a state­ment that it had hired Equal­ize for “an inves­tiga­tive assign­ment to sup­port its strat­e­gy and defense in var­i­ous crim­i­nal and civ­il cas­es” but said it was not aware of any illic­it activ­i­ties by the com­pa­ny.

    Task force, assem­ble!

    Ital­ian politi­cians are up in arms about the mega hack-for-hire.

    Ivan Scal­farot­to, a sen­a­tor from the oppo­si­tion cen­trist Italia Viva par­ty, told POLITICO that the role of for­eign actors in the scan­dal added “a fur­ther wor­ry­ing dimen­sion to a phe­nom­e­non that presents strate­gic risks for the coun­try.”

    Ital­ian For­eign Min­is­ter Anto­nio Tajani said Wednes­day that the “unac­cept­able” hack, which intend­ed “to black­mail, attack or pres­sure” politi­cians, and the hack­ers’ con­nec­tions beyond nation­al bor­ders made it “much more seri­ous.”

    Tajani has ordered the cre­ation of a task force to pro­tect his min­istry and Italy’s embassies abroad.

    ...

    Cala­muc­ci, who pre­vi­ous­ly boast­ed of pen­e­trat­ing the Pen­ta­gon with the Anony­mous hack­tivist col­lec­tive, fre­quent­ly ref­er­enced dozens of hack­ers work­ing for him in Colch­ester, Eng­land. The firm also made use of servers in the Unit­ed States and Lithua­nia, where they felt they were less vul­ner­a­ble, accord­ing to leaked doc­u­ments.

    Pros­e­cu­tors have ordered the seizure of a serv­er in Lithua­nia and are eval­u­at­ing whether to make a request to inves­ti­ga­tors in the U.K., accord­ing to reports in Ital­ian media.

    Four sus­pects who are cur­rent­ly under house arrest in rela­tion to the case attend­ed a hear­ing in Milan on Thurs­day, but refused to answer the judge’s ques­tions.

    Anto­nia Augimeri and Pao­lo Simon­et­ti, lawyers for for­mer police inves­ti­ga­tor Carmine Gal­lo, who is a part­ner in Equal­ize, and IT con­sul­tant Cala­muc­ci, said Gal­lo intend­ed to oppose the charges but would be able to have a “fruit­ful” dis­cus­sion with inves­ti­ga­tors only when he had seen all the legal doc­u­ments.

    Cala­muc­ci is “will­ing to clar­i­fy his posi­tion” as soon as a com­plete pic­ture of the inves­ti­ga­tion is out­lined, the lawyers said. Some of the alle­ga­tions raised against him “are empir­i­cal­ly unfea­si­ble,” the lawyers added.

    ————

    “Vat­i­can, Israel impli­cat­ed in Italy hack­ing scan­dal, leaked files reveal” By Han­nah Roberts and Antoane­ta Rous­si; Politi­co; 11/01/2024

    “The job was a cyber oper­a­tion against Russ­ian tar­gets, includ­ing Pres­i­dent Vladimir Putin’s uniden­ti­fied “right-hand man,” and unearthing the finan­cial trail lead­ing from the bank accounts of wealthy fig­ures to the Russ­ian mer­ce­nary group Wag­n­er. The infor­ma­tion was then sup­posed to be passed on to the Vat­i­can.”

    It’s quite a spy caper emerg­ing: the clients of this Ital­ian pri­vate intel­li­gence firm, Equal­ize, includ­ed Israeli intel­li­gence and the Vat­i­can, both of whom hired Equal­ize to spy on an uniden­ti­fied “right-hand man” of Vladimir Putin and unearthing finan­cial tri­als relat­ed to the Wag­n­er group. It’s a lit­tle neb­u­lous as to who exact­ly was being tar­get­ed here. On the one hand, a man described as Putin’s “right-hand man”, Niko­lai Patru­shev, is assumed to have ordered the assas­si­na­tion of Wag­n­er Group founder — and for­mer close Putin ally — Yevge­ny Prigozhin. So were they tar­get­ing Patru­shev? Or Prigozhin before he was assas­si­nat­ed? We don’t know at this point, although keep in mind that Prigozhin died in August of 2023 and the meet­ings to arrange these spy­ing con­tracts report­ed­ly hap­pened in Feb­ru­ary of 2023. It’s a remark­able series of rev­e­la­tions either way. A joint Israeli/Vatican spy­ing oper­a­tion on a Russ­ian oli­garch uti­liz­ing a pri­vate Ital­ian firm. Is this an unusu­al arrange­ment or just a reflec­tion of a the com­mod­i­fied transna­tion­al nature of mod­ern for-prof­it pri­va­tized spy­ing?

    But also note how the Israelis sug­gest­ed a broad­er part­ner­ship of exchang­ing infor­ma­tion, includ­ing offer­ing “all of the orig­i­nal doc­u­ments” on the Qatar­gate scan­dal. Again, is this unusu­al for intel­li­gence agen­cies to offer of dossiers of black­mail mate­r­i­al for trade with pri­vate intel­li­gence firms? Or is this the qui­et nor­mal?

    ...
    Mem­bers of the hack­ing net­work, includ­ing Nun­zio Samuele Cala­muc­ci — the man pros­e­cu­tors accuse of orches­trat­ing the scheme — met with two Israeli agents at the fir­m’s office in Milan in Feb­ru­ary 2023 to dis­cuss a task worth €1 mil­lion, accord­ing to the leaked wire­taps.

    ...

    It’s unclear from the leaked doc­u­ments why Israeli intel­li­gence and the Vat­i­can were involved with the con­tro­ver­sial Milan firm and what their rea­sons were for solic­it­ing infor­ma­tion on Russ­ian tar­gets, but their pres­ence in the dossier has dra­mat­i­cal­ly expand­ed the scope of Italy’s sprawl­ing inves­ti­ga­tion.

    ...

    Accord­ing to the wire­taps, the Israelis sug­gest­ed a part­ner­ship to exchange infor­ma­tion, offer­ing “all of the orig­i­nal doc­u­ments” from the EU’s so-called Qatar­gate scan­dal, which involved alle­ga­tions that peo­ple linked to the Euro­pean Par­lia­ment accept­ed mon­ey or gifts in exchange for doing the Gulf state’s bid­ding in Brus­sels.

    They also offered the Ital­ian firm infor­ma­tion that could help one of Equalizer’s alleged clients, the Ital­ian ener­gy giant Eni, with infor­ma­tion on the “illic­it traf­fick­ing of Iran­ian gas with Ital­ian com­pa­nies.”
    ...

    Final­ly, note this oth­er inter­est­ing detail: the hack­ers who were actu­al­ly car­ry­ing out these hacks work­ing under Samuele Cala­muc­ci — a self-pro­claimed for­mer mem­ber of Anony­mous — made use of servers in Lithua­nia and the Unit­ed States, where they felt they were less vul­ner­a­ble. It would be real­ly inter­est­ing to know why they felt less vul­ner­a­ble using servers in the US:

    ...
    Cala­muc­ci, who pre­vi­ous­ly boast­ed of pen­e­trat­ing the Pen­ta­gon with the Anony­mous hack­tivist col­lec­tive, fre­quent­ly ref­er­enced dozens of hack­ers work­ing for him in Colch­ester, Eng­land. The firm also made use of servers in the Unit­ed States and Lithua­nia, where they felt they were less vul­ner­a­ble, accord­ing to leaked doc­u­ments.
    ...

    How many oth­er coun­tries will we see get wran­gled into this sto­ry before it’s over? Time will tell, but this is turn­ing into one of those sto­ries where, the more we’re learn­ing, the more it’s look­ing like there’s a lot more under this rock. Albeit a very sen­si­tive rock that real­ly does­n’t want to be turned over. Espe­cial­ly since it’s not just a sen­si­tive Ital­ian rock any­more.

    Posted by Pterrafractyl | November 7, 2024, 5:08 pm

Post a comment