Authorities have arrested a brother and sister for hacking the private email accounts of and stealing information from high-profile Italian politicians and executives.
Court filings show that Giulio Occhionero and Francesca Maria Occhionero tried to hack former Italian prime minister Matteo Renzi’s email account on two dates: 12 and 30 June 2016. Around that same time, they attempted to gain access to head of the European Central Bank (ECB) Mario Draghi’s email.
The siblings are also believed to have hacked Cardinal Gianfranco Ravasi, top officials in Italy’s tax police, the Bank of Italy, and members in both chambers of Italy’s parliament.
Italian police launched an investigation into the brother and sister after a security specialist received an email from someone purporting to be a lawyer that contained malware. Digital forensics traced the malware back to Giulio. As part of their analysis, Italian authorities seized several servers operated by the siblings as well as “drop zones” that are believed to have contained sensitive information stolen from victims.
As of this writing, there’s no evidence to suggest the Occhioneros sold or abused the stolen information.
Roberto Di Legami, director of the specialized cyber police unit that conducted the investigation, said digital forensic experts are analyzing the data seized from the siblings’ servers. He feels the results of that probe will put the attacks into clearer focus. As he told The Guardian:
“We will know only after we receive the seized material from the US and at that point, through forensic activity, we will manage to put everything in place, to know who was spied on, for how long, what kind of data was stolen.”
More than likely, the pair used spear-phishing attacks laced with malware to gain access to their targets’ computers and steal their information. By no means are these the first attacks of their kind, and they certainly won’t be the last.
The Occhioneros’ attack campaign drives home the point that organizations need to do more to protect their sensitive information. They can get started by training their employees to be on the lookout for phishing attacks. To accomplish that aim, they can use third-party security awareness training software.
Does that type of solution sound interesting to your company?