Anonymous Italia Robs the Police (Again)

On October 12, 2016, Anonymous Italia launched a cyber offensive against the Polizia Penitenziaria (the Italian penitentiary police) to protest against the “unjust” acquittal of all those involved in the trial of Stefano Cucchi’s, a young Italian citizen who died in 2009 under still unclear circumstances a week after being remanded in custody by the Italian police for alleged drug dealing.

Anonymous Italia cyber operation’s manifesto

The Polizia di Stato (Italian police), and its different divisions, has been one of the preferred targets of the Italian hacktivists for years, mainly as a means to protest against alleged authority abuses and violence demonstrated by policemen under numerous circumstances. For instance, in October 2012, the hackers released online a batch of thousands of confidential documents exfiltrated from the Italian police’s servers, leading to the arrest of several members of the organization.

In this latest cyberattack, the Anonymous Italia’s hackers, in reprisal against the “deplorable state of the Italian justice system, which protects the executioners of defenseless citizens,” defaced the websites of the Associazione Nazionale Polizia Penitenziaria, the Polizia Penitenziaria’s blog, the Sindacato Autonomo Polizia Penitenziaria, and the Sindacato Autonomo Polizia Penitenziaria, Lombardia district. Furthermore, the Italian hacktivists also exfiltrated two database archives, presumably from the websites of the Polizia Penitenziaria (POLPE)’s blog and one of its labor unions (Sindacato Autonomo Polizia Penitenziaria – SAPPE).

Example of a defaced website, with the motivation underpinning the attack clearly declared

The Leaked Data

The hacktivists leaked approximately 70 MB, compressed into two zip folders, presumably exfiltrated from the databases of the Sindacato Autonomo Polizia Penitenziaria’s blog and of its official monthly magazine (Polizia Penitenziaria, società giustizia & sicurezza), subsequently posting links to the downloading on their official blog. One folder is called, and the other, hinting at their assumed origin. The most recent documents we detected within the leaked files are dated October 9, 2016. Notably, the two compromised websites are hosted on the same server, therefore it is possible that the hackers achieved access to the whole server.

Claim of responsibility for the two data leakages on the Anonymous Italia official blog (left); sample of data allegedly exfiltrated from the one of the police-associated websites (right)

We acquired the two leaked databases and our preliminary analysis reveals that they contain a trove of data, mostly relating to the activities of the blog and of the magazine linked to the penitentiary police’s labor union (SAPPE). However, thousands of organizational and personal email addresses of penitentiary police officers, carrying clear-text passwords, have also been exposed.

Screenshot of sensitive content exposed by the hacktivists

Our assessment is that the exfiltration of databases belonging to governmental bodies such as the Italian penitentiary police, demonstrates noteworthy technical capabilities by the initiators of the cyber operation, confirming once again the danger posed by Italian hacktivist elements.

One thought on “Anonymous Italia Robs the Police (Again)

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s