The websites of Milan's Linate and Malpensa airports were rendered inaccessible due to a cyberattack executed by the pro-Russian hacker group NoName057(16), as announced on December 28, 2024. Users trying to access these portals encountered persistent error messages, with many unable to check flight statuses. Fortunately, flight operations at both airports remained unaffected, operated by separate systems.
Reports indicate the attack began early Saturday morning, just as many travelers were preparing for their holiday flights. This group of cybercriminals later claimed responsibility for the attack via their Telegram channel, stating, “I russofobi italiani ricevono una meritata risposta informatica,” translating to “Italian Russophobes receive deserved cyber responses.”
The National Cybercrime Center for the Protection of Critical Infrastructure, part of the Postal Police, has mobilized resources to mitigate the impact of this event and investigate the origins of the attack. Experts confirm the method used was DDoS (Distributed Denial of Service), wherein hackers inundate website servers with countless false access requests. The intention is to overwhelm these systems, causing them to collapse and effectively preventing genuine users from accessing the site.
According to Il Corriere della Sera, the aim is to load the system to the point of failure. The chaos ensues when legitimate traffic is unable to flow normally, akin to cars jamming the entrance of a bridge.
Not only the Milan airports but also several other websites were targeted, including those of Siena Mobilità, Torino’s transport company GTT, and the Italian Ministry of Foreign Affairs. While GTT has since resumed operations online, the Ministry’s site remained down at the time of reporting. NoName057(16) has also been involved previously, targeting various infrastructures across Europe since its emergence on the digital scene over the last two years.
This attack marks yet another chapter in NoName057(16)'s campaign against perceived Western support for Ukraine amid the Russo-Ukrainian conflict. The group has consistently positioned itself at the forefront of hacktivism, openly declaring its actions and objectives on social media platforms.
Interestingly, the operational processes at both airports remained intact throughout the cyber onslaught. Airport officials assured the public of their operational resiliency, as the systems managing flight controls are isolated from the customer-facing interfaces. Passengers facing difficulties are only momentarily hindered from tracking their flight information.
Such cyberattacks raise larger questions about the security of digital frameworks supporting key infrastructures. With the Internet becoming both battleground and tool for geopolitical conflicts, entities and governments must bolster their defenses against relentless cyber threats from groups like NoName057(16).
Authorities continue their investigations, and the hope is to restore full access to the affected websites as swiftly as possible. Experts urge vigilance as incidents of this nature are becoming increasingly frequent and sophisticated, often exploiting infrastructural vulnerabilities unnoticed by the average user.
This incident highlights the need for heightened awareness and proactive measures to protect digital infrastructures, ensuring they can withstand such assaults without compromising their core functionalities.
On the back of this cyber attack, discussions are likely to arise about the effectiveness of Italy’s cybersecurity strategies and the necessity of improving defenses against similar threats looming ever closer to homes, businesses, and public services.
