For almost two years the IT infrastructure of Leonardo was targeted by a persistent cyberattack (known as Advanced Persistent Threat or APT), carried out with installation in systems, networks, and in the target machines, of a malicious code whose aim was the creation of active communication channels suitable to allow a slow and continuous leakage of technical and business data.
An investigation into a data theft has found that a hacker working inside the Italian defense group appeared to target details of Europe’s biggest unmanned fighter jet programme (nEUROn UCAV) and aircraft used by the military and police.
The inquiry, which is ongoing, was undertaken by Italian police’s cybercrime divisions in Rome and Naples and Naples prosecutors. It began in January 2017 when Leonardo told police of an abnormal outflow of data from some of its computers.
The perpetrators of the attacks were identified and arrested by Italian Police: the two individuals are a former employee and a manager of the company, who are accused of the crimes of unauthorized access to the computer system, unlawful interception of electronic communications and unlawful processing of personal data and misdirection.
The warrant does not say whether the hacker was acting independently or at the behest of others, or the goal of the alleged activity.
On Dec. 23, 2020, Reuters published an article based on the 108-page arrest warrant.
The judges leading the preliminary inquiry cites evidence that one of the computers which was hacked belonged to a Leonardo technician who worked on the electronic system of the nEUROn, an experimental unmanned military aircraft that was designed in 2012 under a European defense programme led by France.
Other computers belonged to Leonardo workers involved in the production of C27J military transport aircraft and ATR commercial and military turboprop planes used by Italy’s tax police and coastguard
Italian police said on Dec. 5 that at least 10 gigabytes of confidential data were stolen from Leonardo between 2015 and 2017 through malware installed on targeted machines.
The police also said on Dec. 5 they had arrested Arturo D’Elia and Antonio Rossi who had both worked at Leonardo, over their alleged role in hacking 94 computers, 33 of which were located at the group’s Pomigliano plant.