Cyber Incident Victim: Regione Campania
Date:
Sep 2023
Location:
Italy
Summary
A cyber attack targeting the regional IT system was successfully repelled due to prior defensive preparations, including the implementation of a mirrored backup system hosted at Salerno University to protect against data loss. The incident highlighted vulnerabilities in digital infrastructure and prompted calls for enhanced national cybersecurity measures, including comprehensive risk assessments, improved technical competencies, and standardized security certifications to address evolving threats from sophisticated threat actors. Discussions emphasized the importance of collective awareness to strengthen cyber resilience, particularly for vulnerable groups at higher risk of digital exclusion.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actors | Type | Location |
|---|---|---|
| 0 actors | Available to members | Available to members |
Description
Throughout the weekend of September 9-10, 2023, the IT system of Italy's Campania regional government experienced a cybersecurity incident. The regional president, Vincenzo De Luca, publicly disclosed the attack during his speech at the 109th congress of the Italian Physics Society at the University of Salerno on September 10. De Luca characterized the incident as a managed event, stating the regional government had successfully repelled the intrusion due to prior preparedness measures. No operational disruptions or data losses were reported in his account. The president emphasized this incident reinforced their proactive security strategy, specifically mentioning their initiative to create a mirrored "twin" IT infrastructure at the University of Salerno's campus. This parallel system, under active construction at the time of the attack, was explicitly designed to ensure continuity of operations and prevent permanent data destruction or knowledge loss during cyber incidents.
The attack immediately sparked broader discussions about national infrastructure vulnerabilities. Gerardo Costabile, head of the Italian Digital Forensics Association and CEO of security firm DeepCyber, asserted the incident demonstrated critical weaknesses in Italy's digital networks. He called for comprehensive nationwide cybersecurity assessments to generate an objective "health map" of critical systems, potentially segmented by geographical regions. Costabile advocated for accelerated workforce development, stressing urgent needs to cultivate specialized cybersecurity personnel capable of countering sophisticated threat actors targeting governmental and corporate systems alike. His recommendations emphasized standardized security certifications and expanded public awareness initiatives targeting socioeconomically vulnerable populations disproportionately affected by both cyber risks and digital access disparities. Although the regional government reported successful containment, the event amplified existing concerns about systemic resilience within Italy's expanding digital infrastructure landscape.