Cyber Incident Victim: Corte Costituzionale

On March 25, 2023, the pro-Russian hacktivist group NoName057(16) executed distributed denial-of-service (DDoS) attacks against multiple Italian government digital infrastructures, including the Constitutional Court of Italy's portal and the website of Italy's Transport Regulation Authority (ART). The group publicly claimed responsibility through their Telegram channel, sharing Check-Host.net validation links demonstrating successful disruption of the targets. Attackers employed "slow HTTP attack" techniques to overwhelm servers by deliberately prolonging incomplete HTTP requests, exhausting system resources and rendering services inaccessible to legitimate users. The Transport Authority portal reportedly became accessible only from Italian IP addresses following the assault. This incident formed part of a sustained campaign against Italian institutions, with the Carabinieri police force website allegedly compromised three separate times in preceding months according to the attackers' claims.

NoName057(16), operational since March 2022, conducts hacktivist operations supporting Russian geopolitical interests, frequently targeting nations opposing Russia's invasion of Ukraine. The group specializes in DDoS attacks against government agencies, media outlets, and private sector websites across Europe and North America. While the attacks caused temporary service disruptions impacting availability, the Constitutional Court and Transport Authority systems resumed normal functionality post-attack with no evidence of data compromise or persistent system damage. The incident highlighted vulnerabilities in Italy's cyber defenses, with cybersecurity analysts noting enterprise-grade mitigation solutions like Cloudflare or Akamai could potentially neutralize such attacks despite their implementation costs. Italian authorities did not publicly disclose technical response measures or attribution investigations in immediate aftermath reports.