Cyber Incident Victim: Ente Nazionale Aviazione Civile
Date:
Jul 2020
Location:
Italy
Summary
The Italian civil aviation authority experienced a cyberattack that temporarily disrupted access to certain internal systems, though no data theft occurred. The agency confirmed all information remained protected through backup systems and implemented necessary technical measures to restore full operational capabilities promptly. It reported the incident to national legal and cybersecurity authorities while clarifying that its systems only contained aggregated passenger traffic statistics for national airports, not personal traveler data.
| CIA Posture | Motives | Tactics, Techniques & Procedures |
|---|---|---|
| Available to members | 1 motive | 1 technique |
| Threat Actor | Type | Location |
|---|---|---|
| 1 actor | Available to members | Available to members |
Description
On July 10, 2020, the Italian National Civil Aviation Agency (ENAC) experienced a cyberattack that disrupted access to certain information within its systems. The attack compromised operational functionality, rendering specific data repositories temporarily inaccessible. ENAC confirmed no data exfiltration occurred during the incident, emphasizing that all system data remained safeguarded by backup protocols. The agency promptly initiated technical countermeasures to restore full operational capacity across its IT infrastructure, prioritizing minimal downtime. ENAC formally reported the incident to the Public Prosecutor's Office and the National Computer Crime Center for Critical Infrastructure Protection (CNAIPIC), fulfilling mandatory breach notification obligations.
The agency clarified that its systems did not store passenger personal data, handling only aggregated traffic statistics detailing passenger volumes transiting through national airports. This limited data scope reduced potential privacy risks despite the operational disruption. ENAC's public statement underscored the absence of compromised sensitive information while acknowledging sustained system availability challenges. Restoration efforts focused on validating backup integrity and reestablishing normal service levels without specifying downtime duration. No threat actor attribution or attack vector details were disclosed publicly. The incident concluded with systems fully reactivated following forensic analysis and remediation, though ENAC did not elaborate on residual impacts or long-term corrective actions beyond immediate technical restoration.