Two arrested over defence data theft from Italian aerospace giant Leonardo

More than 100,000 files containing details of military aircraft taken

FILE PHOTO: Leonardo's AWHero is seen at the headquarters in Vergiate, near Milan, Italy January 30, 2018. REUTERS/Massimo Pinca/File Photo

Two people have been arrested after a two-year cyber hack at global aerospace giant Leonardo. REUTERS/Massimo Pinca/File Photo

Nicky Harley author image
Nicky Harley
Dec 05, 2020
Powered by automated translation

Two people have been arrested for allegedly stealing defence data from the Italian aerospace and electronics group Leonardo.

In the cyber attacks more than 100,000 files were lifted, including information on components of civilian and military aircraft.

Italy's interior ministry announced the arrests on Saturday following a prolonged investigation.

The company. which is the world's eighth largest defence contractor, develops naval electronics, network and protection systems, electronic warfare and global communications.

Along with European partners, Leonardo is involved in the MBDA group that makes several kinds of missiles.

"At the end of a complex investigation by the Naples prosecutor into a serious computer attack against Leonardo, a former worker and a company director were arrested," a ministry statement said.

A programme inserted into dozens of work computers via a USB stick at the company's plant in Pomigliano d'Arco, near Naples, allowed hackers to harvest data on projects, including strategic ones, over a two-year period.

The attack was uncovered by a computer crime unit at the prosecutor's office, which issued arrest warrants for illegal access to a computer system, interception of IT communications and illegal use of personal data.

Read More
Walid Abdulrahman Abu Zayed has been extradited to France over his links to a 1982 attack in Paris that killed six people. AFP / NTB / Terje Bendiksby
Paris attack suspect to appear in court four decades later
Germany calls for new and broader nuclear deal with Iran

The head of Leonardo's anti-hacking unit was also arrested for obstructing the investigation and providing false information on the nature of the attacks and their effects.

Investigators said that from May 2015 until January 2017, the group's IT system was targeted by an "advanced persistent threat" led by a worker tasked with keeping the computers secure.

They did not provide extensive details on which systems had been hacked

In January 2017, Leonardo officials uncovered abnormal data traffic from work stations that was generated by so-called malware dubbed "cftmon.exe".

Hackers were able to intercept messages that were typed into the computers and capture images from their screens.

Some of the work stations were used to create strategic products and services for Italy's defence.

A total of 94 computers were compromised, including 48 that belonged to companies working in the aerospace sector.

No less than 10 gigabytes of data, equivalent to around 100,000 files, were lifted from the plant in Pomigliano d'Arco.

Europe
Editor's picks
More from the national