Over the last few days, the Port Network Authority’s IT systems have been targeted by a serious hacking attack by yet-to-be identified cyber criminals.
It was a distributed denial of service (DDoS) attack which attempts to flood the portal with false access requests.
The attack, which was detected internally with monitoring systems, was also reported to the Port Network Authority (PNA) by the Postal & Communications Police, as part of a cooperation agreement on this type of scenario.
For several days from last Friday onwards attacks from hundreds of servers worldwide had sustained traffic of over 10 million requests per hour, with peaks of 13 million per hour.
The Port Authority’s IT experts thwarted the attack with previously installed protection systems, and promptly adopted additional security configurations during the most substantial phase of the attack.
“It was necessary to continuously monitor the intensity and evolution of the attack,” said Paolo Scarpellini, Head of the PNA’s Digital Transition, Information Technology and Digital Port sector.
“In order to mitigate the distributed-denial-of-service attack, we had to adopt, and adapt, new countermeasures that would guarantee access to the site for normal traffic, while blocking or limiting potentially malicious traffic,” added Maurizio Tonelli and Andrea Biondi, from the PNA’s information systems dept.
The Port Network Authority’s Managing Director, Matteo Paroli, was satisfied: ‘The attacks on the institutional site lasted for many days, but were blocked by the properly configured protection systems. The severity of the attack is demonstrated by the fact that almost all the other PNA sites had prolonged blocks,’ he said.
“I am delighted with the countermeasures that our administration’s IT technicians have been able to deploy since last Friday. Even according to MIT’s crisis unit , we were effective and timely,” he added, pointing out that the number and gravity of DDoS attacks increased in 2022: “Investments in digitalization are now a cornerstone of the Procurement Code and require an increasing focus on cyber threat mitigation strategies. This incident teaches us that we must never let our guard down, as attacks are becoming more frequent and constantly evolving,” he concluded.
Translation by Giles Foster