Black Basta Team and double extortion ransomware attacks

Protect smartphones and tablets from cyber risks: the mobile security

 View all
CYBERSECURITY, CYBER THREAT INTELLIGENCE

Turin Polytechnic under attack: what you should know

A hacker attack has temporarily disabled Turin Polytechnic’s online services servers for a few hours. What did happen? Was it a severe violation? Let’s find it out together!

What did happen?

A series of cyberattacks hit the Turin Polytechnic authentication servers from several computers spread globally on the evening of 7th January 2021. The first intrusion attempt caused the halting of online authentication servers for about 15 minutes.

Hackers tried again at 10 am the following day targeting the Turin Polytechnic app system. They used a DDoS attack with the SYNFlood technique. At 10:50 am, intruders targeted the network gate of the app system. This time, the hackers manage to block all online services of the university.

The other two attacks happened at 11:35 am and 2:15 pm, but security managed to mitigate them in a short time. In particular, these two attempts caused minor delays. Let’s explore in detail this attack: there is indeed much confusion on the information you can find on the web. What did happen, really? First, our analysis should start from the attack type.

DDoS (Distributed Denial of Service) indicates that the attacks against the Turin Polytechnic originated from many different systems. They increased traffic towards its servers so that hackers could interfere and halt online services.

Now, the technique. SYNFlood is a type of attack of the DoS genre. It basically consists of sending SYN packages from the malicious agent to the server targeted. Once sent, they do not allow the connection between users and the server.

Therefore, multiple systems have flooded the Turin Polytechnic servers malicious packages not to allow users to connect with its servers. But why? Massive execution of SYN packages has overheated the servers with requests. Eventually, the server did crush. Thus, the authentication service halted.

Conclusion: attack to the Turin Polytechnic

To conclude, someone attacked the Turin Polytechnic. Should we worry about such an intrusion? DDoS and DoS attacks are usually harmless. Per se, they cause some minor disruptions, but nothing more. In brief, they make a lot of noise, but no severe damage. Sometimes, however, they are diversions.

They could dress up most severe intrusions and leaks such as data theft and destruction. Is that scenario unrealistic? Unfortunately, not. The Turin Polytechnic is one of the most prestigious and leading Italian universities. It has a world-class reputation and cutting-hedge expertise in science and technology.

Thus, it is a prominent academic center holding sensitive and secret information with economic value. However, we cannot exclude some students performing the attack as a bravado, possibly skipping an exam. In any case, a DDoS attack remains a security breach and should be treated as such.

Check more related articles on our blog.