MILAN – An investigation into a data theft at Leonardo has revealed that a hacker working within the Italian defense group appeared to be targeting details of Europe's largest unmanned aerial vehicle jet program and aircraft used by the military and police, according to an arrest warrant.
The ongoing investigation was conducted by the Italian cybercrime police departments in Rome and Naples and by prosecutors in Naples. It started in January 2017 when Leonardo told police about an abnormal data outflow from some of his computers.
Details of the parts of Leonardo's company that the hacker was allegedly targeted have not previously been reported.
The warrant does not say whether the hacker acted independently or on behalf of others, or the purpose of the alleged activity.
In the 108-page warrant seen by Reuters, the judge who led the preliminary investigation cites evidence that one of the computers that was hacked belonged to a Leonardo engineer working on the nEUROn's electronic system, an experimental unmanned military aircraft designed in 2012 as part of a European defense program led by France.
Other computers belonged to Leonardo employees involved in the production of C27J military transport aircraft and ATR commercial and military turboprop aircraft used by the Italian tax police and coastguard, the November document dated.
When asked about the details in the court document, Leonardo reiterated that secret strategic information was not kept on the computers that were compromised. Leonardo does not store top-secret military data at the group's factory in Pomigliano d & # 39; Arco, near Naples.
Leonardo said on December 5 that it was the aggrieved party and that it had first reported the hacking, adding that it would continue to cooperate fully with the police.
Data security is critical to the reputation of Leonardo, which not only provides its own cyber security services, but is also involved in several European defense programs for the production of military aircraft and equipment, defense industry analysts say.
Italian police said on December 5 that between 2015 and 2017, at least 10 gigabytes of Leonardo 's confidential data was stolen via malware installed on targeted machines.
Police also said on December 5 they arrested Arturo D’Elia and Antonio Rossi, both of whom worked at Leonardo, for their alleged role in hacking into 94 computers, 33 of which were located in the group's Pomigliano factory.
D’Elia is accused of installing malware on computers to steal the data, while Rossi is accused of trying to get the subsequent investigation off the track.
In the pre-trial arrest warrant against the two men, the judge identified several possible reasons for the hacking.
These include "the use of data for industrial and commercial purposes, blackmail and military espionage activities or simply the intention to damage the company's image by demonstrating … its organizational and IT vulnerability."
D & # 39; Elijah had no "intention to spy," his attorney, Nicola Naponiello, told Reuters, adding that the hack was "to show off his skills" and that D & # 39; Elijah would working with the police to have them inspect his hard drives and laptops.
A lawyer for Rossi said he had nothing to do with D’Elia, adding that his client, who is currently under house arrest, had not destroyed or destroyed any evidence of the crime.
The Italian court on Friday dismissed appeals by lawyers for D’Elia and Rossi against their arrests. The two men have not been charged.
The investigation was complicated because the two men had covered up their actions, the document said.
D’Elia, who at the time of the alleged crime was a consultant for a small IT company called Open eSSe, was sent to Pomigliano in late 2017 as an & # 39; incident handler & # 39; to assist the police while working with Leonardo's cybersecurity team.
This gave D’Elia the opportunity "to directly modify and conceal the evidence and traces of the crimes he committed on the affected computers," the arrest warrant said.
Open eSSe did not immediately respond to an email from Reuters asking for comment.
Rossi, who served as Leonardo's Cyber Emergency Readiness Team chief, is said to have covered up the crime by not reporting the actual amount and importance of the stolen data. He is also accused of reformatting a computer with evidence and data from the cyber attack.
(Reporting by Francesca Landini; editing by Alexander Smith)
The most important insurance news, delivered to your inbox every working day.
Receive the trusted newsletter from the insurance industry