Italy has ended spyware contract with Paragon, parliamentary document shows
Paragon did not immediately respond to a Reuters request for comment.
Meta's WhatsApp chat service said earlier this year Paragon spyware had targeted scores of users, including a journalist and members of the Mediterranea migrant sea rescue charity critical of Prime Minister Giorgia Meloni.
The government said in February that seven mobile phone users in Italy had been targeted by the spyware. Rome denied any involvement in illicit activities and said it had asked the National Cybersecurity Agency to look into the affair.
A newly published report from the parliamentary committee on security, COPASIR, showed that Italian intelligence services had initially put on hold and then ended their contract with Paragon following the media outcry.
The report said Italy's domestic and foreign intelligence agencies had activated contracts with Paragon in 2023 and 2024 respectively and used it on a very limited number of people, with permission from a prosecutor.
The foreign intelligence agency used the spyware to search for fugitives, counter illegal immigration, alleged terrorism, organised crime, fuel smuggling and counter-espionage and internal security activities, COPASIR said.
It said members of the Mediterranea charity were spied on "not as human rights activists, but in reference to their activities potentially related to irregular immigration", with permission from the government.
Undersecretary Alfredo Mantovano, Meloni's point man on intelligence matters, authorised the use of Paragon spyware on Mediterranea activists Luca Casarini and Beppe Caccia on September 5, 2024, the report said.
Mantovano was not immediately available for comment.
A Sicilian judge last month ordered six members of Mediterranea, including Casarini and Caccia, to stand trial on accusations of aiding illegal immigration, the first time crew members of a rescue vessel have faced such prosecution. All denied wrongdoing.
The report found no evidence that Francesco Cancellato, a reported target and editor of investigative website Fanpage, had been put under surveillance using Paragon's spyware, as he had alleged to Reuters and other media outlets.
Try Our AI Features
Explore what Daily8 AI can do for you:
Comments
No comments yet...
Related Articles
The Independent
21 minutes ago
- The Independent
Poll of the day: Should England's Euro 2025 win be marked with a bank holiday?
The Lionesses' dramatic penalty shootout victory over Spain in the Euro 2025 final has sparked nationwide celebrations – and renewed calls for a bank holiday to celebrate the historic win. Prime Minister Sir Keir Starmer made a surprise appearance at the stadium in Basel alongside his wife Victoria, describing the Lionesses as 'history makers' after watching them defend their European title. Their victory has been hailed not just as a footballing triumph but also as a cultural milestone in the ongoing fight for equality and recognition in sport. Sir Keir previously backed calls for a 'proper day of celebration' when England reached the Euro 2022 final, saying the team's success should be honoured with a nationwide event to promote women's and girls' participation in football. Now, many are asking whether this latest win should spark the same conversation. The FA confirmed there will be an open-top bus parade along the Mall before the ceremony at the Queen Victoria Memorial. However, an official bank holiday has not been announced. So – should the Lionesses' Euro 2025 win be marked with a bank holiday, or are there better ways to honour their legacy? Vote in our poll and tell us what you think in the comments below.
Reuters
22 minutes ago
- Reuters
Russia's Aeroflot suffers IT failure, hackers claim responsibility
MOSCOW, July 28 (Reuters) - Russian airline Aeroflot ( opens new tab cancelled dozens of flights on Monday after what it called a failure in its information systems, and a shadowy hacking group claimed responsibility for what it said was a crippling cyberattack. The national carrier did not provide further details about the cause of the problem or how long it would take to resolve. A statement purporting to be from a hacking group called Silent Crow said it had carried out the operation together with a Belarusian group called Cyberpartisans BY, and linked it to the war in Ukraine. "Glory to Ukraine! Long live Belarus!" said the statement, whose authenticity Reuters could not immediately verify. Silent Crow previously claimed responsibility for an attack on a Russian real estate database in January. Aeroflot said it had cancelled more than 40 flights after reporting a failure in its information systems. Since Russia launched the war in Ukraine in February 2022, travellers in Russia have become accustomed to flight disruptions. However, those delays have usually been caused by temporary airport closures after drone attacks. Aeroflot said "specialists are currently working to minimize the impact on the flight schedule and to restore normal service operations". On Telegram, it listed more than 40 cancelled flights to destinations across Russia, as well as to the Belarusian capital Minsk and the Armenian capital Yerevan. Aeroflot urged passengers whose flights from Moscow's Sheremetyevo airport had been cancelled to retrieve their checked-in luggage and leave. News outlet Baza reported scenes of chaos at the airport, with logjams forming as passengers queued just to get out. The statement in the name of Silent Crow said the cyberattack was the fruit of a year-long operation which had deeply penetrated Aeroflot's network, destroyed 7,000 servers and gained control over the personal computers of employers including senior managers. It did not provide evidence of those claims. It threatened to shortly start releasing "the personal data of all Russians who have ever flown Aeroflot". Aeroflot, which despite sanctions imposed on Russia for its war in Ukraine that have drastically limited travel and routes, remains among the top 20 airlines worldwide by passenger numbers. In 2024, passenger traffic of the Aeroflot Group reached 55.3 million passengers, according to the airline's website.
Telegraph
22 minutes ago
- Telegraph
Chinese hackers have seized control. How did we let this happen?
A civilisation that cannot defend itself really should not expect to survive, and after the latest cybersecurity news, I wonder how it can. An official advisory was recently sent out to the US military, warning that all forces must now assume their networks have been breached. The enemy is inside the house. What it means is that no system connected to the internet can be defended. Our own national cybersecurity agency asked UK businesses to make this presumption in 2020. The reason this hasn't been bigger news is that we've become fatalistic and weary, as one cybersecurity attack follows another. So when we discovered in early July that Chinese hackers had gained control of Microsoft servers at hundreds of US government agencies – including the US nuclear weapons agency – it was just another hacking story. What made this one noteworthy was that there wasn't immediately a fix or a patch, Microsoft admitted last Tuesday. Incredibly, confirmation of the US military's 'assume breach' alert had to be dragged out of the Department of Defense via Freedom of Information Act requests by a campaigning non-profit called Property of the People. These developments are the latest stage in an ongoing state-sponsored Chinese campaign, in which hacking has evolved from widespread commercial espionage a decade ago into something far more threatening. The latest phases, Salt Typhoon and now Volt Typhoon, are meticulous and sophisticated. They target not just government agencies like the National Guard, and China-critical MPs like Sir Iain Duncan Smith, but also private sector companies in the energy, telecoms, transport and water sectors. Ciaran Martin, former head of NCSC, the cybersecurity centre based at GCHQ, says that China's capabilities have been transformed. 'Now think of dozens or even hundreds of [individual] hacks at the same time – 'everything, everywhere, all at once' in the words of Jen Easterly, recently departed head of the US Cybersecurity and Infrastructure Security Agency.' Software attacks on our computer systems can create unique damage in ways that conventional warfare cannot. Let's consider two. While aerial bombing can produce spectacular instant results, targets can be disassembled prior to attack, and can be quickly rebuilt after the attack. Both happened with the recent attack on Iraq's nuclear facilities. But recovering from cyber attacks is much harder. Ask the British Library, which has still not restored all of its services. 'Printed catalogues and handlists are available in our Reading Rooms', it still advises visitors to its website. The attack took place in October 2023. A second way in which cyber attacks now present a unique challenge is the ability of Chinese hackers to 'live off the land' after they break through. Rather like special forces embedded behind enemy lines, hackers conceal themselves undetected for months or years. To the guardians of the network, they are just another innocent user. 'Both Salt and Volt Typhoon were in play for years before being detected,' writes Martin. 'And they are strategic compromises of the West on a scale hitherto unseen by any other cyber power.' Not only do we not know when the attack is over, we don't even know when it has begun. How did this happen? If I haven't depressed you enough, this is where it gets particularly troubling. Cybersecurity is a gnarly failure of accountability and regulation that spans decades of indifference, and implicates business complacency and government apathy. The internet protocols (IP) we use today are completely rotten. The great and the good of the IT and telecommunications industries spent the entire 1980s in international committees devising complex secure networking protocols, only to be met with mistrust and specifications no one really wanted. Fed up with waiting, we adopted today's protocols, which were cheap and simple to implement, but not secure. Now, the international standards bodies that might devise a successor to IP are dominated by China. When they fail, suppliers can hide behind licensing agreements and expensive lawyers. No one goes to prison for bad security design. Their customers – us – are guilty of negligence too. Salt Typhoon took advantage of a bug in Cisco routers that users had not bothered to fix for seven years. As a society, we rush to implement technologies without thinking too hard about externalities. Generative artificial intelligence (AI) opens up lots of new holes, and also lowers the bar so that even the technically unskilled can plant hacks. All in all, then, this may not seem a good time to force Britons to use a new government identity service. Especially when you know that 'red team' penetration testing proved in March that this could be penetrated by hostile foreign agents without them being detected. This is what Baroness Neville Jones calls 'a piece of critical infrastructure'. Chinese agents may already be 'living off the land' inside the One Login system, on which your government wallet has been built, and soon perhaps, your digital ID. But don't expect Peter Kyle, the Science and Technology Minister, to put the brakes on the One Login project when he's its biggest fan. To survive and prosper, we need serious and technically aware people in his position, who listen to the security professionals. Kyle appeared on Newsnight last week wearing jeans and a T-shirt and trainers, all of which were intended to signal to viewers his youthful love of digital technology. He is 54.
