It is called LockTheSystem and is one of the latest ransomware, pirated programs that make the data on computers and servers of victims inaccessible, who will have to pay a ransom to get them back, which is hitting Italian companies and users. Against threats of this type, government structures and software multinationals are deployed. In Milan, at the headquarters of the Italian branch of Microsoft, the Cybersecurity experience was created, an experiential area of āāthe Technology center dedicated to IT security. A space available to companies of all sizes and professionals who can discover step by step the phases of the cyberattack and the consequent defense moves. An initiative that is part of the five-year Ambition Italy #DigitalRestart plan in which the US multinational is investing 1.5 billion dollars over a five-year period.
According to data from the Cybersecurity & Data Protection Observatory of the Politecnico di Milano, in 2020 40% of companies witnessed an increase in cyber attacks. In the last year, moreover, the terms of the pandemic such as Covid, masks, vaccine and those of e-commerce, delivery, package, return and bank transfer are the most exploited passepartout by pirates to trap employees.
Loading…
“Microsoft supports on the security front over 400 thousand client companies in 120 countries, ranging from SMEs to large companies, with 90 Fortune 100 organizations using at least 4 Microsoft security, compliance, identity and management solutions – recalls Carlo Mauceli National digital officer of the Italian branch -. Through our platforms and services, over 8 trillion security signals are analyzed every day and in 2020 about 6 billion malware threats have been blocked by Microsoft Defender Ā».
Prevention and culture are the two fronts in the fight against web pirates and the Cybersecurity experience in Milan allows you to discover the dynamics of digital theft. Ā«In this room, demonstrations are set up in which customers immerse themselves in the climate of attack and cyber defense – explains Andrea Cardillo, Microsoft Technology center director -. In this way it is also possible to grasp the role of the human factor, the distraction of the staff, a determining factor that favors the attacker Ā». With the help of a particular solution created by an Israeli company partner of Microsoft it is possible to understand how attackable the target company is. This program scans systems for flaws. In a demo environment then we witness the clash between the “red team” against the “blue” in an invisible digital battle. Times have accelerated but the simulation phases allow us to realize the phases that follow one another to take possession of company data. The reds attack in search of flaws in the procedures and once the subjects in the crosshairs have been identified, personal profiles are reconstructed by drawing on information on social media. The first objective is to steal personal identity and then outline the network of knowledge of the target group of employees, both in terms of hierarchical position and type of function and activity performed. Then we proceed with the real intrusion attempts. In these penetration tests, the pirates work in search of the weak point and at the same time prepare the emails as targeted as possible with the malware. The messages reach all the staff and in the quantity there will be some one who falls into the trap and opens the email with the trojan horse document that will allow the malware to enter the company. It can be a fake commercial offer, an innocent or sexy photo inside which a malicious micro-program is hidden which, once opened, with the usual double click, settles on the computer. A dark presence that remains silent and invisible for months, on average 6-8 according to Microsoft experts. Sufficient time to discover the corporate network and compromise systems and data. You can block operations, steal business information or seize it and then ask for ransom. For companies, the defense can come from conditional and geo-localized access systems, training and countermeasures that are automatically triggered with the blocking of users, the quarantine of the computer and the report to the Postal Police.