Faced with a dramatic increase in cyber attacks in Italy, Microsoft has decided to invest $ 1.5 billion in technologies and skills to help the country grow. And, as part of this strategy, called Ambition Italy #DigitalRestart, the Redmond company has inaugurated an anti-hacker center in Milan. Republic could see it in a remote presentation. The center is located inside the Microsoft Technology Center of the Microsoft House in Milan which during the pandemic has already involved about 500 companies in virtual learning activities. In this way Microsoft aims to raise awareness of large, small and medium-sized enterprises, Public Administration, on the danger posed by cyber threats and to promote knowledge of the tools to protect themselves and the value of Cloud computing in support resilience, word passpartout borrowed from psychology, which indicates the resilience after a shock. And the shock in this case are the cyber attacks, which according to the Cybersecurity & Data Protection Observatory of the Politecnico di Milano, have increased by 40% against Italian companies.
The Italian IT artisans who defend us from cybercriminal attacks
by Arthur of Corinth
More attacks, less investment. We are facing a scenario that, underlines Microsoft, has paradoxically seen the growth of the Cybersecurity market slow down: 19% of large companies have reduced the budget dedicated to IT security and only 40% have increased it. The data relating to SMEs are also in line, among which only 22% have foreseen investments in safety for 2021. But what dangers are we talking about? First of all those deriving from human error, from a distracted employee, or from a vindictive employee who open the doors to attackers, who take advantage of the weak points of companies increased due to the remoteization of the workforce outside the walls of the office. But we are also talking about the real cyberattacks organized by criminal gangs that now function as real legitimate companies, complete with customer care that boldly asks for a ransom to return to companies their own data put under the padlock with ransomware. Last year it happened to Luxottica, Geox, Campari and Carraro, but also to the Italian banks, subject to Distributed Denial of Service attacks with Ransomware (for this they call them RDDoS), to understand, a situation where extortionists threaten to take down home-banking sites if they don’t receive a payment in electronic currency within a short amount of time. But according to Microsoft data, credential theft and generic ransomware are depopulated, as well as phishing as the main attack vector, used in about 70% of cases, exploiting the areas of sensitivity of the moment, as shown by the rapid increase in phishing campaigns. Covid-19 theme.
Cybersecurity, the challenge is to make it accessible to everyone
by Jaime D’Alessandro
Gamification and artificial intelligence. The new Cybersecurity Experience Microsoft was therefore designed to allow companies and professionals to “experience firsthand the experience of a cyber attack, through an immersive, interactive and highly customizable demonstration based on the sector they belong to and the role of the interlocutor”. Organizations will be able to pretend criminal hacker in virtual simulations and at the same time test the outcome of threats. It is the approach known as gamification, that is, the transformation of difficult, boring and repetitive tasks into playful and competitive activities to visualize the basic concepts of cybersecurity and facilitate the learning of the best defense techniques. Part of this experiential path will also be activities of penetration test to generate methodologies that search for errors and vulnerabilities. The penetration tests are used to test in a simulated way the company’s IT defenses according to precise protocols with the help of the so-called sneaker hacker, the young hackers who go to work in tennis shoes, ie computer experts hired by the client to identify computer bugs and vulnerabilities in their software.
Second Michele Colajanni, professor of cybersecurity at the University of Bologna: “It is deserving that Microsoft is educating on a central theme of our digital society: information security. Let’s not forget that the real problem is the vulnerability of software. A company like Microsoft that is dealing with cybersecurity trying to improve software is a beautiful example for everyone. The problem is not so much the foolish or vengeful user, but the one who downloads a malware that attacks a vulnerability of the software itself unknown to the company. “
The Cybersecurity Experience will also explain the importance of Artificial Intelligence and Machine Learning with the aim of offering more and more “threat intelligence” capabilities (the collection and analysis of information on risks) to companies. Starting right from the fraudulent fishing of data. In this case, machine learning is used to preventively analyze millions of emails to train artificial intelligence to detect those common characteristics that distinguish harmful emails to recursively update the set of rules that allow them to be identified before opening them and doing damage.
.