More numerous, targeted and with greater impact: this is how the cyber attacks recorded worldwide by the experts of Clusit, the Italian Association for Information Security, change. By presenting a preview to the press of the 2021 report that will be discussed at the Security summit on March 15, the association has released a series of data and statistics deriving from a constant work of analysis of known incidents occurring around the world and according to which in the last severe attacks increased by 10% compared to the previous year, with a fifth of the attacks affecting Europe.
However, the fact that catches the eye is that cybercrime is confirmed as the motivation for 86% of cyber attacks, (+ 5% on 2020), according to an upward trend. Among the serious attacks in the public domain, 11% is attributable to Espionage activities and 2% to Information Warfare campaigns.
War
Tanks, missiles and planes but still no real devastating cyber attack
by Alessandro Longo
In short, cybercriminals have long understood that profits must be sought online and that the digitization of society has made it more fragile and more permeable to their incursions. This is why they aim at precise targets: in the first place there is thegovernment / military objective, with 15% of total attacks, up 3% over the previous year; follows the IT sector, affected in 14% of cases and stable compared to 2020; and the health care, which represents 13% of the total targets hit, up 2% compared to the previous twelve months. With a worrying and reiterated figure: 8% of the total attacks in 2021 were aimed at the education sector.
Russia-Ukraine
The alarm goes off: Italy will be hit by a cyber attack
by Arturo Di Corinto
Malware, and in particular the Ransomware which also devastated our country last year, are reconfirmed as the favorite tools of criminals to generate profits and represent, as in 2020, 41% of the techniques used while Phishing is the technique used in 10% of attacks, such as those with the Covid-19 theme. Then there are the growing attacks carried out by altering the supply chain of major organizations – remember the Solarwinds and Kaseya cases – which have had global repercussions.
On the other hand, the fact, confirmed by Clusit, that these malicious actors can count on the exploitation of known vulnerabilities, which are not resolved with the necessary speed, is serious. “The most worrying aspect is that, unlike the defenders, criminals today actively collaborate with each other”, comments Sofia Scozzari. “Identifiable criminal service cartels have now consolidated. We think that at this point we are dealing with real organized crime, which has understood how much cyber crimes can be profitable “.
The effects of the war
Does Russia want to break away from the Internet? Here’s what we know and what could happen
by Giuditta Mosca
In addition to the frequency, in the course of 2021 the severity index of the analyzed attacks increased sharply, acting as a significant multiplier of the damages, estimated for 2021 in the enormous figure of 6 trillion dollars (from one trillion dollars in 2020) .
“This is a dramatic growth, for a value already equal to 4 times the Italian GDP”, comments Andrea Zapparoli Manzoni, member of the Clusit Steering Committee. “It is no longer possible to postpone the adoption of effective countermeasures and the necessary investments. In our opinion, the resources allocated by the NRP will have to be managed with stringent governance from a cyber security perspective of all the planned digitization projects, finally enhancing the cyber skills of the country’s human resources “.
In the presentation press conference Gabriele Faggioli, president of Clusit and professor at the Politecnico di Milano, increased the dose: “Italy has not produced large companies in the technology sector, it does not have enough startups, all underfunded, and it is hard to invest, especially in the PA. The point is that it costs to defend oneself, and if there are not enough investments in security, it is because there is no money. It took the PNRR to start innovating again from hospitals and health facilities. And he adds-Italy has a weak entrepreneurial fabric, we thought that SMEs were the connective tissue, Italian excellence now risk being a brake on competition and the weak link of cybersecurity. We need to think big, at a national level, as in the case of the cloud, but it would be even more important to invest and do research at a European level “.
During the press conference, the topical topics were also touched upon. The report that looks to 2021 could not intercept the military tensions and the incursions into cyberspace by irregular armies and cyber activists, and yet according to Zapparoli Manzoni, cyberwar will not represent a real risk in the near future “Because no one is capable of winning and no one is capable to defend oneself, there is a balance of deterrence even in cyberspace. ”
Finally, on the alarms launched by the Italian government structures on the risks of punctual attacks on our country “it is difficult to see the results. Today’s attacks will take effect in weeks or months, everything else is superstealth (super-secret, ed.) and we will know it only at the end of the war between Russia and Ukraine “. Alessio Pennasilico, a member of the scientific committee of Clusit, also takes part on the topic, telling us “Regarding the alarm of March 6, it is normal for government structures to change the level of alert because they are the only ones who have access to certain information and it would be little wise not to follow their directions ”.
And speaking of Russia, Pennasilico commented on our question as to what position to take regarding the high presence of Russian antivirus software in Italian institutions: “it is difficult to think that the Russian government can ask a well-known company and esteemed as the one founded by Eugene Kaspersky of spying using his antivirus. Of course, everything is possible, but perhaps it is not convenient for the regime, at least at this moment, and assuming that the company can obey without obeying Putin’s orders. But in the end, a software that ‘reads’ your entire computer to defend it, has high access privileges to continually update itself, can be considered as a Trojan horse inside the house. But it is not a problem for individuals but for large organizations that manage essential services and critical infrastructures and are already working to solve it “.
