A new emergency is opening up on IT securitythe multiplication of accidents thanks to the time distance from the attack: in fact, a cybercrime phenomenon can last for years. it detects thelast “Threat intelligence report” of the Exprivia Cybersecurity Observatory.
If 2021 had already been a year to forget for IT security in Italy, 2022 recorded a real negative record: for the first time since 2020, when the Exprivia Observatory on IT threats in Italy was born, the number of cyber incidents (i.e. successful attacks) has exceeded the number of attacks. This was made possible precisely by the growing lapse of time between the moment of the attack and the incident, as well as by the increasingly sophisticated techniques used by hackers and by the lack of awareness of the risks associated with the network on the part of businesses and citizens.
In 2022 cybercrime doubled
The new “Threat intelligence report” takes into consideration 118 open sources (sites of affected companies, public sites of national interest, online news agencies, blogs and social media) and, for 2022, registers 2,600 phenomena linked to cybercrime, of which 1.236 attacks, 1.261 accidents and 103 privacy violations; nearly double the number 1,356 of 2021 and more than quadrupled compared to 605 of 2020.
Strategies that are good for business and cyber security
Only in quarter October-December 2022 have occurred 547 events, with a progressive growth in the month of December (which alone has 257), thus becoming the third month of the year by number of phenomena after March and May.
Data is the first target
Among the types of damage detected in 2022, the data theft with the 70% of cases on the totality of the recorded phenomena; at a clear distance, but not to be underestimated, economic damage e service interruption (respectively 10% and 11% of the total).
Among the most used techniques, the phishing-social engineering con 1.133 cases of soliciting on the net or via e-mail towards inattentive or unaware users, almost double the number of 2021 when there were 627, thus representing 43% of the total cases in 2022.
The time factor
“With incidents overtaking attacks in 2022 we can confidently state that some of the incidents are the effect of hostile actions undertaken by hackers in the previous two years – comments Domenico Raguseo, Exprivia’s Cybersecurity director. “Considering an attack as an action that begins and ends over the course of a few minutes or a few days is, in fact, a big mistake. In many cases it is an undeclared war by an attacker who first studies his victim’s weaknesses and vulnerabilities, then decides when and how to deliver the final blow. Some attacks can last for years, and it is often difficult to trace an incident to a specific attack”.
The rise of cyberwarfare
In the report drawn up by the Apulian Ict Group – committed to promoting information security culture – the cybercrime the main motivation that leads hackers to perform malicious actions with is confirmed in 2022 over 2,000 phenomena, +73% compared to 2021. Starting from 2022, with the Russian-Ukrainian conflict, the cyberwarfare (cyber warfare) with ben 157 recorded phenomena; of particular importance thehacktivism (criminal activities in order to advance a political or social cause) increased by 139% compared to 2021.
The most affected sectors
The sector too Financewith important peaks throughout 2022 and, in particular, in the first half of the year, retains its primacy among the most affected sectors con 939 cases (36% of the total and more than double compared to 2021 when there were 428). According to Observatory experts, this number is linked to the fact that financial companies, banking institutions, cryptocurrency platforms, which manage large amounts of money, are an attractive target for attackers.
Sector follows Software/Hardware – among the preferred targets during the pandemic – con 343 cases, a slight decrease compared to last year when they were 388, while theIndustry is in third place with ben 280 phenomena, followed by Public administration (passes from 120 a 260 cases) e Retail (from 118 to 172) which are confirmed as among the most vulnerable sectors.
The Exprivia report notes a decrease in IoT devices exposed on the network in the last quarter of the year (-8%), while the index on the ratio between secure and non-secure devices, elaborated by the Observatory, highlights greater vulnerability in Southern Italy . For the first time, however, the relationship between analyzed digital services and identified vulnerabilities seems to see the whole national territory moving at the same speed.
@ALL RIGHTS RESERVED