The numbers of cyber attacks in Italy
Csirt Italia, the Computer emergency response team, dealt with 1,094 cyber events last year, for an average of about 90 per month. The peak was in February 2022 (118). Of these, 126 had impact confirmed by the victim, for an average of 10.5 accidents per month. In terms of communications received, however, they have been recorded 81 reports deriving from legal obligations (and, starting this year, it also becomes mandatory to notify incidents that impact networks, systems and information services that are not directly conferred under the Cyber National Security Perimeter).
Industry 4.0, here’s how to access Nuova Sabatini funds
From the analysis and subsequent classification of the 1,094 cyber events – explain the editors of the report – it was possible to identify theand most common types: spreading of malware via email (517), brand abuse (204), phishing (203), ransomware (130), exploitation of vulnerabilities (126), information disclosure (103), exploitation of web server vulnerabilities (87), scans (74), data exposure (67), intrusion attempts using credentials (64), Ddos (44), smishing (41).
During 2022, the National Cybersecurity Agency managed 160 cyber attacks on national public institutions. Of these, 57 had an impact confirmed by the affected subjects, “sometimes causing system malfunctions and consequent delays in the provision of services”, reads the Report. Among the various types of events, it emerges that ransomware is the most exploited activity to carry out attacks against public institutions, followed by DDoS-type attacks and system infection with other types of malware. In particular, while central administrations of the state have been mainly affected by DDoS, the health sector, municipalities and regions are mainly targeted by ransomware.
Pnrr recruitment and tenders are coming soon
The Acn also reported 129 projects of funded cybersecurity, 67 measures taken for the reliability of digital infrastructures and information on the 5 international missions, 19 bilateral meetings and 27 sessions of the Cyber Security Unit. “An extended set of activities carried out during the structuring of the Agency with the personnel available in a complex period characterized by international tensions that have also spilled over into the cyberspace”, reads the report.
Not by chance, new personnel units will be added soon to the staff of the 180 currently in the Agency, for reach 300 people by the end of the yearFrattasi announced.
The director general also indicated that the ACN will soon publish “the road map of Research and innovation plan created in collaboration with the Ministry of University and Research. We are preparing to fire new tenders aimed at the use of Pnrr resources having already reached all the stages foreseen in the time schedule”.
All activities of the Acn
2022, again reports the Acn, saw the maturation of the Agency, born by decree in the second half of 2021, and that the need to secure the country led to operate while structuring itself internally, up to giving in the light there National Cybersecurity Strategy 2022-2026 and the related Implementation Plan. The guidance document consists of 82 measures, aimed at supporting the cyber strengthening of the country system to face the challenges of the digital world with respect to the three fundamental objectives of protection, answer e digital development of Italy.
The agency also operated to protect national interests in the field of cybersecurityin a constant dialogue with the administrations that make up the national architecture, encouraging the creation of an inter-institutional collaboration network and promoting a continuous dialogue with the private sector, new entrepreneurship, the world of academia and research. All this while working alongside similar European organisationsinternational partners and like-minded countries, to promote information exchange and cooperation, both at a strategic and technical level, to face the complexity of the cyber threat landscape.
It is the latter in particular that deals with Csirt Italy, il Computer emergency response team.
In 2022 Acn also managed 6 chords which led to the launch of initiatives aimed at strengthening 129 projects aimed at 51 public administrations, of which 16 central and 35 local.
The measures on the levels of quality and security of the cloud
In 2022 the Acn realized 67 measures to determine the minimum levels of securityprocessing capacity, energy saving and reliability of digital infrastructure and ensure the characteristics of qualitysecurity, performance and scalability, interoperability, portability of cloud services.
Acn has also launched the Cyber Innovation Networka network of collaborations for the development of joint programs in the cybersecurity sector.
The international projection of the Agency has implied international meetings and collaboration. In 2022, the Agency carried out 5 international summit missions (Brussels, twice in the United States, Israel, Canada), 19 bilateral meetings with representatives of foreign cybersecurity authorities or government representatives and 4 meetings with representatives of intergovernmental organizations.
He also attended 27 meetings of the Cybersecurity Unit (NCS), which is the primary headquarters for inter-ministerial coordination, at a technical-operational level, on cybersecurity and national resilience in the cyberspace.