In Montebelluna, Yarix fights web pirates: data theft to ask for a ransom is on the rise, institutions and companies in the crosshairs
TREVISO. Every day there are dozens of attacks by web pirates against which Yarix di Montebelluna, a company that offers IT security services (they are the “good hackers”, trivializing the concept) to private companies and public bodies must fight. The attack on the Lazio Region platform, which has sent vaccine bookings into a tailspin, has put the fragility of a system based on digital data storage at the center of attention. From the vaccination certificate to the Green pass, from the result of a swab to the results of an exam, all our sensitive data is “somewhere” on the web, exposed to attacks and threats.
You take risks every day
“There are dozens of compromise episodes a day, and groups active for such attacks, like the one we have seen in Lazio, are at least fifteen” explains Diego Marson, Chief Security Officer of Yarix, “it’s not a question of” whether it happens ”, but“ when ”. Companies must understand that no one is immune, from a small studio to a large company ».
Redemptions and blocked systems
In January, Yarix had intercepted the EMA data on the approval of the Pfizer vaccine put on the darkweb by hackers. Why do the “pirates” of the web do it? «There are“ destructive ”incidents such as that of the Lazio Region in which they act for economic reasons» replies Marson, «often they are groups that aim to find attractive victims and ask for a ransom. Each of their actions aims to have more “arrows” to ask for a ransom: delete backups, steal data by threatening the company to publish them. Often the attackers have been in the network for months. To unlock the data and the operation of the system they ask for a sum of money “, often bitcoin on accounts that are difficult to trace.
Business competition
In this case, the PCs of a company or an organization remain blocked until someone pays the ransom, or until the “good hackers” of Yarix solve the problem. The damage, as seen in the case of Lazio, risks being incalculable, both in economic and service terms. But the pirates also act with other purposes: «There are attackers who do not want to be recognized, and perhaps try to steal the know-how of a company, so they infiltrate the company’s network and have access to its confidential information. And often they are detected after a while, so they are more difficult to discover, they act in silence, taking everything you need and without anyone noticing “.
Who are the pirates
Do hackers act only for money (or commercial interests), or is there a risk that a “geek” No vax will blow up the booking sites of our Ulss? “No, the individual cannot do it, here we are talking about well-structured groups, which each affect a specific sector and type of company” continues Marson, “these groups are not at all” ethical “, they hit where it happens without worrying about the consequences on the population, and they try to act in the largest possible network ». These are real criminal gangs operating on an international scale, difficult to identify and to stop in time.
How to defend yourself
Sometimes the hacker attack starts from a simple email received from an employee: «A small lack of the end user is enough, sometimes emails are opened that contain the“ Trojan horse ”with which the attackers infiltrate the system» confirms Marson. “A little bit of IT awareness is missing, despite the campaigns and news we read. Then there is the big issue of system updates: it is not always easy to do them, they must be managed with a complex process. And you can’t protect what you don’t know: a company inventory of all the processes and systems that impact you is essential, and often missing. Finally, continuous monitoring would be needed. Attacks often occur when no one is there, perhaps on a Friday evening, it is necessary to continuously monitor with teams that work 24 hours a day to avoid discovering the problem on Mondays when the company PCs are turned on “.