The attack on Eni, the attack on the Energy Services Operator, the attack on the Ministry of Ecological Transition: if three clues prove it, we can say without fear of being proven wrong that Italy is under attack. Or, rather, it is the target of a series of cyber attacks that have hit the heart of its critical infrastructures for months. Remember the attack on the State Railways? And those to hospitals, to Usl, to regional agencies such as ARPAC?
IT security
Baldoni, Cyber Agency: “Draghi asked us for rigor and speed to make Italy safe”
by Arturo Di Corinto
But the parties do not deal with it. To read the programs deposited by the political forces the word security appears many and many times, rarely together with the word computer. Yet, in a digital and hyper-connected world, it is precisely to computers that we entrust the certainty of providing essential services such as gas, electricity, healthcare and transport. The security of those computers should be a policy priority.
Cybersecurity is not mentioned in the program of the Democratic Party, the Cinquestelle, the Green-Left alliance; it appears in a line in the Center-right program relating to the “Strengthening of cyber-security measures and systems”; peeps out in that of Calenda (Action) under the Innovation, digital and space economy chapter, which says that “the Armed Forces must increase investments in the continuous training of specialized bodies in cybersecurity” and when it says that the National Cybersecurity Agency should “Collaborate with companies and not control them”; another small feedback comes from the + Europe program, but nothing more.
The case
Cybersecurity, when the best defense is attack
by Arturo Di Corinto
Politicians are infatuated with social networks and mobile phones, where cybersecurity problems have often risen to the headlines for the theft of 533 million phone numbers of Facebook subscribers, the replacement of the identities of Obama, Gates, Musk, Zuckerberg, Trump , on Twitter and so on. But if we do not protect the data that passes through it and that defines us as voters, workers and consumers, we will be exposed to an uncontrollable power, that of criminal or commercial surveillance.
Cybersecurity e economia
Cybersecurity is not just an industrial sector in its own right – in Italy there are at least 3,000 IT security companies – but it is a cross-cutting theme for all innovative production activities, it is the basis for the automation of entire product sectors, and is fundamental in the research and social day.
Many reports in recent months have made us understand that presiding over cyberspace and the activities we carry out online is essential for both democracy and the economy.
The Italian association of cybersecurity experts, Clusit, estimated that attacks on Europe increased by 20% last year and that the cost of damage caused by cybercrime globally has surpassed $ 6 trillion. . The ransomware gangs that attacked Italy have hit large and small businesses in logistics, transport and agribusiness. Many have had to go out of business.
And the echo of the attacks on the Lazio Region and the Sardinia Region has not yet died out, but even earlier on ERG, Enel, Impregilo, Acquazzurra, San Carlo, industrial realities that produce wealth and employ thousands of employees: in some cases they had to stop production and send workers home as in the case of Luxottica. It is not always clear who did it, but what is certain is that cybercriminals go where there are profits to be made while military hackers seek information to exfiltrate. Sometimes the two categories overlap.
The Russian track of virtual warfare
Of course, in the IT world, the attribution of responsibility is always the hardest thing to achieve, but whether it is criminal groups with imaginative names such as Alphum / Black Cat, Hive, Everest, Lockbit or Conti, support for their actions could come precisely. from those state structures that some countries, such as the Kremlin, exploit for digital guerrilla warfare. Microsoft had warned us in time and the National Cybersecurity Agency has issued bulletins and drumbeats in recent months, just as satellite systems and wind turbines were hit in France and Germany. If it is not an open cyberwarfare, we are close to it.
If it is true that as in detective novels in the end the killer is the butler, several leads lead to Russia. But let’s say that it is a simple organized crime that steals data and tries to resell it to the highest bidder, who is interested in knowing what are the directions and strategies of an Italy that has to rethink its energy positioning? And who has enough money to pay for this information? Do they just want a ransom?
These are all questions to which analysts sometimes have an answer and sometimes not, for sure it is not politics that manages to make the right ones since in cybersecurity electoral programs there is no trace or thought. Yet without cyber security, no technological or social innovation is possible.
Let’s think about it. What could happen with a new pandemic surge? We would be forced to start over with Dad, videoconferencing and smart working. To reduce energy consumption there are already rumors of a return to remote work and to move many economic activities online. Will we be caught unprepared once again?
According to Trend Micro 80% of Italian companies believe they are exposed to ransomware, phishing and IoT (Internet of Things) attacks and reveal that many organizations are struggling with manual approaches to attack surface mapping.
Check Point Software has just discovered an active cryptomining campaign that reproduces “Google Translate Desktop” and other free software with the aim of infecting PCs. Attackers can easily choose to alter the malware, transforming it from cryptominer to ransomware or banking trojan.
Even before the war Kaspersky ICS CERT it had detected a wave of targeted attacks on military-industrial companies and public institutions in several Eastern European countries for the purpose of industrial espionage.
They also tried with Mbda Missile Systems, a Franco-Italian-English company, which produces weapons for NATO allies, a month ago, but “only” managing to penetrate an employee’s external hard drive, they did it with Thales group, and other companies in the military industrial sector and critical infrastructures such as Hitrack engineering or Sogin itself which deals with the management of radioactive waste.
Aren’t these facts enough to put cybersecurity at the center of the political agenda?