Only a few years ago, in the collective imagination, hackers were seen as shady hooded figures behind a screen. Users, perhaps, did not perceive the real risks of the network precisely because this type of attack was relegated to military or multinational contexts. Today we know that this is not the case at all because cyber criminals are targeting not only large companies and government institutions but also personal bank accounts, social profiles and data storage clouds.
Second ExpressVPN’s article on the state of digital security in Italy the use of new technologies brings with it, in a physiological way, concrete and tangible threats. For experts, all this is called “cyber warfare”: a term that recalls war concepts, which fascinates and which, at the same time, makes governments all over the world tremble. International relations and activism are also played out online, with attacks, data theft and tampering with networks with the aim of creating chaos. This, in a nutshell, is the definition of cyber warfare.
“War” brings with it the intrinsic need to develop defense systems but, as we will see in our in-depth study, it is not only large government or multinational systems that are affected: most of the time the attacks aim directly at “civil”, causing enormous disruption on social platforms, e-Commerce, banks and even healthcare.
The case of phishing on Facebook
One of the most interesting cases of online cyber breaches is the one involving Meta, the giant behind Facebook. Since last spring, in fact, many users have risked (and still risk) clicking on dangerous links because they were pushed to act via worrying messages, received both via chat and directly on the bulletin board.
They are messages sent by pages that pass themselves off as Facebook assistance and which threaten to block or close profiles for phantom violations committed. The recurring request received by unfortunate people via tags or private messages is the following: the profile has committed a violation and will soon be blocked.
This is the lever on which phishing is based, which has alarmed thousands of users and which, in some cases, has even succeeded, causing enormous damage to the unfortunate victims. In fact, from the Facebook profile and the violated company pages, it is possible to trace the billing data of the advertisements and, therefore, also the payment cards.
In this case the only solution to protect users is awareness, disclosure and knowledge of the risks. Facebook, in fact, never contacts a user via private chat or tag and, therefore, any message that seems “official” can never come from these channels.
Attacks on ASLs
Local health authorities were also hit hard and, in this case, the effects were even more serious than the Facebook case. It recently happened to the Modena ASL, but the situation has also occurred elsewhere. In fact, in the last 18 months, the National Cybersecurity Agency has recorded as many as 40 hacker attacks aimed at Italian hospitals, confirming that the healthcare sector is one of the main targets of cybercriminals. The latest attack hit the Luigi Vanvitelli university hospital in Naples, involving the administrative systems, accounting and analysis laboratory activities. This episode adds to the one in May which affected the ASL 1 Avezzano-L’Aquila-Sulmona, also perpetrated with ransomware, which took weeks to restore to normality.
This is a thorny situation, supported by the recent push towards the digitalisation of healthcare in the country which, having occurred in very short times, has highlighted a series of vulnerabilities through which hackers have been able to penetrate.
Banks and current accounts in the sights of hackers
Phishing represents an increasingly important threat, even in the Italian financial sector, where banks and insurance companies have become the main targets. In fact, during 2021, a constant increase in phishing campaigns was observed, with an average of 10.5 new campaigns per day in February.
The most affected brands include major banking institutions such as Intesa Sanpaolo, UniCredit Banca and Poste Italiane, representing 28%, 19%, and 13% of the phishing campaigns analyzed respectively. The speed with which these campaigns are created and executed, with an average duration of less than 48 hours in 72% of cases, highlights the ongoing challenge in effectively countering such attacks.
Financial phishing mainly aims to steal sensitive credentials, such as customer codes, passwords or PINs, and One-Time Passwords (OTP) logins. This approach, combined with the use of live chat, indicates an increased complexity of fraud techniques and the need for constant updating of the security measures adopted by financial institutions.
The simplicity and effectiveness of phishing continues to challenge regulatory countermeasures and security initiatives, requiring an ongoing commitment to user education and the implementation of cutting-edge technological solutions.