Cyber Security, Fastweb photographs the main developments in the Italian security landscape for the Clusit 2024 Report
This year too, Fastweb contributes to photographing the cyber crime situation in Italy by providing an analysis of the most relevant phenomena developed by its Security Operations Center (SOC) active 24 hours a day and by its IT security competence centres.
For the first time, 7Layers, a company acquired by Fastweb in 2020 and specialized in advanced cybersecurity solutions, also collaborated on the report.
The analysis included within the Clusit Report 2024, the report of the Italian Association for Information Security on ICT security highlights this year the consolidation of some trends observed in the past and the birth of new trends also deriving from the progressive integration of Artificial Intelligence within the techniques and tools of attack as well as defense.
From the analysis of Fastweb’s network infrastructure, made up of over 6.5 million public IP addresses on each of which hundreds of active devices and servers can communicate, over 56 million security events have been recorded, online, for the first time in years, with the 2022 figure.
If in 2023 the totality of security events detected remained stable, in terms of DDoS (Distributed Denial of Service) attacks, 2,300 significant events were recorded (+28% compared to 2022) and approximately 13,000 anomalies attributable to possible attacks on the network Fastweb with a marked increase of 32% and in contrast with the contraction in the previous two years of high impact attacks (over 100 Gbps of bandwidth used) demonstrating how the progressive increase in organizations’ defense capabilities pushes cyber criminals to develop increasingly serious and impactful attacks, while low impact anomalies decrease (-40%). The most affected sectors still remain the Finance/Insurance sector and Public Administration, which together account for over 55% of cases. The most significant increase is that of the Gambling sector, which grew from 2% in 2022 to almost 12% in 2023.
Missed Voicemail Phishing: the new frontier of cybercrime focuses on fake voice messages
L’impact of Artificial Intelligence and its growing pervasiveness both as an attack and defense tool represents a new frontier of cybersecurity that is already unfolding its effects.
In fact, AI has contributed to improving the ability to identify and collect information on the actors of cyber attacks also significantly increasing the effectiveness of the tools for recognizing malicious patterns contained in emails, with a reduction of up to 70% in the “false positive” events detected; at the same time, however, there is an increase in attacks that exploit AI to increase the effectiveness of attacks.
Malicious events linked to “credential phishing”, for example, which aim to persuade victims to reveal sensitive information through credible content and communications, in fact recorded an increase of 87%, while social engineering attacks which exploit AI and the human to generate, for example, fake audio messages to convince people to provide personal information or perform certain actions such as communicating their personal data, are up 13% compared to 2022.
In the face of these phenomena, even in 2023 there will be a constant increase in awareness of cyber risks by companies and public administrations in contrasting the attack strategies of cyber criminals, as demonstrated by a further reduction, equal to 8%, in the number of servers that expose critical services to the internet (38,000 in 2023) as well as the use of search and monitoring tools that have contributed to improving threat identification.
Compared to 2022, the decline (-3%) in the volume of malware and botnets and in the number of malicious software families (-29%) continues in 2023 as well as in the quantity of unknown malware and botnet families (-70% compared to 2022 ), also thanks to the greater effectiveness of the zeroday defense tools on the market.