Italy is in the sights of the cyber attackswith increasingly refined techniques, also thanks to the use ofartificial intelligence. Last year, the growth of serious cyber attacks, i.e. those with a wide-ranging impact on every aspect of society, politics, economy and geopolitics, proved to be greater than in the rest of the world. Numbers in hand, it is +65% compared to 2022, in Italy, compared to +12% worldwide. 11% of the attacks launched throughout the world, for a total of 310 incidents, were aimed at, and successful in, our country. In 2022 the figure stood at 7.6%. Over half of the attacks (56%) resulted in critical or high severity effects. Not only. He saw how Italy is the victim almost one attack in two (47%) is hacktivism (i.e. cyber attacks for political or social purposes, especially demonstration purposes. A typical case is attacks against the police).
These are some of the data collected in the 2024 Report He closed itItalian Association for IT security, now in its twelfth year of publication, which will be presented at the opening of the Security Summit, a conference dedicated to cyber security issues scheduled in Milan from 19 to 21 March.
The progress of the attacks has no brakes
The growth curve of serious accidents does not stop, with 2,779 episodes recorded last year. An average of 232 attacks were detected every month, with a maximum peak of 270 in April 2023, which also represents the highest value recorded in years. From 2018 to 2023, attacks grew by 79%, with the monthly average rising from 130 to 232.
In eight out of ten cases, the severity of the attacks is high or critical. Alarming databut which only capture part of the phenomenon, given that many victims keep information on the cyber attacks they suffer confidential and given that in some areas of the world the possibility of accessing information is very limited.
As anticipated, with regards to techniques, we must not lower our guard regarding the use of Artificial Intelligence by cyber criminals to select targets and scan them, with the aim of finding flaws, to analyze codes and find new vulnerabilities and to produce content for phishing or code for malware. This is a rapidly growing trend, but Clusit researchers believe it will only be possible to observe the effects in the near future.
Attacks in Italy: it’s booming
Between 2019 and 2023, there were 653 known and particularly serious attacks carried out in Italy; of these, over 47% (310, in fact) occurred last year. The growth rate, therefore, is rapid and indicates both the tendency of cyber criminals to target our country and a poor ability on the part of businesses to defend themselves, despite investments in security being increasing, as found by the observatory Cybersecurity and Data Protection of the Polytechnic of Milan.
«The strategies adopted to date, also at a regulatory level at both Italian and European level, have certainly been useful and important in trying to limit the growth of the phenomenon. But in order to slow down the trend and try to stabilize it, and possibly reduce it, new strategies must be conceived and adopted that are based on knowledge sharing, on the pooling of investments”, he comments Gabriele Faggiolipresident of Clusit, who adds «We also want to keep high attention on the fragmentation of infrastructures and services that characterizes cyber security in our country, and which risk producing a multiplication of efforts, each in itself ineffective, as amply demonstrated by the market sectors most affected and also considering the overall Italian spending on cybersecurity”.
The objectives in the world and in Italy
Clusit researchers, analyzing known attacks from last year, indicate a prevalence of those with the aim of extort money (so-called cybercrime), which numbered over 2,316 globally (more than 83% of the total), up 13% compared to 2022. A figure, in the opinion of the authors of the Report, which translates into a close link between “off-line” crime and “on-line” crime. However, attacks with a matrix have almost tripled in the world hacktivism, equal to 8.6% of the total (they were 3% in 2022), with a percentage change compared to the total year on year of 184%. However, the phenomena of espionage (6.4%, 11% in 2022) and information warfare (1.7%, 4% in 2022) are significantly decreasing.
In Italy, in 2023, cybercrime attacks amounted to 64%; followed by 36% of attacks with hacktivism purposes, a clear increase compared to 2022 (6.9%), with a year-on-year percentage change of +761%. Approximately 47% of the total “hacktivism” attacks worldwide occurred against Italian organizations, demonstrating the attention of propaganda groups that aim to attack the reputation of organizations. This type of events, in particular those that occurred in the first nine months of the year, according to the Clusit researchers, is mostly linked to the conflict in Ukraine, in which groups of activists act through demonstration campaigns aimed both at our country and at the other nations of the pro-Ukrainian bloc. Further confirming that we are in a phase of widespread cyber warfare are attacks for the purposes of espionage and information warfare, which increased from values close to 50% in 2022 to values around 70% last year. This trend, in fact, can be explained with reference to conflicts Russian-Ukrainian and Israeli-Palestinian.
Multiple objectives in sight
At a global level, the main victims belong to the so-called multiple targets (19%). Followed by the sector healthcare (14%) which has undergone a jump of 30% and furthermore accidents in this sector have seen an increase in the severity of the impact, critical in 40% of cases (it was 20% in 2022). And again: a substantial part of the attacks was also aimed at the government and public administration sector (12%); to the finance and insurance sector (11%).
The sector most attacked in Italy in 2023 was instead that government/military, with 19% of attacks (+50% compared to 2022); followed by manufacturing, with 13% (+17%). Affected by 12% of attacks, the transport/logistics sector in Italy saw a year-on-year percentage increase in total attacks of 620%; similarly, the finance and insurance sector, against which 9% of attacks were carried out in 2023, saw a percentage change on the total of +286%.
Victims belonging to the “multiple targets” category were affected by 11% of attacks in our country, a sign of a greater focus of cyber criminals on specific sectors in recent months.
The continents most affected: the Americas
The percentage geographical distribution of victims, according to Clusit researchers, reflects the spread of digitalisation. In fact, in 2023 as in 2022, attacks on the Americas were more numerous, corresponding to 44% of the total. The attacks aimed atEuropa they accounted for 23% of global attacks, down one percentage point compared to the previous year but up 7.5% in 2022. However, attacks in Asia increased by one percentage point compared to 2022 (9% of the total); those in Oceania and Africa are stable, respectively 2% and 1% of the total.
All rights reserved
2024-03-10 19:01:02
#Cyber #attacks #Italy #sights #cyber #criminals #ItaliaOggi.it