Information stolen from 289 thousand sites of Italian companies and more than half of the threats are not detected by antivirus. While our 007 sound the alarm about possible interference in the next elections, here is the portrait of those who really risk being targeted by cybercrime and those who do not.
Security problems on socials
Over half a billion stolen accounts in the world, to be precise 557 million and 745 thousand, and just under 17.8 million violated domains. These are the numbers that surface by scanning the dark web in search of those who sell stolen data. Among the victims 11.3 million is the total username and password taken to Italian organizations and 289 thousand our domains penetrated by an IT attack in the last year. This is supported by the cybersecurity survey, published here in a preview, conducted by the Yoroi of Bologna. He used a sort of search engine that can track down offers in the unindexed part of the Wolrd Wide Web, the one that runs away from Google.
Tall numbers, but only apparently tall. The Italian domains involved in a “data breach”, a data theft, represent in fact about 1.6% of the total, while the number of stolen Italian accounts is equivalent to 2% of the existing ones. And they are numbers in line with the rest of the world. “It means that for the first time they know that our country is no more fragile than others from this point of view”, explains Marco Ramilli, head of the Yoroi.
Alarming is the fact that as many as 58% of Ransomware, a type of malicious software (called malware) that takes possession of a machine and blocks it until a ransom is paid as in the case of NotPetya and WannaCry, has not been identified by no antivirus. And even 23% of Trojans, often used to spy on the victim, have escaped. The other data to keep in mind is that in 89% of cases the attack started with a mail to which was attached a file that worked as a Trojan horse. And when the attack was successful it was because someone did not look good where the mail was coming from and opened the file by distraction.
The low percentage of data on sale of Italian companies on the dark web does not put us in a safe place or does not mean that we can lower our guard. In danger it is not so much the privacy of the individual citizen, which hardly becomes a goal to spy and that equally difficultly turns into a victim unless he makes an imprudence like clicking on a wrong link or open the suspicious file arrived via mail, how much the companies and obviously the prominent personalities.
The theft of secrets and industrial processes is becoming a mass sport practiced by the whole world. And Italy, with its thousand excellences spread over the entire territory, is an important prey. “The phenomenon with which we are comparing travels at a speed never known in the past,” the prefect Alessandro Pansa had recently said in Milan, head of the Department of Information for Security (Dis), our 007 in the world of cybersecurity . “We must build what is needed in a changing world. And even if we organize ourselves to face the threat we know, as soon as we are ready, the threat has already changed, “he added.
In Rome, our intelligence then returned to the subject by going into more detail. In his opinion, the most significant threat is digital espionage, implemented by professional structures that have time and tools to circumvent or overcome security systems and that hit specific targets to steal sensitive information to use perhaps to negotiate better agreements and contracts. or eliminate competition.
In its Annual Cybersecurity Report, Cisco says that only 38% of the 200 companies that interviewed estimate that they have suffered damages due to cyber attacks of less than 100 thousand dollars. For another 37% the half million has been exceeded, while 25% has suffered damages for between 100 thousand and 499 thousand dollars. This means that 62% had to cope with a serious flaw. But we are talking about interviews. Just as it happens for another relationship, this time by Ernest and Young, in which just over one manager out of ten of those interviewed thinks they have in the company the appropriate professional skills to face the cybercrime era.
Returning to the data collected in the field, those from Yoroi, we know that in Italy 50% of the attacks of 2017 was represented by Ransomware. The rest, 25%, are “dropper” (systems “carriers” of other malware) and in third place there are Trojans with 17%. It is surprising that in the face of a phenomenon that everyone considers growing up if not exponential and where algorithms and neural networks are now used to continuously modify malware and make new variants difficult to trace, so little is known about the phenomenon between companies and citizens here as elsewhere and that little is done to solve the problem.
While Norton lets us know that cyber criminals have stolen 146.3 billion euros from the world to 978 million consumers in twenty countries, but it is only one of the many estimates that circulate, even the IT security business grows together and c ‘is who blows on the fire to increase fear in companies. This, not surprisingly, is a sector that makes an excessive display of English technical terminology even when it is completely useless or easily translatable. Making one suspect that one wants to keep the universe intelligible to a few so that the few can then do the good and the bad while they launch an alarm after another.