Following the hacker attack of the past few days, which also affected several Italian servers, it came from a ransomware that has already been known for some time. Ransomware is a type of virus that takes over a user’s computer, encrypts data, and then demands a ransom to restore normal operation. “The ransomware attack that hit VMware ESXi servers in the past few hours, exploiting a vulnerability that had been fixed for two years, is just the latest in a long list of attacks on a global scale”, declares Massimo Palermo, Country Manager Italy and Malta of Fortinet, a US company specializing in the development of IT security software, devices and services. “As early as September, a report from Fortinet’s FortiGuard Labs warned that 10,666 ransomware variants had been detected in the first half of 2022 alone, compared to just 5,400 in the previous half year: an increase of almost 100%, which reveals a worrying evolution of criminal ecosystems To protect themselves from ransomware and cyberthreats in general, organizations, regardless of their industry or size, must adopt a proactive approach, in which no component of a security architecture can be overlooked: from compliance principles of healthy cyber hygiene, through education, to the implementation of key technologies such as real-time visibility, protection and remediation, zero-trust network access (ZTNA), and endpoint detection and response ( EDR)”.
-
Massimo Palermo, Country Manager Italy & Malta of Fortinet
What are the risks of these attacks, and why have some of them become more acute than others? Certainly several factors have contributed: on the one hand the digital transformation and e-commerce transformed by the Covid period, but also the convergence of the IT world towards industrial automation and remote working”, explains Palermo. “So we are here to have an expansion and diversification of the attack surface: we are exposed at home, on our private networks. Hence the phenomenon of shadowing of many devices that are not suitably protected. Added to this is the ever-evolving threat landscape: from state-sponsored attacks, the one we’ve been seeing since last February with the start of the Russian-Ukrainian war, to the phenomenon of ransomware, increasingly used by organized crime.
A perfect storm that in Italy is exacerbated by peculiar factors. “One is represented by the analysis of the Italian productive fabric, which is made up of many small and medium-sized enterprises and a very large prevalence of the public sector. Also due to a non-existent budget for cybersecurity, Italy has become one of the main targets or in any case one of the subjects most at risk. All this had already emerged from the 2021 Clusit report, one of the most authoritative sources on the state of threats and to which Fortinet also contributes. The 2021 report, with a record of 2049 serious attacks, had already highlighted that cybercrime was starting to spread in connection with organized crime, and that ransomware was already confirmed as the most widespread cyberthreat last year.The new report that was presented a few days ago on the first six months of the 2022 reports that there were 1,141 cyber attacks, an increase of 53% compared to the same period of the previous year.Certainly the impact of the Russo-Ukrainian war h helped outline a very complicated geopolitical scenario that has had important reflections and repercussions on the digital world”.
In fact, says Palermo, the Net is to all intents and purposes a new battlefield. “Therefore, the severity of the attacks is growing and consequently the quality of the attacks themselves with greater damage, 78% of the attacks had a critical and high impact. Attack techniques with multiple techniques are also constantly evolving, which have grown by more in the first half of 2022, and of course malware which still represents 38% of the total. Then follow unknown techniques and the classic ones of vulnerabilities, phishing and social engineering. If we move the view towards the victims, we notice that the greatest growth of the number of serious attacks was observed precisely towards multiple targets: this means that criminals tend to hit multiple targets in a more undifferentiated way rather than specific targets.The motivation of cybercrime despite the Russian conflict in the end is and always remains the main motivation of attack, and represents 78% of global attacks, all elements that we had already highlighted started in the first half with the launch of the FortiGuard Labs Street report landscape. This worldwide threat detection and analysis unit today has control of 40% of world traffic: we are talking about more than 9 million devices around the world which represent a privileged source that constitute millions of billions of data and reports that we process, to try to anticipate some trends not only for our customers but for the entire ecosystem”
The protection of critical infrastructures will be the real challenge of this century. “One of the pillars of the National Cybersecurity Agency (founded in 2021 but not yet fully operational) is precisely that of identifying essential service providers, digital service providers and making them fall within the cyber security perimeter, i.e. trying to prepare what is called cyber resilience: make sure that in addition to technologies they also adopt methodologies to resist as long as possible and recover as soon as possible from the shock of the attack.In Italy we moved a little late, also according to the same Nunzia Ciardi (Deputy Director General, Agency for National Cybersecurity): it is a fact that our agency was born five years later than the French one and even 10 years later than the German one. What we can do is collaborate, as with our contribution to the specific Clusit report for the world of operation technology together with the broader scenario of industrial automation. vital issue for the economy of our country, a fabric of small and medium-sized Italian businesses, from manufacturing to those who make bolts in the north-east, which if subjected to a ransomware attack will most likely not be able to meet any ransom requested without having the possibility to return to operations as soon as possible and consequently minimize the damage. The protection of critical infrastructures such as the electricity supplier or even simply the small municipal water supply of a country becomes fundamental. Cybersecurity must be at the heart of every nation’s strategic plans.”
Fortinet currently offers 50 solutions with a single integrated platform and with a single operating system. Palermo defines it as a “Mesh Architecture”, i.e. a collaborative ecosystem of tools and controls. “From the large 5G network, to the smartphone, to the home PC, we offer an integrated and automated solution capable of linking apparently unrelated breach events and which instantly reacts to the digital attack. However, technology alone is not enough: training and cybersecurity awareness training. Many companies already offer basic security training programs for employees but by virtue of this sophistication by virtue of the fact that criminals invest as we have said to make themselves increasingly invisible. We cannot help less, like companies and citizens, to invest in training and education.
The metaverse is giving birth to new fully immersive experiences in the online world and the first virtual cities appear in this new version of the Internet driven by augmented reality technologies. Retailers are even launching digital products available for purchase in these virtual worlds. While these new online destinations offer a world of possibilities, they also open the door to an unprecedented increase in cybercrime in uncharted territory. “For example, an individual’s avatar is essentially a gateway to personally identifiable information, making them a prime target for attackers. As individuals can purchase goods and services in virtual cities, digital wallets, cryptocurrency exchanges, NFTs and all the currencies used for transactions offer threat actors a new attack surface.Biometric hacking could also become a real possibility due to the AR and VR components present in virtual cities, making it easier for a cybercriminal to steal fingerprint mapping, facial recognition data or retina scans and then use them for malicious purposes.Furthermore, the applications, protocols and transactions within these environments are all possible targets for opponents.
Whether you work from anywhere, learn from anywhere, or have immersive experiences from anywhere, real-time visibility, protection and mitigation along with advanced endpoint detection and response (EDR) are key to enable real-time analysis, protection and remediation. In this regard, the country manager states: “Baldoni, the director of the Cybersecurity Agency, said that in Italy we need about 100,000 experts in the cybersecurity field alone and their gradual growth plan and their difficulty in finding experts derives from fact that there is an objective lack. Fortinet is also focusing a lot on training with free programs. One is a powerful eight-level certification program: it is called Network Security Expert from basic levels up to the maximum expert of a network and domain These are the certifications that are considered essential, highly sought after on the market and therefore give a chance both to those who want to retrain and to those entering the job market for the first time.We have recently activated the Fortinet Security Academy in collaboration with universities, such as the Polytechnic of Bari or the University of Calabria, and also with some professional schools (such as the Elis Consortium in Rome) precisely to contribute free to sow awareness and knowledge. Similarly, also for cybersecurity, the importance of training and the predisposition to certain behaviors are equally important to having a security infrastructure. Here again the problem associated with small and medium-sized enterprises arises. In fact, even the company that invests millions in cybersecurity, the most advanced in terms of culture and budget, will never be completely safe if even the service providers, software or smaller companies that are in any case part of their digital ecosystem do not are equally adequately protected”.
#Hacker #attacks #Italy #among #main #targets #year