the ROME – Continue to grow globally, cyber attacks: 2019, those classified as “severe” were 1.670, on average, one every 5 hours, 7% more than in the previous year, and 91,2% in more than five years before. A quarter of the attacks has been brought in parallel to the “multiple targets”: in a year are grown, the 91,5% of the attacks to online services, and 17% of those health. Exponential increase (+81,9%), also for the techniques of “phishing” and “social engineering”. It is a picture decidedly not reassuring that drawn by the experts of Clusit – the Italian Association for information security – in the fifteenth edition of the annual Report on cyber security, presented this morning in preview in streaming to the press. Also why are the same experts to say that what emerges from the data is “only the tip of the iceberg: the analysis refers to attacks in real, i.e. actually went to sign causing major damage,” while “remain excluded attacks attempted or blocked”. Not to mention that the sample analyzed “is necessarily partial, given the general tendency to avoid making public the aggression cyber”. Cybercrime main cause of cybercrime is still in the 2019, the main cause of serious attacks: 83%, is perpetrated with the aim of extorting money from the victims. In particular, last year the experts Clusit have recorded the number of attacks of cyber crime higher the last 9 years, with a growth of 162% compared to 2014 and by 12.3% compared to the year 2018. Remain substantially stable severe attacks related to the activity of “cyber espionage” – cyber-espionage (+0.5% compared to 2018), which are the cause of 12% of the serious attacks in 2019; decrease of those belonging to the category of “cyber warfare” – the information war (-37,5%), which constitutes 2% of the total of the attacks. Together with “cyber espionage” and “cyber warfare”, however, are classified with a severity higher than the average.
Always in 2019, 24% of cyber attacks has hit the so-called “Multiple Targets”, multiple targets that will reveal objectives and undifferentiated for a single criminal organisation that uses a business logic attack. Attacks on these targets are an increase of 29,9% compared to the year 2018.
The other main targets are the public sector (15% of attacks, down 19.4%), healthcare (12% of the total attacks, +17% compared to 2018) and online services (11 percent of all attacks, +91,5%). The following research and education (8%, a decrease of 8.3%), banks and insurance (6%, down by 10.2%), entertainment r information (5%, down 31.4%), retail and large organized distribution (2% of attacks, an increase of 28.2%).
At the qualitative level, the data of the Report Clusit 2020 show that the categories of “critical infrastructure” and “public sector”, with the financial and banking sector and the sector “others”, have suffered in 2019, the most number of attacks of the impact of “critical” while the categories with the greatest number of attacks with the impacts of “high” level are: health, the suppliers of software and hardware, and still the public sector. The attack techniques cybercriminals in 2019 have carried out attacks using malware in 44% of cases. This technique is an increase of 24.8% compared to last year but the ransomware – type of malware that restricts access to the device is infected, asking for a ransom – they represent almost half of the total of this technique (46%), an increase of 21% compared to 2018).
The Report Clusit confirm “the tendency of cyber criminals to use techniques of attack ‘simple’, produced industrially in an infinite number of variants, to decreasing costs; at the same time, however, it is always higher than the trend to the use of these techniques also from the part of actors-state and state-sponsored”.
The second place among the techniques of attack – accounting for 19% of the total – there are various techniques unknown, with a tendency to decrease (-22,3%) compared to the 2018. The techniques of “phishing” and “social engineering” mark instead of a +81,9% compared to the year 2018, coming to represent 17% of the total. A growing proportion of these attacks based on phishing refers, show the experts Clusit, to “Bec scams” or frauds via email that target specific organizations with the goal of inflicting economic damage, with the impact is often considerable. All other types of attack techniques added together are in 2019, only 12.3% of the total. The cyber insecurity In their analysis, the experts Clusit highlight “dynamics, in particular in the last three years, have pushed more and more subjects – and non-state actors – and enter the arena of cyber-war, and this had a negative impact unequivocally on civil society, i.e. individual citizens, institutions and enterprises”. “We are facing a veritable sea change in global levels of cyber-insecurity, caused by the rapid evolution of the actors, modalities, of the pervasiveness and effectiveness of attacks, stresses, Andrea Zapparoli Manzoni , steering Committee, Clusit. “The attackers are now dozens and dozens of organized criminal groups of transnational turnover of billions, multinational corporations are out of control with unlimited means, nation-States, with its military equipment and intelligence, their suppliers and contractors, groups, state-sponsored civil and/or paramilitary units and mercenaries engaged in a struggle with no holds barred, which have as their battlefield, weapon and target the infrastructure, networks, servers, clients, mobile devices, objects, IoT, the social media platforms and instant messaging. On a global scale, 365 days a year, 24 hours a day,” continues Zapparoli Manzoni. “We live and work in a situation of unprecedented gravity in terms of the risks of cyber, which threatens all of the assumptions on which is based the smooth operation of the Internet business and all the services, online and offline, that relying on that”.
“The Republic will fight always in defense of the freedom of information, to its readers and to all those who have at heart the principles of democracy and civil coexistence”
Carlo Verdelli SUBSCRIBERS TO REPUBLIC © Reproduction reserved Today on The torments of the Count: “But there rialzeremo as after the bridge Morandi”, Giuseppe Sala: “Milan is the trench that must withstand. By the government making the right choices,” The crisis in the airports: passengers on the decline up to 65% off the government to The trade unions: up to 4 billion for the shock absorbers and smes The freedom hostage
the Republic