It might sound like a movie title, but it's not. It is much more simply a trivial reality!
Every day the news about hacker attacks, carried out to the detriment of hospitals, industries, banking services grows ... every day our digital society discovers that it has foundations built according to incorrect criteria and the results are now evident.
When we opened this column, several years ago now (it was the end of 2014), few in Italy were interested in the subject. Today we talk about it on the news, there are university courses and, unfortunately, the attacks are more and more frequent.
"Why?", You may be wondering. What prevents to remedy and improve the systems that we know well by now, are often sieves from the point of view of safety?
The answers are many. Basically the software industry has shown and continues to prove that it is not mature, as indeed the hardware industry shows the same shortcomings. The digital world, in all its expressions, is far from perfect. However, one of the most relevant problems is to be found in the lack of personnel specialized in IT security which, put into a system with the lack of foresight of entrepreneurs and public administrations regarding the propensity to invest in the sector, leads to the consequences we know. However, I am not speaking of systems acquisition, but mainly of training e information .
If we look at the statistics (at least those relating to the cases known and described in the Clusit 2021 report) we realize that about 30% of the attacks are of the "ransomware" type, i.e. they consist of encrypting part of the data and requesting a ransom in exchange for their "release".
Well, this kind of attack, ransomware, is generally successful as the organization's IT systems and IT security-related processes are not adequately structured. Attacks of this kind, at least the simplest ones (and they are a great number), can in fact be prevented "simply" by resorting to back-up, if anyone has thought of doing them!
That's why I say and insist on training every time. IT security personnel must be properly trained!
Every company, every public or private organization should, indeed MUST, participate in the fight against cybercrime and invest in training programs, prevention and response to the internal threat.
This is a "must"!
Not all ransomware attacks are of the same type. For example, there are attacks aimed at obtaining a ransom in exchange for silence on the stolen information.
This is the case, for example, of what happened a few days ago reported by the BBC.
The Washington DC Metropolitan Police Department appears to have been attacked by a group (of Russian origin?) Named Babuk, which has stolen data from the information system and now threatens to release it if it is not paid. What data is it about? Nothing important, it's just personal data. It is in fact personal data ... informants!
In this variant of ransomware the data is encrypted but also exfiltrated and the risk is therefore twofold. In this case it is not enough to have i back-up some data. It was necessary to act in advance, perhaps with a nice internal campaign aimed at explaining the risk associated with the social engineering and the attacks of Phishing. Because in most cases, the reason behind a successful attack of this kind is to be found in the incorrect behavior of the users of the system. A luring email can be enough to initiate an attack, let's never forget that when we open attachments.
So we should not be surprised if on Repubblica we come across the news of a "suspected telematic attack" carried out to the detriment of the Cooperative Credit Bank of Rome where a group called "DarkSide" has encrypted the data and made it impossible to carry out normal activities.
Cyber attacks are now commonplace and there is no simple solution to the problem.
To learn more: