Hacker attacks on the country's strategic infrastructure but also online scams against citizens to empty their bank accounts: this is also the internet, a tool from which we must learn to 'defend' ourselves as it is increasingly used by cyber criminals to commit crimes and fraud. To delve into the topic of cybersecurity, we went directly to the headquarters of the postal police in Rome, where director Ivano Gabrielli explained that cybersecurity is like a chain and that the weakest link is man. In fact, hacker attacks do not only affect public administration and industry but also affect citizens firsthand. What can we do to avoid falling into the traps of cyber criminals?
Italy is increasingly finding itself under hacker attacks, the latest one on the Capitol's website, before that by a Russian cybergang than on the servers of the Carabinieri, various ministries (Interior, Defense, Foreign Affairs, Agricultural Policies), the portal for issuing electronic identity cards, the website of Tim, Bper bank and the A2a utility. The problem was solved almost immediately, thanks to a system capable of blocking access from foreign Ip, but what is worrying is the escalation of the phenomenon. In 2022, 188 cyber attacks were recorded in Italy, a 169 percent increase over 2021, compared to an average of +21 percent worldwide. "This leads us to say that by 2022 'Italy is in the crosshairs' as it now suffers 7.6 percent of global attacks (compared to 3.4 percent in 2021)," reads the latest Clusit Report 2023.
Cyber attacks in Italy: +169 percent with the war in Ukraine
According to the Italian Cybersecurity Association, we have entered a new phase of "widespread cyber warfare," where in addition to the increasing damage caused by cybercrime and 'normal' intelligence activities that have been observed for years, there are also growing international tensions between superpowers due mainly to a high-intensity conflict fought on the borders of Europe. This means that strategic infrastructure and digital systems useful to the community will be constantly targeted by hackers, especially with the ongoing conflict in Ukraine.
Before talking about cyber attacks, however, it is worth taking a step back to the first hacker attack in history, the one that occurred in 1834 by the Blanc brothers. François and Joseph Blanc, who headed an investment company in Bordeaux, ingeniously managed to 'crack' the government communication system of the time, the optical telegraph based on the transmission of optical signals over a distance, which allowed encrypted messages to be sent throughout France. The two brothers, with the help of a couple of compliant telegraph employees, managed to make a mountain of money on the stock market by obtaining valuable information ahead of others. They were 'caught,' prosecuted and never convicted, because in those days there was no law against data network abuse. This story teaches us two very important things: that humans will always find a 'bad' way to use technology and that in network security the weakest link in the chain is humans.
77 percent of cyber attacks start with individuals
"While it is true that the ultimate target in 55 percent of cases is the Pa and large enterprises, it is also true that 77 percent of cyber attacks are routed through individuals," Gabrielli said, recalling that cyber criminals often exploit poor management of systems by individuals. "It's an interconnected world, so even small elements of a larger value chain, even at the industrial level, need to be protected because they can be vehicles to much larger and much more sensitive structures."
The best example we can give to demonstrate the veracity of these statements is precisely that of the first hacker attack in the modern computer world. In 1988 Robert Tappan Morris, a student at Cornell University (now a professor of computer science at MIT - Massachusetts Institute of Technology) in order to understand how big the Internet was created software that could replicate itself and spread to other PCs. In the experiment, however, something went wrong: the 'Morris worm' crashed more than 6 thousand computers, almost all belonging to public institutions, creating damages of about $100 million, an exorbitant amount for the time.
According to the director of the postal police, "we need to begin to conceive of cybersecurity as a kind of concentric scheme, where at the center is the citizen, because the security of the citizen, of his accounts, of his e-mail, of his social profiles then contributes decisively to the security of the outermost perimeter, the one that concerns national security."