The sale of stolen data is on the rise

on

|

views

and

comments

An analysis by a cybersecurity agency offers insight into the landscape of ransomware attacks, reminding institutions and companies of the scale of the problem.

the cybersecurity company Group-IB published a report devoted to high-tech crime trends on the global stage. Unsurprisingly, the panorama that unfolds is that of a digitized ecosystem that is increasingly the victim of cybercrime, especially those seizures of data commonly known as ransomware attacks. Within this somber outline, Italy, unfortunately, turns out to be one of the most affected countries, at least with regard to the frequency of attacks suffered.

Report data and overall situation

The data collected by the agency refer to the period from the second quarter of 2021 to the first quarter of 2022, a period in which cybercrime activity proved to be very active and in which more and more companies had to deal with the information theft – or even functions – stolen from their private servers. It is important to note right away that the report in question, as is often the case also in the case of similar documents, is prepared by a team that has the greatest professional and economic interest in keeping the alert against cybercrime, in addition to the numbers as long as it does not delay in deepen the distinction between quality and quantity of crimes, placing each crime on the same level. When interpreting the graphs from this point of view, it is clear that the size of the ransomware threat threatens, in one way or another, to reach even the smallest industries, those that still today do not realize the possibility of being subjected to this type of threat. problems.

In the midst of the digitization boom, an event recorded in response to obstacles of a pandemic nature, specialized hacker groups have in fact assumed organizational configurations worthy of real start-ups and ended up renting their tools to heist dealers and launching deep web sites dedicated to listing and disclosing unredeemed loot. This “transparency” on the part of criminality and corporate policies increasingly aimed at prompt reporting of data thefts may have inflated the numbers in relation to those registered in previous years, but the progressive abandonment of negotiation “behind closed doors” with illegality does nothing but reveal the real numbers of a trend that deserves maximum attention: according to what was reconstructed by Grupo-IB, companies affected by ransomware strategies would be grown by a considerable amount 22%, reaching 2,886 units. 852 of them are distributed on European soil.

Equally obvious is the capillarization of cybercrime networks. Activity on forums and dedicated pages doubled, while data brokers known to the cybersecurity agency increased from 262 the year before to 380. The most affected sector is the manufacturing sector. (5.8% of the collected cases), followed immediately by the financial services branch (5.1%), real estate (4.6%) and education (4.2%). Europe has suffered the backlash from cybercrime, especially the UK, but Italy ranks fiftheliminating 10.2% of attacks suffered on the continent, thanks mainly to the strategies of hacker groups known as Lockbit and Conti, respectively.

attack dynamics

Over the years, the idea has spread that cybercriminals use particularly sophisticated and complex ploys, or at least rely on defects rooted in commonly used software – so-called “zero-day” attacks. The IB-Group makes a particular point of underlining that this imaginary is part of an ingrained misunderstanding that should be taken care of, citing analysts from the University of Trento in this regard. Trentino academics explored several attacks that occurred between 2008 and 2020, finding that the damage caused by advanced persistent threats (APT) is constant and repeated, rather than innovative and extraordinary. To these technical stratagems, therefore, must be added all the defects derived from human nature and from a digital hygiene culture which is still insufficient to meet the needs of an industrial world increasingly connected to the IT sphere. To have a parameter of the depth of the defect, just read the data obtained from the American inspection agency. American observers found that the 16% of accounts from the Ministry of the Interior were protected by easily identifiable passwords and that up to 5% relied on non-creative variants of the word “password”.

What was recorded by Grupo-IB reinforces, more than ever, the need for companies invest in good IT teams, however, the various government bodies must revise any misguided views, i.e. they must become aware that funding cybersecurity will not make their business invulnerable to hackers. A good team of technicians does their best in implementing practices and consultancy capable of preventing critical problems directly related to operators, as they have the skills to quickly identify and manage any inconvenience, to contain losses in times of crisis. In fact, the attacks that affect small and medium-sized companies hardly have a reach comparable to that of giants such as the Colonial Pipeline or official institutions, normally the apprehensions are limited to the blocking and compromise of databases containing contracts and identification documents that, although important, they are not vital for the functioning of the supply chain and can be regenerated thanks to good management of IT servers. On the other hand, the digital security sector promises to record an upward curve of considerable proportions, above all because the most important insurers in the market anticipate that tomorrow they will no longer indemnify damages caused by ransomware attacks, which must be very numerous and widespread for risk hedging to be financially viable.

Source: Money It

Share this
Tags

Must-read

Anti-democratic drift in Brazil: what is happening

In Brazil, a repressive and anti-democratic drift orchestrated by the Federal Supreme Court is underway to annihilate Bolsonaro and his popular followers, after the...

Innovation is becoming transformative. What does that mean

Innovation overcomes the crisis by shedding its skin, becoming transformative and integrating everything: digital, green, social, business. Interview with Stefano Denicolai, Professor of...

How the financial network gained political power in Britain

By weaving a web of friendships, unbreakable relationships and economic interests, according to The Guardian, the protagonists of high finance managed to get their...

Recent articles

More like this

LEAVE A REPLY

Please enter your comment!
Please enter your name here