The opening of the Clusit 2017 Report presentation, headed by Andrea Zapparoli Manzoni, was an opportunity to contest the too widespread opinion that, being so high the number of successful cyber attacks, it means that “IT security is not working properly”. on the contrary, it works: more could be done, of course, but it works! Otherwise we would have long since ceased to be able to use the Internet and the exposed companies would already have shut down. It is only the cyber security that allows you to counter the threats and limiting the number of attacks that reach their goal.
The Clusit Report examines this year some specific sectors (Finance, Gov, Health): the structure of the attacks is different and different should also be countermeasures. The skill and maturity of the attackers are growing and now allow multiple targeted attacks (not just indiscriminate or individual attacks), according to the MIRV ballistic missiles model. Banks have become direct targets of attacks (before the targets were their clients). In healthcare for the first time huge data breach have been detected.
Among the methods of attack, unknown (during the attack) techniques are emerging, against which of course there are no applicable known measures. However, 1/3 of large-scale successful attacks, against important subjects as well, are still based on old malware or exploit trivial well-known vulnerabilities.
Also remarkable is that many of the crimes perpetrated on the net are scams or extortion, wich are NOT computer crimes but traditional crimes using computer tools.
The Report also features an interesting analysis on cyber crime set up by Fastweb, which used data collected in the field. To be mentioned the attacks to VOIP protocols, made possible by carelessness at times reserved for those which are often considered “only PBXs” and thus left to standard safety configurations, not to say of default user and psw …
The following round table made it possible to know the views of important market players (Oracle, IBM, Hewlett Packard Enterprise, Trend Micro and Microsoft). It is confirmed, inter alia, which are still the two main spending drivers in IT security for Italian companies: suffered attacks (“blessed – so to speak – those CISOs who have suffered a major attack, because that would enable them to grab attention by the board”) and compliance. It is true that you cannot ask regulations to be at the forefront in the defense against attacks (you could even be compliant but anyway not be able to effectively counter attacks). It is however also true that compliance helps fighting major battles, although rearguard ones: if there had been for instance no privacy legislation, how many Italian SMEs would still be less protected?
To get a free copy of the Clusit Report (in Italian) point your browser here: https://clusit.it/rapporto-clusit/ and write an email to rapporti@clusit.it