The Marche Cup is under attack again. Gaetano Ascenzi, operational director of Digital Innovation EDIH4Marche of Confindustria, (the bridge between business, research and finance) expert in cybersecurity, anti-fraud digital banking: it is normal that to stop a hacker attack the Cup system and other sites are completely blocked connected, adding problems to problems?
“Let me start by saying that I don’t know the details of the attack, but acting in a precautionary manner avoids its possible spread and it is correct to proceed with the suspension of services that could be connected to what was attacked.”
So how should we proceed?
«Every information is useful to the organization that is piloting the attack. Among the defense systems is that of not providing information, especially in the case of a Center that works in the healthcare sector. The Cup deals with medical data which are par excellence personal, sensitive data, which must be treated with confidentiality and are subject to the General Data Protection Regulation. The attack can certainly be classified as hacktivism.”
That is to say?
«We are talking about attacks carried out with political or social purposes. If exfiltrated, the average data has a value and it has already happened that in addition to the attack, aimed at interrupting the service, the data was encrypted and made unavailable unless a ransom was paid.”
How does the hacker work?
«He is not the pirate who works at night to “hole” a site as a form of technical challenge. Today they are criminal organizations that enjoy sophisticated systems and work with economic or political objectives. The typical attack vehicle is what is called phishing: thousands of malicious emails or text messages are sent which act as bait.”
Then what happens
«The operator opens them and, in this way, inoculates the malware which is aimed at a criminal action: the blocking of the system, the encryption of data, the theft of sensitive data, the silent inoculation of software that allows to take the control the device remotely. The methods of attack or the vehicle between the public and private sectors are substantially the same, usually what changes is the purpose.”
How?
«In the case of the public it has political purposes; in the case of companies and private individuals, the purpose is economic”.
What are the profiles of these organizations and how many public and private companies in the Marche region have suffered attacks?
«From the national data of the Clusit report, from 2019 to 2023 there were 653 serious cases but in the last year, 353. We are under attack in particular if other statistics are cited, such as those relating to frauds which target citizens convinced to carry out transactions banking by fraudsters on the telephone”.
How do you protect yourself?
«Creating the right compromise between defensive technologies and personnel training».
What does it mean?
«Technology is fundamental. But so are men with their behaviors and propensity to trust us. The most frequent attacks occur at the banking level. However, the weak point is the account holders who communicate their credentials to the criminals.”
In the case of Cup, is it the patient?
“No. In this case, the information system is under fire.”
