Cyber risks have reached a level that all organizations cannot ignore. All governments worldwide are taking measures to take action against potential cyber-attacks. Italy is one of them. Announcing its National Cybersecurity Strategy for the first time in May of this year, Italy announced that it has decided to deploy and mitigate systems that help predict cyber threats that may threaten its national infrastructure.
We regularly share the developments that contributed to Italy’s and other countries’ decisions on our blog. IBM’s Cost of A Data Breach 2022 report also clarified many of the issues we focused on. As noted in the report, the average cost of a data breach last year was over $3 million.
Click the button below to download SOCRadar’s Italy Threat Landscape Report and get in-depth insights into the nature of security breaches and other cyber incidents.
Biggest Dark Web Threat in Italy: Data Leaks
SOCRadar analysts scanned close to 15,000 dark web posts spanning June 2021 to June 2022 to get a snapshot of the threat landscape to Italy. More than 3,000 of these posts were threats to Europe. In the posts for Italy, it was remarkable that most of them were related to data leaks.
According to SOCRadar Dark Mirror’s detections, more than half of the posts on the dark web were customers’ or companies’ sensitive data leaks. Right after the customer data leak, the favorite of threat actors, come network access sales.
According to SOCRadar DarkMirror data, e-commerce is the most targeted industry in Italy from June 2021 to June 2022. Its following industries are media & entertainment and IT.
Malware Campaigns Targeting Italy
According to research by SOCRadar analysts, the most common malware in Italy is Emotet. We came across Emotet in 14 campaigns designed by emailing ZIP attachments containing malicious files.
Coper and Qakbot also stand out as other malware targeting Italian companies. Other malware not to be overlooked are:
Most Exploited Vulnerabilities
Threat actors can exploit vulnerabilities for many purposes. They can use them to infect their victims with ransomware, gain full access to the system access, or reconnaissance for future cyber attacks. It should be noted that the skyrocketing ransomware attacks on organizations in Italy may be linked to the most exploited vulnerabilities. In particular, unpatched devices or software vulnerable to remote code execution can significantly increase the risk.
As of 30 June 2022, the five most exploited vulnerabilities in cyber attacks on Italian companies are: