Not only Jbs, here is the news from the cyber far west

13 June 20213 years ago babelfish

Facts, names and insights on cyber attacks. Michele Scarpa's article

A hot summer is announced for the world of cybersecurity.

On June 9, the news came that JBS USA Holdings Inc., the US subsidiary of Brazil's JBS, the world's largest meat processing and sales company, paid a ransom of $ 11 million in Bitcoin following an attack. ransomware occurred in late May.

The announcement was made by Andre Nogueira, CEO of JBS USA, whosaid : “This has been a very difficult decision to make for our company and for me personally. […] However, we felt that this decision should be taken to prevent any potential risk for our customers ”.

The hacker attack took place, as mentioned, by means of a ransomware. That is a particular class of malware (malicious software) which, once a computer has been infected, requires a ransom (ransom in English) for the return of stolen and then encrypted data. The ransom is generally required in Bitcoin as this digital currency, while allowing the traceability of the transaction thanks to the blockchain technology, at the same time guarantees the anonymity of the user who holds the coin.

THE ATTACK ON THE COLONIAL PIPELINE

The attack on the JBS is not an isolated case. Only at the beginning of May did the hacker group DarkSide hit the Colonial Pipeline oil pipeline , again with a ransomware attack. The attack on the Colonial Pipline caused a fuss as a company operating in a strategic sector, such as oil transportation, was hit in such a way that it was forced to pay a ransom of about 4.4 million dollars ( always paid in Bitcoin) to have the stolen data returned and operational again in oil distribution. In the end, the latest information seems to indicate that the hackers of the DarkSide group have done quite badly. The FBI announced that it had recovered part of the ransom and seized a series of infrastructures used by hackers such as the DoS attack, the blog and the payment servers.

US FEEDBACK

What is happening at the beginning of June is significant. On the one hand, there is an exponential growth in cyber attacks on critical infrastructures and their supply chain, often forcing companies concerned about the economic and social repercussions that the interruption of their service could cause to pay the ransom.

On the other hand, the States, primarily the USA, are reacting increasingly decisively to the challenge posed by the digital domain. In this regard, the recovery of the ransom and the seizure of the hacker infrastructures following the blow to the Colonial Pipeline, has shown that the United States has adopted a decidedly more intransigent and reactive policy towards the challenges posed by cyber crime.

HACKER COMPANIES WITH SHIFTS AND HOLIDAYS

An important element that emerges collaterally to the events of cybersecurity cases, such as those mentioned above, concerns a very particular dynamic that involves the world of cyber criminals. In the panorama of digital crime, excluding groups attributable to state entities, there are no longer just single hackers or groups, but real criminal companies structured similar to legal ones. Some of these cybercriminal companies have shifts and holidays for employees, structure their business goals, and have dense networks of external partnerships. Even these criminal companies would offer some sort of customer service to help with the payment of the ransom and discounts in case of timely payments, as in the case of the hacker attack on the CWT company which was also hit by a ransomware called Ragnar Locker.

ITALY UNDER ATTACK

In this world of cyber attacks, Italy is certainly not spared. Indeed, it is not wrong to say that Italy is under attack. The latest findings show that the Bel Paese is the third nation in the world after the USA and Japan for malware attacks and the second in Europe, after Germany, for ransomware attacks.

WHAT DRAGONS DO ABOUT CYBER SECURITY

To face this flood of cyber attacks, the latest step taken by the Draghi government was to approve the decree law on 10 June introducing urgent provisions on cybersecurity, the definition of the national cybersecurity architecture and the establishment of the Agency for national cybersecurity (ACN).

With this decree we try to give completeness to the national cyber-resilience strategy, already started with the regulation on the cyber perimeter. The need for this agency, in the government's view, is to have a structure suitable to face the growing cyber challenges also in the light of the “recent attacks on networks of European countries and important international partners”.

The nascent Agency, whose multiple functions are listed in Article 7, will have among its many roles the arduous task of helping to stem the enormous amount of cyber attacks that our country system faces on a daily basis and, among others, will have the fundamental purpose of promoting a culture at all levels of cybersecuriy. So much so that the same decree recognizes that the Agency will have to carry out "communication activities and promotion of awareness on cybersecurity, in order to contribute to the development of a national culture on the subject". The question of a national cybersecurity pedagogy is central to remaining competitive in the globalized world, and the establishment of the National Cybersecurity Agency is a "necessary factor to ensure the development and growth of the national economy and industry," placing cybersecurity at the foundation of digital transformation ".

Therefore, in a broader perspective, it will be possible to drastically reduce incidents such as those that occurred to the American giants only by understanding that the challenge posed by cybersecurity is also a cultural challenge.

This is a machine translation from Italian language of a post published on Start Magazine at the URL https://www.startmag.it/innovazione/attacchi-cyber-stati-uniti-italia/ on Sun, 13 Jun 2021 07:05:06 +0000.