This is not a novelty, but a now consolidated confirmation and increasingly worrying: Italy is among the privileged targets of cybercrime. Also relaunching this alarm is the First Cyber Security Report made by Team in collaboration with the Cyber Security Foundation, the first Italian non-profit foundation entirely dedicated to digital security.
The data is unequivocal: our country is the second most affected in Europe by ransomware, while the attacks DDoS attacks increased by 36% compared to 2023. A constant and transversal growth, which it spares no one: businesses, public bodies and citizens are increasingly exposed in cyberspace, with economic and social consequences that can no longer be ignored.
The report, presented at the House of Representatives, is based on the findings of the Security Operation Center by Tim and an in-depth analysis by the Cyber Security Foundation. The picture that emerges is clear. Digital threats are increasing in frequency, sophistication and ability to strike with precision. It is no longer a question of generic or random attacks, but of targeted offensives, often orchestrated by organized criminal groups o supported by state actors. And Italy is now at the center of a new invisible conflict, where weapons are digital and defenses, now more than ever, must be strengthened and coordinated.
Ransomware: Italy is the second victim in Europe
With 146 official attacks detected in the 2024, the ransomware, the criminal technique that blocks or encrypts data and then asks for a ransom is confirmed to be thenightmare number one for Italian companies and institutions. The 58% of attacks has hit the sector of services (banks, insurance, transport, healthcare), while another 26% targeted manufacturing, the productive heart of the country. The the most strategic sectors are the most targeted, a sign that behind many of these attacks there is not only common crime, but real actors sponsored by hostile states.
To make matters worse, the spread of the so-called “Ransomware-as-a-Service“: in fact, cybercriminals no longer even need to know how to program. They just pay to rent a complete attack kit. A sort of “digital crime franchising”, which lowers the entry threshold and multiplies the risks.
DDoS Attacks: More Frequent, Stronger, More Strategic
The second warm front is that of the DDoS attacks (Distributed Denial of Service), designed to crash servers, websites and digital services by overloading them with requests. In 2024, there were 18 attacks per day, with an increase of 36% compared to 2023. But it's not just the volume that's worrying. In addition the 40% he passed it the 20 Gbps of intensity, a threshold that undermines even the most sophisticated defenses.
A has also spread new method: the attack multi-vector, which simultaneously affects sites, networks and devices of the same organization. It is as if, in a city, traffic lights, telephone lines and water services were blocked at the same time. Chaos is guaranteed.
Among the favorite targets? The Public Administration, which went from 1% to XNUMX% in just one year 42% of total attacks. A quantum leap that reveals a change in strategy by attackers: the PA is vulnerable, often poorly updated, and manages high-value data.
Artificial Intelligence: Defense or Threat?
The report dedicates an entire chapter to the role of Artificial intelligence, double-edged sword of this new war. An advanced defense tool, certainly, but also a dangerous weapon in the wrong hands.
On the defensive front, the AI allows for intercept threats in real time, automate countermeasures and prevent complex attacks. But at the same time, it is used by cybercriminals to:
- create Credible deepfakes for the purposes of fraud or disinformation
- to write perfectly camouflaged phishing emails
- to design custom attacks, exploiting public data to hit targets with ad hoc messages
In this race between digital cops and robbers, Whoever innovates first wins. And today, too often, the attacker has the technological advantage.
The law chases: between Nis2, Dora and Cyber Resilience Act
2024 finally saw the entry into force of more stringent European regulations. The NIS2, Cyber Resilience Act and Dora impose higher standards for digital security, also making the pmi, which often fall behind.
Il gap between law and innovation, However, remains broad. Legislators are struggling to keep up with digital crime, which is moving faster, more creatively and without constraints. It is not enough to update the laws: we need an integrated governance, a national strategy and real public-private cooperation.
“Digital security is a collective responsibility”
“Italy is among the most affected European countries,” he explained Gianluca Galasso, director of the Operations Service of theNational Cybersecurity Agency, and attacks are taking on “increasingly aggressive profiles”. “In this context”, Galasso underlines, “cooperation with structured operators is fundamental. Projects like the HyperSOC platform, developed with the contribution of various private entities, were born precisely to share technical data and risk indicators of high operational value quickly and effectively”.
An appeal to change the paradigm has also come from Ivan Gabrielli, Director of Postal and Communications Police: “We need a systemic approach. Cyber threats are no longer just a matter for specialists. Citizens, companies and institutions must each assume their share of responsibility, because fundamental rights are exercised in the digital domain. In addition to technology, culture, training and shared responsibility".
Reaffirming the need for a widespread culture of cybersecurity was Marco Gabriele Proietti, Chairman of the Cyber Security Foundation: “This report is much more than a technical photograph: it is an invitation to change pace. The numbers describe a complex reality that demonstrates how urgent it is promote a culture of digital security that goes beyond the emergency and becomes an integral part of our daily lives. The foundation was born with this very objective: to create synergies between the public and private sectors, sharing experiences and skills with transparency and responsibility. Data are not just analysis tools: they are a collective good to be protected and enhanced in the interest of the country system".
“As an infrastructure operator, Tim intercepts early signals every day of cyber attacks. This allows us to contribute valuable data and analysis. The report was born from a clear need: to make a solid information base available to the country system to strengthen common defenses" commented Eugene Santagata, Chief Public Affairs, Security and International Business Officer of Tim.
"We are facing a dangerous escalation. Systemic responses are needed. Cybersecurity is now a national priority. We must ensure that families, businesses and citizens have concrete tools to protect themselves in their digital daily lives," he said. Alessandro Colucci, Member of Parliament and President of the Inter-Parliamentary Group on Cyber Security, reiterating the need for a political response.
The challenge, today more than ever, is moving from emergency management to an integrated strategy, from buffering to prevention. Because in the digital domain there is no vaccineThere is only an immunity built over time, made of awareness, training and cooperation.
