Cyber ​​Attack: The Number of Attacks Is Increasing But So Are Defenses


  1. Cyber ​​attacks on the rise
  2. The importance of cybersecurity
  3. Increase in attacks and severity
  4. Attack techniques

Cyber ​​attacks on the rise

The most recent data shows us a dizzying growth in cyber attacks serious, even in our country. Clusit – Italian Association for IT Security, in the first half of 2022 alone, reported that in Italy there were as many as 1,141 serious accidents+8.4% compared to the same period in 2021. In this context, 67% of companies note an increase in attack attempts and 14% have suffered tangible consequences following cyber incidents, such as delays in the operation of processes, service interruptions or reputational damage.
Due to the ongoing turbulence, the topic of cybersecurity and cyber attacks is increasingly central in our society.

Today, in fact, we are witnessing a new scenario, in which at an institutional level Italy is equipping itself with an organic security system in the cyber sector and adequate counter tools. With the Legislative Decree of 14 June 2021, the Government established theACN, the National Cybersecurity Agency to protect national interests in cyberspace. The creation of this Agency marks a crucial step for Italy: for the first time our country takes such rapid and effective concrete actions in an evolving sector, such as that of cybersecurity.
The ACN guarantees the implementation of the national strategy on cyber security adopted by the Prime Minister and pursues the achievement of national and European strategic autonomy in the digital sector, in synergy with the national production system and the involvement of the university and research world.

The importance of cybersecurity

The phenomena that have emerged in recent years, pandemic, Russia – Ukraine conflict, energy and economic crisis, have further confirmed the importance of cybersecurity. A specific aspect to which attention must be paid is that relating to the evolution of cyber attacks, in terms of methods, frequency and targets. The data in fact show a worrying situation and confirm, at the same time, how Italy still remains a weak, fragile and attacked country.

Over the last 11 years, according to the Clusit 2022 report, on average 106 serious attacks in the public domain have been analyzed and classified per month. In the last 4 years this average has risen dramatically: 129 in 2018, 137 in 2019, 156 in 2020 and 171 in 2021. Globally, 14,010 serious attacks were recorded between January 2011 and December 2021. Contextualising the analysis to the four-year period 2018-2021, the number of serious cyber attacks per year therefore grew by 32%. More specifically, in 2021 attacks against entities based in Europe grew from 16% to 22% compared to 2020.
It should be highlighted that, compared to the 7,144 attacks recorded worldwide between 2018 and 2021, over 900 offensives hit Europe and 185 of these attacks were recorded in Italy. A fact that cannot go unnoticed and which demonstrates how our country is becoming an increasingly frequent target.

But how can this phenomenon be explained? Greater knowledge of the facts that occur, in contrast with a certain European tendency towards silence, is given by the greater media attention reserved for cyber attacks. But evidence of an increase in attacks also comes from cybercriminals claiming their actions were intended to reinforce “ransom” demands. As a result, the attacks are known and entered into the Clusit statistics.

The numbers increase but not the quantity of targets. In fact, the preferred victims of cybercriminals remain governments. In 2021, the «Gov» category remained in first place overall, accounting for 15% of the total offensives on a global scale. In second place we find the ICT sector with 14%, followed by the Healthcare (13%), Education (9%) and Financial/Insurance (7%) categories.

Increase in attacks and severity

In addition to the number of attacks, it should be emphasized that the «severity» of cyber attacks is also increasing (severity of the impact of the attacks). Generally, it is possible to distinguish four categories or levels of impact: Low, Medium, High and Critical. The variables that contribute to the impact assessment for each individual attack are the geopolitical, social, economic (both direct and indirect), image and cost/opportunity impact for the victims. In 2021, Critical level attacks accounted for 32%, while High level attacks occurred in almost half of the cases (47%). Those with Medium impact instead represent 19% of the total. It follows that Critical and High level attacks together came close to 80% of the total hacker attacks. A significant surge if we consider that in 2021 it was equal to 54%.
Also from this point of view, Italy records data above the world average. While the world average of attacks classifiable as High severity stops at 36%, in our country, between 2018 and 2021, the percentage of the same severity of attacks is equal to 51%. Critical level attacks, however, represent almost a quarter of the total (21%) against the world average of 17%.

Attack techniques

As regards the aspect strictly linked to attack techniquesin 2021 the «Malware» category remained stable in first place, representing 41% of the total. In second place with 21% the «Unknown» category, while in third place are cyber attacks of the «Vulnerabilities» type with 16% of the total, growing strongly. Scaling up we find the categories «Phishing/Social Engineering», «Multiple Techniques» and «Account Cracking».

It is therefore clear that cybercriminal activism is increasingly organized and automated. Here’s why investments in the sector must be substantial and an absolute priorityalso and above all considering the fact that sectors such as Public Administration and Healthcare are dangerously exposed to cyber threats.
In this sense, companies still allow positive signals to shine through, despite Italy’s backwardness from a digital point of view and our country’s need to grow and make a switch, both cultural and mental.

Among companies, both large and SMEs, in 2023 the focus on Cybersecurity and the Information Security sector is confirmed as the main investment priority in digital.
As many as 61% of organizations over 250 employees have decided to increase their budget for cybersecurity activities in the last 12 months. And overall in 2022 the Italian cybersecurity market reached the value of €1.86 billion, with an exceptional acceleration of +18% compared to 2021. Positive numbers which, together with the actions carried out by ACN, give rise to hope and will allow our country and Italian companies to protect themselves more effectively from every type of cyber attack.

A practical and safe way in which entrepreneurs and professionals can safeguard their profession and their personal data is by adopting a Cyber ​​Risk policy. This coverage allows the insured to protect himself from cyber attacks and the resulting expenses and losses of data and confidential information. Furthermore, this coverage provides expert intervention for the recovery of lost data and decontamination from any malware. All these are services included in the Smart version, which has a maximum limit of up to €25 thousand. Lokky also offers its customers the possibility of taking out a Top version of the policy, which provides for an increase in the limit up to €250 thousand and the inclusion of numerous additional guarantees, including a daily allowance for business interruption and coverage of expenses for restoring the company’s image.

latest posts published

Lokky, the Italian data driven insurtech for professionals and SMEs

Lokky, the Italian data driven insurtech for professionals and SMEs

EconomyUp interviews Paolo Tanfoglio and Sauro Mostarda, Co-founder and CEO of Lokky Awarded as 'Best ...
An ally for cyber security: Load Balancing

An ally for cyber security: Load Balancing

Having a fast, high-performance and reliable website is a non-negligible aspect for those who have ...
Business Trend 2023 for SMEs, professionals and commercial activities

Business Trend 2023 for SMEs, professionals and commercial activities

The main trends of 2023 that you will need to consider in your business Digital ...
Occupational risks for pastry shops

Occupational risks for pastry shops

The pastry chef's activity involves the production of confectionery products, from the preparation of the ...
How to read a pay slip

How to read a pay slip

In collaboration with our partner F2Dwe decided to delve deeper into the elements that make ...
What are the most common cyber risks and how to protect yourself

What are the most common cyber risks and how to protect yourself

“Houston, we have a problem."Who doesn't know the words of Jack Swigert, pilot of the ...
Clinical Risk: What it is and What are the consequences

Clinical Risk: What it is and What are the consequences

In recent years, the responsibility of healthcare facilities has increased significantly and with this also ...
Commercial activities most affected by theft

Commercial activities most affected by theft

Theft, shoplifting and armed robberies are a plague for Italian traders. In Europe, Italy is ...
October is European Cyber ​​Security Month

October is European Cyber ​​Security Month

October is the European month dedicated to cybersecurity, a good opportunity to acquire new awareness ...
Estimating cyber risk: importance and difficulties encountered

Estimating cyber risk: importance and difficulties encountered

The biggest challenge regarding cyber security is to estimate cyber risk in a credible, sustainable ...

Leave a Reply

Tu dirección de correo electrónico no será publicada. Los campos obligatorios están marcados con *