By Ranieri Razzante | 08/06/2021 - James Bond
Alongside a reform of cyber security, a new structure of the code of law against these new crimes is now necessary, as was done in the years of lead, in which kidnappings constituted a source of supply for terrorists and at the same time attacks against integrity of democracy. The analysis by Ranieri Razzante, Cybersecurity advisor to the Undersecretary of Defense
Data, networks, infrastructures, cyberspace, cloud, malware, ransomware, spyware, cybercrime, cybersecurity. Once there was talk of "computer", "pc", "hardware" and "software", "antivirus".
A geological era seems to have passed, since the recruding increase in hacker attacks in recent days, in Italy and around the world, and in 2020-21 in particular (in terms of intensity and severity), has imposed, among other priorities, also a “terminological” rethinking of the approach to this subject. Not only that, but they have - downstream - caused a (necessary) and new attention to the vulnerabilities deriving from the use of networks and the world offered by the Internet.
In Italy we have not been, at least in the past, very far-sighted. The security of the data contained in the hardware and PCs, because we were talking about it, has often been entrusted (data in hand), both by the public and corporate sectors, to generic antiviral protections, with just enough security measures against infiltration of unwanted mail. Many intrusions that occurred in our country seem to have been possible thanks to guilty flaws in the security systems, up to now guaranteed, the latter, only by our Intelligence and by the specialized departments of the Police Forces, without counting the excellence of the Defense sector, often forced to "chase" the threat, after the damage, rather than to prevent it. The debate is revived with this government, which triggers a rethinking of the simplistic mechanism described above, and reverses the course. Cybersecurity is a must, it is an integral part of the defense of Italy from external threats, this time made unarmed, without physical fights and white arms, but with the manipulation of networks and infrastructures that hold sensitive citizens' information. Over 20,000 attacks in 2020 alone on healthcare facilities in our country; in 2021 over 3,000 to individuals and companies. The pandemic acted as a catalyst. But also to strategic companies, professionals, commercial enterprises. The spasmodic use of the internet while being closed at home for Covid or in smart working acts as a reminder for those who want to earn from a new form of "kidnapping for extortion purposes", where, unlike in the past (fortunately far away) , you must not deprive a person of personal freedom and wait for the delivery of the requested sums, but in a few seconds steal or force or alter computer systems. To return them to their lost integrity, money is required, which cannot be easily traced: cryptocurrencies, precisely, crime money, to date at least, and up to its (desirable and very urgent) regulation.
What do cybercrime, terrorism and organized crime have in common? In theory, not much. Web extensions are used, precisely, to make money, nothing more. Terrorism differs, as is known, for the purposes, as well as for the original reasons. Mafia activities are much more structured and complex, entrepreneurial and "social". The only point of contact that seems possible to me today is the use of cyber attacks to raise money also to finance terrorist activities and mafias. As a non-olet pecuniary, what do you want a mafia or terrorist to care if the provision of funds to carry out his nefarious criminal activities comes from drug trafficking, weapons, or from extortion not only on the territory, but also via the web? The fear is - in my opinion - that now the mafias themselves exploit the malware market, that is, that they discover the possession and rental of these intrusive tools to be used / given to those who know how to do it, on their behalf. I remember that by now the main associative organizations sell their products, tools, and expertise acquired to raise money in "franchising". And, above all, to control the territory, pieces of the economy and state legal systems. And the web is the territory, it is - indeed - a "non-place", so vast that it cannot impose reliable boundaries on it. Extraterritoriality is a founding feature of the internet, and trying to bring it back to the laws of a country may take years, with probable negative results. The hackers are playing on this, and on the fact that profiling of them is not possible, such as what can be done in mafia and terrorism investigations. Are they Italians, foreigners, young people, seniors? There is an organization or are they also kids who enjoy teasing, as it did years ago? Who challenges the system and presents themselves as new anti-state actors? This too counts for little, according to the writer, given that the result of the criminal action is carried home easily and without requiring particular seniority of service. The challenges are therefore condensed in the total rethinking of investigation methods and in a new "counterintelligence", which traces the "line" of attack and neutralizes it. Basically, this is what the newly created Cybersecurity Agency in our country wants to do. First of all, to give Italy a governance structure for the phenomenon, which coordinates the best forces in the country against cyber crime, and at the same time trains the new generations of "counter-hackers"! An Authority that gives meaning to the multifaceted experiences of our intelligence and defense sector, and that, this one of the (numerous) innovations of the implementing decree just fired by Parliament, acts as a reference point for the prevention of attacks on critical infrastructures. publications, but also threats to the business system of the country. The object of the attacks is too varied by now for it to be monitored by limited forces in the field. Alongside a sector reform, there is also a need for a new structure of the code of law against these crimes, as was done in the so-called "lead years", in which kidnappings, it is repeated, constituted a source of supply for terrorists and, at the same time, attacks on the integrity of democracy. A global awareness of EU and supranational institutions is also urgently needed for a "single code", which creates common rules and policies for rapid and intra-state intervention, without jealousies and reservations. In this period we are witnessing the flowering of statistics, data and summaries of the phenomenon, by private bodies and authorities, which obviously are useful to scholars and operators. But perhaps the time has come to leave theory to the (meritorious) function that is proper to it, that is, as a prompter of politics, while it is desirable that we pass - as planned - to a counterattack that is no longer just defensive.