On March 6, Italy could suffer cyber attacks linked to the conflict in Ukraine. Word of the CSIRT (Computer Security Incident Response Team), a structure established at the National Cybersecurity Agency. The comment by Umberto Rapetto, director of Infosec News
On Sunday 6 March, our country could suffer cyber attacks linked to the conflict in Ukraine. On Saturday evening, the CSIRT (Computer Security Incident Response Team), a structure established at the National Cybersecurity Agency, in fact issued an alert for possible cyber attacks in Italy. Healthcare companies and hospitals, "probably by virtue of the humanitarian aid that are being put in place", are "a very sensitive target". High risk also for Italian government bodies and strategic companies for the national interest. The invitation is therefore to raise the protection measures, paying maximum attention to email, antivirus, sites exposed to the outside. "The recent serious Ukrainian crisis requires all institutions and sensitive targets, such as companies and healthcare facilities, to pay close attention and monitor cyber security systems in real time to prevent possible cyber attacks' ', recommends the Csirt . (Start Magazine editorial team) +++ THE COMMENT OF UMBERTO RAPETTO Finally some good news. Today, March 6 - and only today - Italy runs the risk of a cyber attack. Already in 36 hours we will be able to stay safe. The announcement - made in the style of Poltrone & Sofà - comes from the "cybersecurity artisans". A strange country ours, really strange. While the world is in turmoil, fear is skyrocketing and everyone ran for cover with seriousness and method, we two leading entities in this dramatic historical phase of emergency stand out for their questionable suitability for their respective roles. The competition between those who want to demonstrate the greatest unpreparedness to face possible terrible tragedies is between the Civil Protection and the Cyber Agency, who duel head to head to compete for the ambitious record. Putin announces the activation of his nuclear "defensive" plan and Russian barbarian hordes take possession of another similar structure. In Switzerland, the government distributes a vademecum to the population and provides information - perhaps excessive but more than logical and understandable - on the behavior to adopt and the initiatives to adopt. On our part, Fabrizio Curcio - head of the Civil Protection Department - announces that "there is a nuclear defense plan but we hope not to have to implement it". I don't know why thoughts immediately turn to Covid and the plan to deal with an epidemic emergency which - drawn up in 2006 - was never updated…. I then ask myself, and I do not think I am the only one who poses the same dilemma, why not inform the community about what it would be appropriate to "budget". Nobody wants to know "secret things" that it is right to be disclosed only to those who by direct competence will eventually have to deal with them, but probably the Swiss example can suggest the correct dosage of information that can allow everyone - without races and fights - to organize themselves for a hypothetical worse. Yesterday, March 5, in the middle of Saturday afternoon, the alert of the National Cybersecurity Agency swoops - almost as if you were to read it as the wish for a good weekend - which foresees a cyber attack on Italy, a digital attack that would take place tomorrow. For months, our poor nation has been the helpless target of the most incredible technological harassment that has exposed the vulnerability of both public and private computer systems to public mockery. Attack more, attack less, it is not yet another alarm that arouses legitimate concern. The statement is so vague as to give dimension to the current control of the situation. After having seen the "peacetime" debacle of the Lazio Region and an endless crowd of companies and public administrations brought to their knees by ransomware attacks, perhaps we expected at least a handbook of things to do. Given then the due honors and the not insignificant remuneration that are paid to those who have been chosen to carry out the delicate mission of protecting us from technological threats, it would not be displeased to receive something more than that little page on the Internet that the CSIRT (the already existing Computer Security Incident Response Team now an offshoot of the Agency) entitled "Protection measures of national digital infrastructures from possible cyber risks deriving from the Ukrainian situation (BL01 / 220214 / CSIRT-ITA)". At 16.19 on Saturday, the IT systems workers, who are notoriously stationed tirelessly on the CSIRT website (the Internet page of the Cyber Agency has mainly elebrative) instead of dedicating themselves to the preparations for an evening with their girlfriend or friends, they were finally able to find out what they should have done during their entire professional life to correctly set up the necessary defenses in the event of an attack on the digital bayonet ... One would think - banality is my forte - that the first aid instructions for the most common cases of "crisis" would have welcomed the establishment of an operations center ready to give advice and practical indications in case of need. A "concrete" reference and above all reachable not only with the PEC or the form to be filled in online but with different (and each well known to all) communication systems (telephone, sms, instant messaging, telex, amateur radio channels ...) so as to ensure (or at least try) the direct connection between all those catapulted onto the cybernetic front of the ongoing war and who is in charge of this delicate and disturbing panorama. But if the danger is only for tomorrow, what reason is there to worry? This pitfall, unfortunately, is subtle. The attack may have already occurred or it could reveal its effects at a later time, perhaps with a slow, progressive and inexorable manifestation.