Ukrainian war, Draghi: "Moscow dangerous on the cyber front, ad hoc task force activated"

The Prime Minister: "A Cybersecurity Nucleus has been created to share the information collected and a permanent table has been set up on the current crisis". New Csirt alert: "Raise security levels again". Russia ready to attack cyber hubs in Kiev 01 Mar 2022 Federica Meta Journalist

"The deterioration of relations between Russia and the European Union and NATO has made Moscow's posture towards the West even more aggressive in the cyber and disinformation sphere". This is what was highlighted by Prime Minister Mario Draghi during his communications in the Senate on the conflict in Ukraine. "In fact, Russia has accentuated its hostile activities towards the countries of the European Union and NATO, with the aim of undermining our cohesion and ability to respond. A special Cybersecurity Nucleus was activated to share the information collected and a permanent table dedicated to the current crisis was set up within it ". "To Italian citizens, who are worried about the consequences of this conflict, I want to say that the Government is working incessantly to counteract the possible repercussions for the country - explained Draghi - The Ministry of the Interior has issued directives regarding the measures of supervision, to protect sensitive objectives. For the aspects related to refugee security checks, the Government has activated all national and international coordination mechanisms to monitor potential threats ”. Index of topics • New alarm from the Cybersecurity Agency • Moscow ready to attack Kiev's cyber hubs New alarm from the Cybersecurity Agency The National Cybersecurity Agency (Acn) renews the alert on potential cyber attacks on Italy. "In relation to the evolution of the conflict in Ukraine and the resulting geopolitical situation, the National Cybersecurity Agency again recommends all national digital infrastructure operators to adopt a posture of maximum cyber defense - reads a note from Acn - Following the recommendations already issued in recent days, it is extremely important to make operational among those, all the most urgent prevention and control measures, such as actions aimed at reducing the external and internal attack surfaces, the verification that the access control the systems are implemented correctly, the raising of the monitoring levels of the IT infrastructures, the adoption of plans for the preparation and management of cyber crisis situations, the exchange of information both internally and externally towards the relevant cyber divisions, Agency of National Cybersecurity - Csirt Italia in primis ”, continues the note. • Allows the sending of promotional communications relating to the products and services of third parties with respect to the Joint Controllers who belong to the manufacturing, services (in particular ICT) and trade branch, with automated and traditional methods of contact by the third parties themselves, to which the data is disclosed. "In particular - continues the Acn note - in referring to the new detailed information provided by the Agency through the Csirt Italia at the address and the Twitter social channel / csirt_it, it is recommended that the following main and urgent measures be adopted: constantly making users aware of the risks deriving from malicious files or links received through communications that could constitute phishing (email, sms, instant messaging, etc. etc.); verify the correct application of the password policies, evaluating the possibility of carrying out a password reset for all users; verify the functionality and effectiveness of the data backup and recovery systems, providing, if not already implemented, the off-line maintenance of the back up ". Where it has not already been done, the Agency plans to "plan and implement 'zero trust' security models, or models that go beyond the concept of a secure and reliable network perimeter, providing for the authorization and authentication of each single access to IT services and the capillary segregation of network components; reduce the level of external exposure, reducing the exposed services and communication channels to essentials, such as secondary internet connections that are not adequately protected ". Moscow ready to attack Kiev's cyber hubs Meanwhile, the Kremlin is also sharpening its weapons to bend Ukraine on the cyber front. The Russian Defense Ministry warns those who live in the areas where the so-called "cyber hubs" are located, i.e. the military sites from which cyberattacks are carried out, that it is about to launch a targeted attack to destroy them, recommending that they leave their homes. "In order to thwart cyber attacks against Russia, shots with high-precision weapons will be carried out against the technological facilities of the Security Service of Ukraine and the 72 main centers of psychological and intelligence operations in Kiev," the ministry said. "We urge Ukrainian citizens who are enlisted by Ukrainian nationalists to stage provocations against Russia, and also Kiev residents living near relay centers, to leave their homes," the statement read. At the same time, attacks on the government and the Ukrainian military sector increased dramatically by 196%, in the first three days of fighting. While those to Russian organizations increased by 4%. Phishing emails in the East Slavic language increased by 7 times, of which a third were directed to people of Russian nationality, sent from Ukrainian email addresses. This was revealed by the numbers of Check Point Research (Cpr) which also warns of malicious emails with the aim of deceiving people who want to support the Ukrainian population with donations. As for the Government / Military sector of Ukraine, there was a 196% increase in cyber attacks in the first three days of combat, compared to the first days of February 2022. The same sector, both globally and in Russia, did not report a similar increase. In recent days, in Russia, Cpr has seen a 4% growth in cyber-attacks by organization, compared to the same days in the previous week. In Ukraine, the overall amount of cyber attacks per organization increased by 2%. Other countries experienced a net decrease in cyberattacks by organization Also significant 7-fold growth in phishing emails in East Slavic languages (Russian / Ukrainian), 1/3 of which addressed to people of Russian nationality come from Ukrainian email addresses, both real and fake. Alert also on donations to Ukraine. The report found fraudulent e-mails designed to raise money by exploiting this dramatic situation. Recipients are lured with an invitation for a donation destined for fake Ukrainian support funds. "Information technology is expanding around the ongoing Russia / Ukraine conflict. We are seeing an increase in cyber attacks on both sides, with the Ukrainian government and military being the most affected - explains Lotem Finkelstein, Head of Threat Intelligence at Check Point Software - It is important to understand that the current war also has a dimension. cyber, in which users are choosing their side, from the dark web to social media. Experts, cybercriminals, white hat researchers or even technology companies are taking sides, encouraged to act in the name of their choices ". "We want to warn, from malicious emails, all people who try to send donations to Ukraine - concludes the expert - Always check the sender's e-mail address, check if it is authentic and if there are errors of spelling in the body of the text ".

task force