Italy Cyber Security and Cyber Crime Statistics

Cybercrime in Italy has been on the rise and poses a significant threat to all users. There is a crucial number of malicious programs infecting various types of networks and targeting local computer systems, mobile devices, and cloud software. These attacks result in the loss of money, time, and data critical for business operations.

Despite the growing influence of data everywhere, Italy lags in cybersecurity. The Italian government has declared that “cyber space is a strategic national asset,” but they have done little to secure it. In addition, Italian security analysts argue that well-informed attacks are now as easy as phishing emails.

Cyber security is one of the most pressing issues facing Italy. Not only does cybercrime cost Italian businesses and individuals billions each year, but cyber security also has implications for national security, public safety, and the global economy. Research shows that there are still high levels of cybercrime activity taking place throughout the country. In this article, we explore some of the most important cybercrime statistics in Italy to provide a view of the cybersecurity landscape in the country.

Cyber Security Statistics From Italy

In the last few years, cybercrime has become a pervasive threat, affecting millions of users around the globe. There are several forms of attacks, and all of them can cause significant damage and loss of critical data. Here are some of the most popular attacks and targets with relevant statistics. 

Recent Attacks 

The Lazio region in central Italy has faced a wave of cyberattacks in recent months. LockBit 2.0, a cybercriminal group in Italy targeted the ERG Group in July. The ERG Group safely recovered from a ransomware attack on some of its systems. The attack hit the client-side security systems, voice access service units of ERG, which are used by employees to remotely connect to the Intranet.  

The company said that “only a few minor disruptions” for its ICT infrastructure were registered, but added that it was taking action with its insurers to quantify the damages suffered. Fortunately, the company was able to ensure a safe and continuous production of energy, without the need to resort to manual procedures or expensive temporary external help.

On August 17, 2021, the Tuscany region in Italy fell victim to a cyber attack. According to local reports, hackers penetrated the electronic health records of more than one million residents. They then destroyed statistical and epidemiological data that could have an impact on public policy.

The ransomware attack took down the COVID-19 platform that allows users to request and pay for vaccinations. The attack resulted in the hijacking of many of the platform’s digital services and the encryption of its data. Fortunately, a team at the computer network of the healthcare agency of the Tuscany region was able to identify the attack, disconnect the server from the network, limit the data loss, and restore the stolen data from a backup copy. 

Phishing Attacks

From 2015 to 2019, phishing attacks — malicious emails that look like something trusted entities send out but are designed to steal sensitive data — more than doubled in Italy. The growth was fairly even across industries, with corporate-targeted phishing campaigns growing by 129%, while financial services reported the most significant increase at over 500 %.

Cybercriminals continued their successful attacks in Italy, with fraudulent emails posing as government agencies and individuals capitalizing on a lack of internal security procedures by local businesses to lure customers into revealing their sensitive details. In the past year, a report from Statista shows that phishing attempts increased from over 400 in 2015 to nearly 3,000 in 2019.

It followed a spike of 127% in 2018, where 1,852 people fell prey to these fraudulent messages – the highest increase among countries worldwide. 

Italy still remains heavily targeted by malicious email campaigns. According to a study by Kaspersky Labs, Italy was the fourth most targeted country in email crime in 2020 with a 5.45 % share. The country’s percentage was, however, lower than that of top targets Spain (8.48 %), Russia (6.29 %), and Vietnam (5.20 %). Germany (7.28 %), and China (5.9 %) rounded out the top five.

Kaspersky Labs also discovered that the number of scam websites originating from Italy has continued to grow, as 1.06% of all scam websites originated from Italy. It was followed by France (1.47 percent), Germany (1.37 percent), and the United Kingdom (0.80 percent). Around 0.33 percent of the scam websites have the .co.uk extension, while 0.28 percent have the .com.au extension and 0.17 percent have the .it extension domains.

Ransomware Attacks 

Ransomware is a particularly disruptive category of malware that can be devastatingly costly to organizations. Files are encrypted, often irreversibly, and the victims are either charged to decrypt them or left to suffer an operational outage. Ransomware attacks have increased almost 50% over the past 12 months, and almost two in three IT decision makers (ITDMs) in Italy (62%) say they expect to be victims of such attacks. 

Italy ranked as the sixth most-hit country with ransomware attacks. The CyberEdge Report (CDR) shows that about 64% of Italian organizations have experienced attacks over the last twelve (12) months. 

The Sophos State of Ransomware Report 2020 also found that 41 % of Italian organizations have been affected by ransomware, a figure lower than that projected by CDR above. India topped the list at 82 percent and was followed by Brazil (65 percent) and Turkey (60 percent). The good news is that nearly 40 percent of attacks were prevented from encrypting data.

Furthermore, in a ransomware attack in March 2021, hackers stole 40 GB of professional data from a luxury Italian menswear brand. Ragnarok, the infamous cyber security group that is responsible for one of Italy’s largest corporate data leaks in history, struck  Boggi Milano. However, the firm caught wind of the attack in good time and thwarted the hackers with the assistance of their IT department.

In addition to human resources documents and salary details, they also stole sensitive information including credit card information, logins, and passwords. By broadcasting their operations to the public, the hackers forensically collected evidence that can be used to prosecute them for their crimes. 

Reports show that this is one of several attacks perpetrated by Ragnarok, whose most recent victims include H&M, Zara, and the Ministry of Economic Development in Romania.

Targeted ransomware campaigns also hit big businesses, such as multinational energy company Enel and international eyeglasses company Luxottica. Others include locally-based businesses such as Italian money transfer service Quickflix, the local newspaper Il Tirreno, and the Italian Civil Liberties Union. 

Ransomware infections also struck hospitals such as those run by Spallanzani and San Raffaele hospitals in Milan, as well as Campari in Italy and internationally. Criminals seem to be focusing on strategically significant companies and organizations with large, global reach, so far avoiding the likes of smaller companies and individuals. 

Cost of Cybercrime

The Sophos State of Ransomware report found that the average cost of mitigation for Italian businesses that experienced a ransomware attack was $443,552.04. When excluding unsuccessful attacks were added, that number increased to an average of $732,348.83. While not the most costly of countries, Italy’s sporadic usage of sophisticated security mechanisms proved to be costly on several occasions. The report stated that on average, only six out of the 26 countries surveyed had lower costs. Discounting unsuccessful attacks also increased costs by more than half for Italy, on average.

Italian Organizations Spent 12.3% of Their IT Budgets on Security

According to CyberEgde, about 12.3% of IT budgets in Italy are spent on cybersecurity. It shows an increase of 4.7 % in spending on security, with the majority being invested in cyber-security solutions. That compares with roughly 10 percent of IT budgets in Spain, 10.6 percent in Mexico, 11.2 percent in Australia, 12.2 percent in Japan, and 12.3 percent in the US.

Out of all ten (10) countries surveyed, Italy has ranked at the top of the security spending chart for four straight years. However, cybersecurity spending is not an area where Italian firms stand out. Collectively, Italian companies expressed a 2 % lower likelihood to purchase new endpoint protection tools, compared to previous years. 

Italy Was the Fourth Most Hit Country With Banking Malware

A report from Kaspersky shows that a high volume of mobile banking malware attacks came from Italy in 2020. It made up 13% of all reported infections. Italy was the fourth most attacked country in the world, with face-to-face attacks by extortionists or hackers harming 1,311 people. Italy was hit by 3.3% of financial cyberattacks in 2020, with Russia experiencing 26.6% of attacks, Kazakhstan at 4.1%, and Germany topped the list with 4.5 % attacks.

Final Thoughts

While the internet has made several remarkable advances in recent years, online attacks remain a constant threat for users. The best way to protect yourself as you use the internet is to understand the risks and take measures to prevent cybercrime.