Ransomware: the violation of privacy that afflicts Italy

Ransomware: the violation of privacy that afflicts Italy


What is ransomware

What is ransomware? Definitely one of those things that would be best avoided, especially for those who have highly sensitive or valuable information on their electronic devices. This is because ransomware, just like a virus, infects devices, making the files and data contained within them inaccessible.

But how does ransomware actually work? These viruses are part of the "family" of cryptographic Trojan horses, designed for the sole purpose of extorting money from those who, unfortunately, are "attacked". The methods used by hackers are the most varied, making the range of activities to which extreme attention be paid to avoid falling into the trap really wide.

To avoid incurring unpleasant unforeseen events and to preventively defend against such attacks it is important know how to recognize a ransomware attack. There are several ways to "inject a virus"; the most trivial - and also the most used - by hackers is certainly a phishing email, used as a bait to obtain the user's credentials and sneak into his device.

Another method used is the so-called "Drive-by download": in this case the virus is "hidden" on a website, by accessing which you fall into the hacker trap.

A less used method, as it is more difficult to implement, is to pass the virus through removable devices (such as a USB stick): you then leave a stick containing the virus unattended, hoping that someone, driven by curiosity - and above all by unconsciousness - connects it to your device and that's it!

What makes ransomware recognizable is the fact that obviously, whoever infected your device, will have to tell you that you have been the victim of an attack, and therefore, will offer you the ransom to regain the availability of the your data. To do this, a warning is used, which the victim will see appear on his device, where a figure to be paid (almost always in Bitcoin) will be indicated as a ransom to regain the availability of his data.

How to behave when a ransomware data breach occurs

We talk about Data Breach when a computer breach occurs, whether voluntary, such as a ransomware cyber attack, or accidental, which causes loss, unauthorized access, compromise and numerous other hypotheses that involve personal data. The examples can be countless, from milder to more serious: examples of violations of considerable scope are the Twitter post bug discovered in 2018, the OVH data center fire, or the very recent data breach that involved the Ministry of Justice, which, as part of the 2021 qualifying examination, made the data of aspiring lawyers accessible. Precisely for this reason, only in some cases there are obligations that the law on the protection of personal data, the EU regulation 679/2916 (so-called GDPR), imposes on the occurrence of a violation.

When a date occurs breach ransomware, the data controller must first carry out an assessment of the concrete case, to verify whether that type of violation has actually resulted in a detrimental effect for the rights and freedoms of the data subjects. If the violation did not cause actual consequences for the interested parties or minor consequences, the owner can limit himself to keeping a note of the violation.

Photo credit - depositphotos .com A very different case is instead what implies a serious violation of the rights and freedoms of the interested parties, a hypothesis that obliges the owner to notify the data breach to the Guarantor for the protection of personal data. This notification must take place within 72 hours from the discovery of the violation, otherwise adequate motivation must be provided due to the delay.

Another discussion must be made for the interested parties involved, that is, those subjects to whom the personal data referred : in this specific case, the owner, if a data breach has occurred that has caused a serious infringement of the rights of the interested parties, must notify them, or individually, or, in the event that this becomes too difficult, must use suitable channels - such as press releases, announcements on their institutional sites, etc. - to inform them of the violation.

For more information, please refer to the article "Data breach and cyber attacks: how to behave"

What Italy is doing to defend itself against ransomware

Ransomware attacks are widespread across the globe, but some recent statistics suggest that the situation in states is extremely heterogeneous and diverse. Taking the example of Italy, the research "The State of Ransomware 2021" by Sophos, showed that in our country more than 30% of companies have been victims of ransomware in the last year. In almost 60% of cases the attack was foiled before it could compromise the security and availability of data, while in the remaining percentage of cases, companies saw their data encrypted and therefore impossible to use, as well as in full availability. of the hackers behind the attack.

The "scourge" of ransomware has obviously also affected the National Data Protection Authority, which, on its institutional page, has indicated that the payment of the ransom is a solution not to be preferred, as it is risky and above all that does not guarantee a result. Furthermore, the ransoms paid lead to the financing of criminal associations, thus fueling the business of cybercrime.

Photo credit - depositphotos .com We therefore recommend the contributions of highly specialized technicians and subjects, as well as reporting of the violation to the Postal Police, as well as to the Guarantor itself, in case of violation of personal data.

To protect IT security, it was the European Union itself that promoted a Regulation that was an instrument of cohesion and coordination for all member states on the subject: it is the EU Regulation 2019/881, known as the "Cybersecurity act".

One of the objectives that the European regulation aims to achieve by 2021 is the creation, at a national level, of a coordination center on IT security, which will then have to collaborate with the European Cybersecurity Competence Center. Some European states, such as France and Germany, have already aligned themselves with this provision, while in Italy the debate still seems open, and the creation of the center still seems far away.

What can you do to defend yourself from ransomware

What differentiates a safe activity from one that is not, is certainly the awareness of the potential risks it can face. Especially when it comes to computer viruses, it is essential to prevent possible attacks, but it is also necessary to immediately take action if you are the victim of a cyber attack. Giving in to the ransom is almost never the solution, because in addition to the financial expense, it does not guarantee that hackers will comply with the established conditions and therefore make the data accessible again. Precisely for this reason it is important to contact qualified individuals and professionals in the sector, who can help you understand if you have been the victim of a cyber attack, as well as help you protect your personal data if it has already been.

If you have need an IT legal consultancy to understand if you have been the victim of a cyber attack or have already suffered a violation and want to protect your rights and especially your data, entrusted to qualified professionals, such as our partner FCLEX Law Firm.

Powered by Blogger.