No one is safe: even Giorgia Meloni is in the crosshairs of cybercriminals. Nobody’s safe. The most effective protection is an adequate training. Parola del Sole24ore e di un ex generale della Guardia di Finanza
No one’s safe from hackers, not even big-name politicians, who should be able to count on resources and personnel with a high technical profile capable of containing threats.
The recent hacking of the official Instagram profile of Prime Minister Giorgia Meloni is proof.
While she was on a flight to Rome, after her mission to Egypt, a story and post were published on her account with the words ‘Thanks Elon free Btc!‘ alongside the image of a fake Elon Musk profile.
These were basically promotional stories about an alleged trading system falsely associated with Elon Musk, with promises of high earnings.
The attackers have successfully obtained access to the page relying on social engineering.
The accident has been resolved in a matter of minutes. Even though it did not damage national infrastructures or personal data, it impacted the prime minister’s image, causing fake content to be rapidly spread around social media.
In the current global scenario, cyber-attacks are growing, often amplified by cyberwarfare campaigns.
Italy’s Prime Minister Giorgia Meloni’s accident serves as a warning and a reminder of the importance for everyone to gain a correct digital posture.This can be obtained only through awareness training adapted to the complexity and changeability that the times put before us on a daily basis.
Sole 24 ore newspaper reminds us of the boom in online fraud:
According to data from the Postal Police, the leading economic daily newspaper reports that in 2023, around 17,000 frauds were reported for a record value of EUR 140 million of which EUR 111 million were related to online trading. Market trading is certainly the most popular sector amongst hackers, with an increase of 20% over the previous year.
The number of reported cases rose to 4.329 (+12%). 4.329 (+12%).
‘We receive around 1,300 complaints a year,’ says Giuseppe Frega, Chief of Consob’s (Securities and Exchange Commission) Vigilance Office.
‘Digital channels of communication,’ says Frega, ‘have enabled the development of new operational patterns. In fact, abusive operators act through websites and increasingly use email, chat, and social networks. For instance, advertising initiatives that evoke ambiguous earning methods and are aimed at appropriating valuable data are frequent. A situation is becoming dangerous very quickly thanks also to the use of artificial intelligence that can counterfeit images and voices of well-known personalities’.
In fact, the fake video starring the well-known TV personality Fabio Fazio, whose image and voice were counterfeited to promote online investments, is recent.
‘It’s a real tragedy,’ emphasizes Umberto Rapetto, former General of the Guardia di Finanza (Italian Finance Police), now a cyber crime consultant, ‘because there is a lack of expertise to stop these threats. The problem has always been greatly underestimated and there has never been enough investment. Today, therefore, general unpreparedness is playing into the hands of those who commit crimes. We have seen so far, –’ said the former general speaking at the Sole 24 ore webinar, ‘many facilities, including public ones such as hospitals, attacked by ransomware, but this is still little compared to what could happen.’
‘Let’s not get fooled,’ stressed Rapetto, ‘by some statistics that speak of a slight decrease in crime.
In reality, it’s not that attacks have decreased, they have simply become more sophisticated and more difficult to recognize. Let us think, for example, not so much of the affected local health authorities, which have in any case suffered serious damage, but of all those local health authorities that have not yet realized that their information has ended up in the jaws of someone who will be able to sell that sensitive data to an infinite number of interlocutors: not only to pharmaceutical companies for market objectives, but also to banks, which will never give a loan to a cancer patient, or to insurance companies, which will not take out life insurance policies, and so on.
If we were to make a diagnosis of the condition of public computer systems, we would realise that it is no time to rejoice at a few falling figures because the trend is radically the opposite: there are incidents that are not even reported because the credibility of those who have suffered them would be at stake.
Also because nowadays a computer intrusion entails a series of obligations, including the obligation to notify the Privacy Guarantor and the very high risk of receiving a fine. This is why many people no longer report it’.
After outlining a critical and worrying picture Rapetto points to a solution.
‘The first thing to do,’ he said, ‘would be to follow a proper training course. We should even start raising awareness, starting at school and continuing until retirement. Because it takes very little to make a wrong click and trigger devastating actions that can create very long chains of damage.
We don’t just need software or hardware tools, but we need to strengthen the human being, who remains the weak link in the IT security chain’.
In short, if one really wants to protect the personal data of citizens or those of companies and public organisations, it is necessary to make a joint effort in terms of both public investment and shared knowledge, with the aim of promoting a more accurate computer security culture, which is indispensable for navigating safely in an increasingly interconnected and digitised world.
And it is no longer possible for anyone to find excuses to avoid effective training. Not even if one is President of the Council or a member of his staff.
