From The Lazio Region To IKEA: ToothPic Unveils The Main Cyber Attacks Of 2021 On Companies And Reminds Us How The Use Of Authentication Methods With Biometrics Is In Danger
2021 turned out to be a pretty tough year for cybersecurity. In the latest report published by Clusit, in the first half of 2021, there was an increase in cyber attacks perpetrated against European realities (from 15% to 25%). Italy, in particular, is the second European country to have been targeted by cybercriminals.
The COVID-19 crisis and the change in working practices, increasingly geared towards smart working, have increased hacker attacks. The public or home networks used to work remotely do not have the same security systems as corporate ones. Toothpick, an innovative startup focused on cybersecurity for authentication, takes stock of the leading cyber-attacks in Europe in 2021 against companies and organizations.
The IT systems of the Lazio Region – and in particular the Data Processing Center (CED), which manages the entire regional IT structure – were hit by a cyber attack. By hacking into an employee’s account in an intelligent way, the hackers have reached that of a network administrator.
The Eurolls company was the victim of a cyber attack which, by exploiting the smart working condition of one of the employees, resulted in the blocking of the operating system and access to company data.
Green Pass Theft
Some fake green passes have been published on a well-known hacking blog, created by authenticating an Italian service in Emilia Romagna.
Gaetano Matino Polyclinic Of Messina
Among the most famous hacker attacks in Italy is the one at the ASP of Messina: the passwords to access the portal of the Policlinico Gaetano Martino have been stolen, making it impossible to respond to the numerous requests from public and private bodies.
After gaining access to the company’s email servers, IKEA suffered a cyber attack from unknown cybercriminals who deceived employees with a more advanced version of phishing to steal sensitive data.
Biometrics Are Also In Danger
“The attacks that took place in recent months show how malicious users exploit the weaknesses deriving from the poor security of corporate infrastructures and authentication methods to take possession of sensitive data – explains Giulio Coluccia, CEO & Co-founder of toothpick -. In this regard, even the authentication methods based on the user’s biometrics , often considered safer since they involve verifying physical characteristics, are actually characterized by significant weaknesses “. To compromise a user’s account protected by a fingerprint, it is not necessary to have direct access to the fingerprint.
Just the photo of a surface with the user’s fingerprint, a standard laser printer, and some vinyl glue to create a working replica of the photographed print
“Often, cybersecurity is considered by companies as a cost and not as an investment – underlines Coluccia -. Today more than ever, one of the priorities must be online security; consequently, investing in increasingly cutting-edge and secure technologies can bring benefits on many fronts. Any losses in terms of money resulting from cybercrime will undoubtedly be more significant than an initial investment in more secure authentication solutions “.
The solution can recognize the devices from which a specific transaction has taken place, solving any cases of false declarations or suspicious bank movements;
On the other hand, it guarantees the protection of internal structures, allowing employees to use your device as a secure authentication key to access corporate platforms while protecting identities and sensitive data.
“Thanks to its innovative technology, ToothPic’s passwordless solution guarantees a high level of security, ensures a better user experience, and is more competitive on the pricing side for companies – concludes Giulio Coluccia –. The solution allows the identification of devices through a physical characteristic not assigned by a manufacturer and is therefore extremely safe since it can not be cloned or masked. As well as being very convenient, given that the adoption of the technology does not require new tools or further investments in hardware by the companies that will implement it “.