ServizioContenuto basato su fatti, osservati e verificati dal reporter in modo diretto o riportati da fonti verificate e attendibili.Scopri di più
Computer security

Ban on ransom payments and risk of prosecution for negotiators: the crackdown on cyber extortion

New measures to counter ransomware attacks: ban on ransom payments and possible prosecution of brokers

by Margherita Ceci and Ivan Cimmarusti

3' min read

Key points

3' min read

In the event of a ransomware attack - the compromise of computer systems for extortion purposes - it will no longer be possible to pay ransoms, on pain of a heavy administrative penalty. This prohibition is intended for public and private companies, and implicitly makes the activities of cyber-negotiators, i.e. those figures who mediate between the demands of cyber-criminals and companies, at risk of complicity in the crime of cyber extortion.

There is convergence - at least on the level of intentions - on what is, at present, the bill proposed by MP Matteo Mauri (PD). The text will soon be submitted to the Chamber's Culture Commission chaired by Federico Mollicone (Fdi) for due consideration. Sensitivity on the scourge of ransomware and ransomware is bipartisan, and the desire is to give, in parallel with the judicial clampdown, a boost to digital education. According to Mollicone, 'there is an issue not only of legislation and criminal law, but also of awareness, because the human factor is the 'soft underbelly' of this kind of attack.

Loading...

For this reason,' he added, 'I will propose that the Ministry of Education and Merit and the Agency for National cybersecurity (Acn) can make initiatives in schools for digital education stable. In this sense, the contribution of the Acn to industry awareness, which is being developed with the Roadshow for SMEs' by Confcommercio, is important.

Aziende sotto attacco informatico, no al riscatto: la proposta dem

The text of the proposal

.

In the text, which Il Sole 24 Ore was able to view, there is mention of the prohibition, for all public and private entities falling within the Cybersecurity Perimeter (companies on which functions or supplies of essential state services, such as banking, transport, and energy depend), to pay the ransom in the event of a ransomware attack.

Penalty: an administrative penalty commensurate with the breach. In the event of a risk of national security being compromised by ransomware, the Prime Minister may provide for exemptions and also apply intelligence measures.

Loading...

On the other hand, the obligation to notify the Csirt Italia (the Acn structure that monitors, intercepts, analyses and responds to cyber threats) within six hours, under penalty of an administrative sanction commensurate with the violation, has been foreseen for all persons who suffer a successful ransomware attack. The undercover activities of judicial police officers are also extended to computer networks and systems located outside Italy, if they have been used for cyber crimes.

It is also stipulated that the NCA should implement an action plan 'to provide concrete support' to those affected by ransomware (with a special focus on PPS and SMEs), with operational support to businesses both in managing the attack and in mitigating its effects, recovering operability, and evaluating alternatives to paying the ransom. Finally, a National Fund is created in response to ransomware attacks, to help victims who have fulfilled their obligations and suffered financial losses.

The role of negotiators

.

The ransomware problem, in fact, is anything but secondary, given that even in the past year SMEs have shown little preparation in the area of cybersecurity, as emerged from the Cyber index SMEs of Confindustria and Generali. Just think that between January and February last year, ransomware actions resulted in two companies halting production and having to lay off their employees because of this.

The result is that many companies, in order to resume normal operations, turn to figures who negotiate with cyber-criminals, ending up going along with the extortion demand. "Often," the director of the Postal Police, Ivano Gabrielli, told Il Sole 24 Ore on Thursday, "companies, in the urgency of having to restore their business, pay even high ransoms, not realising that they are feeding an increasingly aggressive criminal market, perhaps by hiring specialised brokers who, among other things, take on a role that can also be assessed in terms of liability".

But the issue also concerns national security. According to the intelligence community, in fact, ransomware attacks lend themselves to 'dual use': on the one hand, there is the economic profit of criminal organisations; on the other, the pursuit of purposes of 'espionage, influence, disruption, and digital sabotage by state actors'.


Copyright reserved ©

  • Ivan Cimmarustigiornalista

    Luogo: Roma

    Lingue parlate: Italiano, inglese

    Argomenti: Sicurezza, giudiziaria, inchieste, giustizia tributaria

    Premi: Nel 2011 tra i vincitori del Premio Internazionale Antimafia Livatino-Saetta

Loading...

Brand connect

Loading...

I prossimi eventi

Tutti gli eventi

Newsletter

Notizie e approfondimenti sugli avvenimenti politici, economici e finanziari.

Iscriviti