Italy cyber security and cyber crime statistics

Cyber crime numbers have seen a considerable increase over the past year, with many experts attributing the surge in online crime to the COVID-19 pandemic.

Italy has seen similar patterns to the rest of the world, with citizens and organizations in the country scrambling to respond. As a result, cyber security has become a priority for the Italian government, businesses, and individuals.

Below, we look at some of the most important cyber crime and cyber security statistics for Italy in 2022 to give you an understanding of today’s circumstances in the country.

1. Over 85% of Italian organizations were subject to at least one successful attack within a 12-month period

The CyberEdge Group 2021 Cyberthreat Defense Report (CDR) provides the results of interviews with security professionals in various regions across the globe. It found that in the past year, 87.8% of Italian organizations have dealt with a successful cyber attack, up from 85.7% in 2020.

2. 30% of Italian firms believe they will be attacked by ransomware in the next 12 months

47% of firms surveyed in Italy believe there is a moderate chance that they will be attacked by ransomware in the next 12 months. 30% of those firms believe there is a high chance that they will be attacked in the next year. Source: The Innovation Group.

3. 60% of organizations in Italy dealt with ransomware attacks

The CyberEdge report also tells us that almost two in three Italian organizations have been hit with a ransomware attack in the past 12 months. This is down from 64% last year, and Italy has dropped from the sixth-most common target to the 12th.

4. 12.3% of IT budgets are spent on security

According to CyberEdge, Italian companies spend just over 10% of their IT budget on security. This represents a decrease of roughly 2% compared to 2020. Relative to other countries, Italy sits at the bottom of the pack. Brazil now spends the highest portion (15%) of its IT budget on security, though it should be noted that spending has decreased across the board.

cybersecurity spending 21
Source: CyberEdge 2021 CDR Report

5. Almost 8 in 10 organizations prefer security products that involve the use of machine learning and AI

Another interesting area that CyberEdge probed was that of machine learning and AI. It found that 79.2% of Italian companies preferred products that involved these technologies. The leader here was Saudi Arabia (98%) and the country with the lowest interest was Germany (71.6%).

6. Italy was in the top six countries hit with banking malware in 2020

A Kaspersky banking malware study into financial cyberthreats found Italy was the sixth most attacked country with banking malware in 2020. It was hit by 3.3% of attacks while Russia experienced 26.6% of attacks followed by Germany (4.5%) and Kazakhstan (4.1%).

Although detailed figures aren’t yet available, later research (PDF) from the same organization seems to show that the number of Italians impacted remained roughly stable in 2021. Interestingly, attackers seem to have switched targets, as Middle Eastern countries are now far more likely to be attacked.

7. Mobile banking malware became much less common in 2021

Another Kaspersky study looked at the rate at which users in various countries dealt with mobile banking malware attacks. In 2020, Italy was the fourth most attacked country, behind only Japan, Taiwan, and Spain. However, in 2021, Italy wasn’t in the top ten most common targets, with the percentage of affected users dropping from 0.71% to just 0.08% in Q3 of 2021.

8. Over 30% of Italian companies  experienced a ransomware attack in the 2020/2021

The Sophos State of Ransomware Report 2021 sheds light on the number of organizations impacted by ransomware. It tells us that 31% of Italian companies dealt with ransomware in 2021, which is far lower than the figure stated in the CDR above. In the Sophos report, Italy was roughly in the middle of the pack. India topped the list by a large margin at 68%, followed by Austria (57%) and the US (51%).

Chart showing ransomware attacks.
Source: Sophos

9. 38% of ransomware attacks were stopped before data was encrypted

The 2020 Sophos report studied how well companies were able to react to ransomware attacks. Almost 40% of ransomware attacks against Italian organizations were stopped before data encryption commenced. This put Italy in the top three countries behind Turkey (51%) and Spain (44%).

10. 6% of Italian organizations hit by ransomware paid the ransom

Of the Italian ransomware attacks studied, Sophos found organizations paid up in just 6% of cases. This was very low compared to top payee India (66%) and just two percentage points ahead of the least likely to pay, Spain (4%).

11. The average cost of a ransomware attack in Italy was around $680,000

Another key statistic provided by Sophos was the average cost to remediate a ransomware attack. For Italian companies in 2021, that figure was $680,000. Only six out of the 26 countries had lower costs.

12. 88% of organizations hold cyber security insurance

One more area we can learn about from the Sophos report is cyber security insurance. Almost nine in 10 Italian organizations have a cyber security insurance policy, which is about average on a global scale. 68% of those that have cyber security insurance are protected against ransomware.

13. A March 2021 ransomware attack saw the theft of 40 GB of data from a premium Italian brand

At the end of March 2021, premium Italian menswear brand Boggi Milano was hit by a large ransomware attack executed by the Ragnarok group. The hackers exfiltrated 40 GB worth of corporate data including human resource documents and salary details.

14. Ransomware takes down Lazio’s vaccine registration portal in August 2021

The Lazio region had all of its files encrypted by ransomware in August of 2021. While no sensitive data was leaked, this caused disruption to (among other things), the region’s COVID-19 vaccination efforts, as users were unable to book appointments until the situation was resolved.

15. Italy remains heavily targeted by malicious mailshots

According to research by Kaspersky, Italy was the third most targeted country by malicious mailshots in Q3 of 2021 with a 5.47% share. The country’s share was lower than that of top target Spain (9.55%) and Russia (6.52%), and slightly higher than Brazil (5.37%) and Mexico (4.69%).

malicious email targets
Source: Kaspersky

16. Fewer than 1% of scam websites have .it domains

Kaspersky also investigated where scam sites appear to originate. While the largest portion (29.17%) are .com domains, a significant number have country-code extensions. In 2020, 1.06% of scam website domains had the .it extension but in 2021, this number has fallen to the point where it isn’t even mentioned.

17. Italy ranked 54th out of 79 countries in our cyber security study

A Comparitech study used a variety of factors to rank 75 countries based on their overall cyber security score. Criteria included the prevalence of various types of malware, the number of attacks that originate in the region, how prepared the country is for cyberattacks, and more. Italy didn’t score all that well, ranking 54th out of 75 with a score of 21.09. The top-ranked country was Denmark (scoring 3.56) and the lowest-ranked was Tajikistan with 35.54 (a lower score is better).

18. Italy has seen over 400,000 COVID-19 related malicious files

McAfee has been tracking malicious file detections since December 2020, observing over 16 million across the globe so far. Of those, 403,981 were detected in Italy. This puts the country in fifth place in terms of volume. Ahead of it are the US, Spain, South Africa, and Colombia.

See also: COVID-19 cybersecurity statistics

19. 83 GDPR-related fines have been issued in Italy

Privacy Affairs tracks all GDPR fines that have been made public to date. Of 854 fines in the database, 83 were issued in Italy.

20. The fifth largest GDPR fine was against an Italian organization

The DLA Piper Data Breach Report 2021 reveals information about GDPR fines issued since the regulations were introduced in May 2018. One of the largest fines to date was issued by Garante (Italy’s data protection supervisory authority) against a telecommunications operator. The company was reprimanded for a number of breaches and ordered to pay €27.8 million. The eighth and ninth largest fines were also issued in Italy.

21. Italy tops the list of total value of GDPR fines

According to DLA Piper, organizations operating in Italy had amassed the largest total amount in fines in 2021. At €69,326,716, Italy just beat Germany, which had totalled €69,085,000 in fines.

Date breach fines graph.
Source: DLA Piper

22. There have been over 3,000 personal data breaches in Italy over the past four years

DLA Piper found that Italy has seen reports of 3,460 personal data breaches since May 2018. It also reveals that there was a total of 1,574 breaches in 2020 and 1,276 in 2019.

23. An April 2020 attack impacted Italy’s social security website

The INPS, Italy’s social security agency, was the subject of a large cyber attack in April 2020. Multiple attacks occurred while Italians were beginning to apply for pandemic-related benefits, forcing the site to shut down. While the site was still active, users reported being able to see the personal data of other applicants while trying to complete their own requests.

24. There was a huge jump in phishing attacks in early 2020

Cynet monitors the prevalence of phishing attacks on a month-to-month basis. At the start of the pandemic, it saw a notable increase in the number of phishing attempts in Italy. Between February 15 and March 15, 2020, the number of attacks in the country was almost three times normal levels. This is in contrast to the other countries studied where activity simply fluctuated slightly. In light of these observations, Cynet warned CISOs worldwide to be prepared for similar spikes in other regions.

Italy phishing attacks chart.
Source: Cynet

25. Italy has the lowest rate of businesses using MFA

The 3rd Annual Global Password Security Report by LastPass studied various aspects of password and login habits among employees. It found that Italy has the lowest portion of businesses with employees using Multi Factor Authentication (MFA) at just 20%. This was significantly lower than the top adopters of MFA: Denmark (46%), the Netherlands (41%), and Switzerland (38%).

26. Employees have an average of 80 passwords each

LastPass asked employees how many passwords they have to deal with and found that the number in Italy was a hefty 80. The only country where users have more passwords is Belgium where the average is 112. Behind Italy are New Zealand, Spain, and the UK, where the average is 76.

Average number of passwords graph.
Source: LastPass

With so many passwords to deal with, it’s perhaps not surprising that employees have an average of 12 reused passwords each. That said, this was on the lower end; the highest was Canada (15) and the lowest in Denmark and Sweden (11).

27. The Italian cyber security market is estimated at $1.7 billion

According to the latest statistics from the International Trade Administration, the cyber security market in Italy is worth approximately $1.7 billion. The largest user bases are the financial sector, followed by defense and local government.

28. The average cost of a data breach in Italy is over $3.5 million

The IBM Cost of a Data Breach Report 2020 reveals how much the average data breach cost per region. In 2021, that figure for Italy was $3.61 million, which was below the global average of $4.21 million.

cost of data breach
SourceL IBM Cost of a Data Breach 2021

29. Most data breaches are caused by compromised credentials

IBM found that 20% of data breaches are the result of compromised credentials. A further 17% stem from phishing, while cloud misconfiguration resulted in 15% of breaches.

30. It takes an average of 268 days to identify and contain a data breach

An important factor when studying data breaches is the time it takes to identify and contain a breach. Italy does quite well in that regard taking an average of 203 days to identify a breach and 65 days to contain it. To put this in perspective, the Ponemon Institute (PDF) found that German companies take 128 to identify and 32 to contain a breach, and Brazilian organizations take 265 to identify and 115 days to contain.

31. The theft of military and defense data led to arrests by Italian police

At the end of 2020, arrests were made in an investigation into an insider hack at Italian defense firm Leonardo. Details of military aircraft involved in the firm’s fighter jet program appeared to be the main target of the attack. While the arrest was recent, the investigation has been ongoing since January 2017 when Leonardo first noticed an abnormal flow of data from its network. However, Leonardo maintains that computers that were violated did not contain classified, strategic information.

32. Italy is one of the top 2 European countries impacted by stalkerware

A Kaspersky study of stalkerware found that Italy is the second most affected country in Europe. It saw 1,144 stalkerware incidents in 2020, putting it behind only Germany which saw 1,547. On a global scale, Italy was in eighth place. Russia topped the list with 12,389 incidents, followed by Brazil (6,523) and the US (4,745).

Additionally, we found that Italy had one of the highest search volumes for stalkerware. It ranked 7th globally, with over 640,000 searches in 2021 alone.

33. Italian health facilities were hit by a huge ransomware attack in May 2022

A cyberattack on the Sacco, Fatebene, Buzzi, and Macedonio Melloni hospitals in Milan saw nurses and doctors reverting to pen and paper to record medicines administered, patient symptoms, and treatments.

While no criminal body claimed responsibility for the attack, mentions of “encrypted medical records” pointed to ransomware as a likely culprit. Though no ransom sum has been specified at the time of writing, the report states that a ransom will almost certainly be requested.

34. Italy had the 7th-most attacks in December 2021

Kon briefing reports that Italy experienced five large cyberattacks in December 2021, behind Spain and Brazil with 6 attacks each. The USA remained the largest victim of attacks in this period, with 20 major outages.

Graph showing major cyberattacks in December 2021

35. Conti hacking group hit an Italian toy manufacturer at the worst possible time

Clementoni, a huge toy manufacturer in Italy, was crippled by a cyberattack in the midst of Christmas. The Conti hacking gang claimed responsibility. The attack came on December 4, but the effects began spiraling on December 5 when employees communicated interruptions on the systems used to process orders. The Conti ransomware is deployed using phishing attacks to install the TrickBot and BazarLoader Trojans in order to gain remote access to infected machines.

36. City of Palermo shuts down systems to mitigate cyberattack

In June of 2022, the City of Palermo in the South of Italy had to close down all of its municipal systems due to a massive cyberattack. The attack led to the closure of public video surveillance management, the municipal police operations center, and all of the municipality’s public services.

The ransomware attack lasted for days and meant that nobody could communicate with public offices via digital means. The massive cyberattack was eventually claimed by the Vice Society ransomware group. It is a reminder of just how crippling an attack can be on the government’s infrastructure in Italy.

Italy has announced its first-ever National Cybersecurity Strategy

In May of 2022, the Italian government announced its first ever National Cybersecurity Strategy, which will be applied between now and 2026. The document details the government’s plan to address cyber threats and increase cyber resilience in the country.

The strategy comprises 82 objectives in total. Below, we have included some of the things that the government hopes to address:

  • The protection of national strategic assets.
  • The response to cyber threats and the management of incidents and crises.
  • The development of new digital technologies to secure digital assets in Italy.

See also: