Italy cyber security and cyber crime statistics

During the pandemic, Italy experienced a massive surge in cyberattacks and online crime. Two years after returning to relative normality, the country still endures elevated levels of cybercrime.

The ongoing rise in cyberattacks and online fraud has led to an outcry from citizens and businesses alike, and people are asking hard questions about how the Italian government is handling the nation’s cyber-preparedness.

In this guide, we have compiled a list of important cybercrime statistics covering the period from 2020 to 2024. By looking at the evolving nature of cybercrime in Italy, we will provide the knowledge needed to better protect your devices, personal data, and business data against the ever-rising threat of cybercrime.

1. Over 85% of Italian organizations were subject to at least one successful attack within a 12-month period

The CyberEdge Group 2021 Cyberthreat Defense Report (CDR) analyzes the results of interviews with security professionals in various regions across the globe. It found that 87.8% of Italian organizations have dealt with a successful cyber attack, up from 85.7% in 2020. The 2023 CyberEdge report revealed a whopping 22% of Italian businesses suffered six successful cyberattacks or more.

2. 72.4% of Italian companies believe they will suffer an attack in the next 12 months

The 2023 CyberEdge Group Cyberthreat Defense Report (CDR) reveals that 72.4% of businesses in Italy expect to suffer a cyberattack in the next 12 months. Worryingly, the businesses considered to be most at risk were financial services.

3. 68% of organizations in Italy dealt with ransomware attacks

The 2023 CyberEdge report reveals that 68% of organizations in Italy suffered a successful ransomware attack. The report shows that Italian companies rate ransomware as the fourth most likely type of attack (behind malware, account takeover, and phishing).

4. 12.3% of IT budgets are spent on security

According to CyberEdge, Italian companies spent just over 10% of their IT budget on security in 2021. In 2023, companies are reporting a 4.7% mean increase in spending over previous rates.

cybersecurity spending 21
Source: CyberEdge 2021 CDR Report

5. Around 8 in 10 organizations gravitate to security that leverages machine learning and AI

In their 2021 report, CyberEdge Group highlighted that Italian businesses have a strong inclination towards innovative solutions incorporating machine learning (ML) and artificial intelligence (AI). The study found a remarkable 79.2% of Italian companies showed a preference for security products that used advanced technologies.

In its most recent report, CyberEdge reported companies that invested in machine learning experienced a significant decrease in drive-by downloads and zero-day attacks. CyberEdge explains:

“We think this is the result of improvements in security tools that monitor activities on networks and endpoints, and use machine learning and AI to identify malicious actions early enough so that security teams can respond to and contain exploitation.”

6. Italy was in the top six countries hit with banking malware in 2020

A Kaspersky banking malware study into financial cyberthreats found Italy was the sixth most attacked country with banking malware in 2020. It was hit by 3.3% of attacks while Russia experienced 26.6% of attacks followed by Germany (4.5%) and Kazakhstan (4.1%).

Later research (PDF) from the same organization seems to show that the number of Italians impacted remained stable in 2021, and dropped in 2022. Interestingly, attackers seem to have switched targets, as Middle Eastern countries are now far more likely to be attacked.

7. Mobile banking still a huge threat in 2024

Despite experiencing a slight improvement in 2021, new stats from Zimperium reveal that consumers from 44 different Italian banks are being actively exposed to mobile banking malware. This reveals that the threat is still very much alive.

8. Over 65% of Italian companies  experienced a ransomware attack in the 2023

The Sophos State of Ransomware Report 2023 reveals that ransomware attacks are still increasing in frequency. A previous report stated that in 2021, 31% of Italian companies dealt with ransomware. By 2022 this figure had increased to 61%, and in its most recent report, the new figure is 65% of businesses.

9. 38% of ransomware attacks were stopped before data was encrypted

The 2020 Sophos report studied how well companies could prevent ransomware attacks. The research revealed that nearly 40% of ransomware attacks targeting Italian organizations were thwarted before data encryption could even begin. This impressive defensive capability positioned Italy among the top three most resilient countries, trailing just behind Turkey, with a 51% prevention rate, and Spain at 44%.

Although its most recent report doesn’t examine individual statistics for each country, it provides the average for respondents from all countries. These figures show that the situation is getting worse. The number of occasions when an attack was stopped before data was encrypted dropped from 31% in 2022 to 21% in 2023.

10. 56% of Italian organizations hit by ransomware paid the ransom

The 2023 Sophos report reveals that 56% of companies that suffered successful ransomware attacks decided to pay a ransom in order to retrieve their data. Of those companies, 54% successfully regained access to their data.

11. The average cost of a ransomware attack in Italy was around $680,000

In 2021, the average cost an Italian company had to pay to recover from ransomware was $680,000. In its most recent report, Sophos does not include average costs for each country. However, globally the cost of recovering from a ransomware attack significantly increased. According to Sophos data, companies on average spent $1.82 million on recovery.

Companies with an annual revenue of less than $10 million had significantly lower mean recovery costs starting at $165,520. The cost to recover increases dramatically for companies with annual revenue of $1 billion and over.

12. 88% of organizations held cybersecurity insurance in 2021

In its 2021 report, Sophos provided details about cybersec investment and insurance policies. It found that almost nine in 10 Italian organizations had an active cyber security insurance policy. This is in line with global averages. 68% of Italian companies that paid for cyber security insurance included ransomware protection.

13. Ransomware attack targets thousands of VMware ESXi servers in Italy

In 2023, a ransomware attack targeted thousands of ESXi servers in Italy. This large-scale cyberattack exploited a software vulnerability first identified in 2021 and affected VMware ESXi servers in multiple countries, including Italy.

The attack impacted various organizations, causing widespread disruptions including internet service issues. The attackers reportedly demanded a ransom of two Bitcoins, which was valued at around €42,000 at that time.

14. A March 2021 ransomware attack saw the theft of 40 GB of data from a premium Italian brand

At the end of March 2021, premium Italian menswear brand Boggi Milano was hit by a large ransomware attack executed by the Ragnarok group. The hackers exfiltrated 40 GB worth of corporate data including human resource documents and salary details.

15. Ransomware took down Lazio’s vaccine registration portal in August 2021

The Lazio region had all of its files encrypted by ransomware in August of 2021. While no sensitive data was leaked, this caused disruption to (among other things), the region’s COVID-19 vaccination efforts, as users were unable to book appointments until the situation was resolved.

16. Italy remains heavily targeted by malicious mailshots

According to research by Kaspersky, Italy was the third most targeted country by malicious mailshots in Q3 of 2021 with a 5.47% share. The country’s share was lower than that of top target Spain (9.55%) and Russia (6.52%), and slightly higher than Brazil (5.37%) and Mexico (4.69%).

malicious email targets
Source: Kaspersky

17. Fewer than 1% of scam websites have .it domains

Kaspersky also investigated where scam sites appear to originate. While the largest portion (29.17%) are .com domains, a significant number have country-code extensions. In 2020, 1.06% of scam website domains had the .it extension but in 2021, this number has fallen to the point where it isn’t even mentioned.

18. Italy ranked 54th out of 79 countries in our cyber security study

A Comparitech study used a variety of factors to rank 75 countries based on their overall cyber security score. Criteria included the prevalence of various types of malware, the number of attacks that originate in the region, how prepared the country is for cyberattacks, and more. Italy didn’t score all that well, ranking 54th out of 75 with a score of 21.09. The top-ranked country was Denmark (scoring 3.56) and the lowest-ranked was Tajikistan with 35.54 (a lower score is better).

19. Italy experienced over 400,000 COVID-19-related malicious files

McAfee tracked malicious file detections during the pandemic. 403,981 were detected in Italy. This put the country in fifth place behind the US, Spain, South Africa, and Colombia.

See also: COVID-19 cybersecurity statistics

20. 244 GDPR-related fines have been issued in Italy

Privacy Affairs tracks all GDPR fines that have been made public to date. Of 1701 fines in the database, 244 were issued in Italy. The cost of those fines totaled €144,195,096 as of early 2024.

21. One of the largest GDPR fines was against an Italian organization

The DLA Piper Data Breach Report 2021 provides information about GDPR fines issued since the regulations were introduced in May 2018. One of the largest fines to date was issued by the Garante (Italy’s data protection supervisory authority) against a telecommunications operator. The company was ordered to pay €27.8 million.

22. Italy opting for a “little & often” approach when issuing fines for GDPR

In its 2024 report, DLA Piper reveals that Italy is choosing to use a “little and often” approach to fining companies that breach GDPR. Despite this, the total value of GDPR fines imposed between 2018 and 2024 was €145,167,327. This makes Italy the 4th  most fined country.

23. There have been over 3,454 personal data breach notifications in Italy over the past two years

DLA Piper found that Italian companies had to send 3,454 personal data breach notifications to consumers between January 22 and January 2024. This is a large number of breaches, ranking Italy the 12th worst-affected country.

24. An April 2020 attack impacted Italy’s social security website

The INPS, Italy’s social security agency, was the subject of a large cyber attack in April 2020. Multiple attacks occurred while Italians were beginning to apply for pandemic-related benefits, forcing the site to shut down. While the site was still active, users reported being able to see the personal data of other applicants while trying to complete their own requests.

25. There was a huge jump in phishing attacks in early 2020

Cynet previously monitored the prevalence of phishing attacks. At the start of the pandemic, it saw a notable increase in the number of phishing attempts in Italy. Between February 15 and March 15, 2020, the number of attacks in the country was almost three times normal levels.

Italy phishing attacks chart.
Source: Cynet

26. Italy has the lowest rate of businesses using MFA

The 3rd Annual Global Password Security Report by LastPass studied various aspects of password and log in habits among employees. It found that Italy has the lowest portion of businesses with employees using Multi Factor Authentication (MFA) at just 20%. This was significantly lower than the top adopters of MFA: Denmark (46%), the Netherlands (41%), and Switzerland (38%).

27. Employees have an average of 80 passwords each

A study conducted by LastPass in 2021 revealed employees in Italy managed a staggering 80 passwords each on average. That statistic placed Italy in second globally – just below Belgium – where the number of passwords was 112.

Average number of passwords graph.
Source: LastPass

With such a large number of passwords to deal with, it’s no surprise that Italian employees admitted to having an average of 12 reused passwords each.

28. The Italian cyber security market is worth $2.1billion and rising

According to the International Trade Administration, in 2023 the cyber security market in Italy has an estimated value of around $2.1 billion.

Sectors most reliant on cyber security are finance and utilities, with defense, public sector, manufacturing, transportation, and telecommunications close behind. The trade commission noted, according to the 2023 Cisco Readiness Index, 87% of Italian companies plan to boost their IT security budgets by 10% in 2024.

29. Average data breach cost in Italy was over $3.86 million in 2023

According to the latest IBM Cost of a Data Breach Report 2023, the average cost of a data breach went up from US$3.74 million in 2022 to US$3.86 million (€3,55 million) in 2023.

30. Most data breaches are caused by Phishing

IBM found that 16% of data breaches were caused by phishing. 15% of successful attacks were the result of compromised credentials. Although relatively rare (only 6% of cases) attacks caused by malicious insiders at the company were found to be the most costly.

31. It takes an average of 268 days to identify and contain a data breach

An important factor when studying data breaches is the time it takes to identify and contain a breach. Italy does quite well in that regard taking an average of 203 days to identify a breach and 65 days to contain it. To put this in perspective, the Ponemon Institute (PDF) found that German companies take 128 to identify and 32 to contain a breach, and Brazilian organizations take 265 to identify and 115 days to contain.

32. The theft of military and defense data led to arrests by Italian police

At the end of 2020, arrests were made in an investigation into an insider hack at Italian defense firm Leonardo. Details of military aircraft involved in the firm’s fighter jet program appeared to be the main target of the attack. While the arrest was recent, the investigation has been ongoing since January 2017 when Leonardo first noticed an abnormal flow of data from its network. However, Leonardo maintains that computers that were violated did not contain classified, strategic information.

33. Italy was one of the top 2 EU countries targeted by stalkerware in 2020

A Kaspersky study of stalkerware previously found that Italy was the second most affected country in Europe.

In 2020, Italy reported 1,144 cases of stalkerware, ranking second in Europe after Germany, which had 1,547 incidents. On a global scale, Italy was eighth. The highest number of incidents was in Russia with 12,389, followed by Brazil with 6,523, and the United States with 4,745 cases.

We also found that Italy had one of the highest search volumes for stalkerware. It ranked 7th globally, with 640,560 searches in 2021 alone.

34. Italian health facilities were hit by a huge ransomware attack in May 2022

A cyberattack on the Sacco, Fatebene, Buzzi, and Macedonio Melloni hospitals in Milan saw nurses and doctors reverting to pen and paper to record medicines administered, patient symptoms, and treatments.

While no criminal body claimed responsibility for the attack, mentions of “encrypted medical records” pointed to ransomware as a likely culprit. Though no ransom sum has been specified at the time of writing, the report states that a ransom will almost certainly be requested.

35. Italy had the 7th-most attacks in December 2021

Kon briefing reports that Italy experienced five large cyberattacks in December 2021, behind Spain and Brazil with 6 attacks each. The USA remained the largest victim of attacks in this period, with 20 major outages.

Graph showing major cyberattacks in December 2021

36. Conti hacking group hit an Italian toy manufacturer at the worst possible time

Clementoni, a huge toy manufacturer in Italy, was crippled by a cyberattack in the midst of Christmas. The Conti hacking gang claimed responsibility. The attack came on December 4, but the effects began spiraling on December 5 when employees communicated interruptions on the systems used to process orders. The Conti ransomware is deployed using phishing attacks to install the TrickBot and BazarLoader Trojans in order to gain remote access to infected machines.

37. City of Palermo shuts down systems to mitigate cyberattack

In June of 2022, the City of Palermo in the South of Italy had to close down all of its municipal systems due to a massive cyberattack. The attack led to the closure of public video surveillance management, the municipal police operations center, and all of the municipality’s public services.

The ransomware attack lasted for days and meant that nobody could communicate with public offices via digital means. The massive cyberattack was eventually claimed by the Vice Society ransomware group. It is a reminder of just how crippling an attack can be on the government’s infrastructure in Italy.

Italy has announced its first-ever National Cybersecurity Strategy

In May of 2022, the Italian government announced its first National Cybersecurity Strategy. The plan will be implemented until 2026 when the government will reassess the situation. The document published by the government provided 82 objectives to deal with cyber threats and increase cyber resilience.

Below, we have included some of the things that the government hopes to address:

  • The protection of national strategic assets.
  • The response to cyber threats and the management of incidents and crises.
  • The development of new digital technologies to secure digital assets in Italy.

See also: