Access

Share on facebook
Share
Share on linkedin
Share

THE SIAE CASE: HOW IT LOST THE COMMUNICATION CHALLENGE TO ITS AUDIENCE

The SIAE (Società Italiana degli Autori ed Editori) also fell victim to a cyber attack. On 20 October, it suffered a ransomware attack by the Everest Ransom Team.

A group of very active hackers made headlines for another attack on the US government during which a large number of passports, tax documents and court cases were allegedly stolen.

Everest is a group of cyber criminals who work in an atypical way compared to other more famous teams such as Conti, Revil or LockBit. For instance, in this attack against the SIAE, data were not encrypted and rendered unusable, but only exfiltrated, stolen. 

A ransom demand in the amount of USD 3 million then arrived. 

SIAE promptly and publicly refused to pay. Gaetano Blandini, SIAE's General Manager, stated: "Fortunately, there does not seem to be any economic data relating to bank Iban, but only personal data, such as identity cards, tax codes and the data of many of our employees".

Granted that this statement is partially wrong because the IBANs of the members have also been leaked, what is striking is how even today, 5 years after the GDPR came into force, there is a lack of understanding of the economic damage generated by such an event. 

Personal data are a goldmine for cyber criminals and should be preserved like precious gold. In fact, Everest publicly offered the data for sale on its website (https://ransomocmou6mnbquqz44ewosbkjk3o5qjsl3orawojexfook2j7esad.onion.ws/siae/) for USD 500 000. In the hours following the attack, the first blackmail messages were sent to the individual artists whose data had been stolen, with requests for 10,000 euros in bitcoin.

In this case, unfortunately, one has to organise oneself to change one's telephone number and e-mail address, and also replace them on the various websites where they are used as a form of one- or multi-factor authentication. 

It is also advisable to apply to the police authorities to change your identity card, driving licence and tax code by declaring the previous ones lost or stolen.

Attacks of this kind are becoming increasingly common even on small and medium-sized enterprises, resulting in economic and image damage that is sometimes irreparable. 

That is why it is important to defend, prevent and insure against cybercriminals. 

RESOURCES FOR YOU

Download Free Guide

In our guide you will learn how to secure a small or medium-sized business, from an IT point of view, and how to protect yourself from attacks on the internet.

Related items

SMEs, PNRR and Cyber risk

We have spent the last two years wondering what would be left in the midst of all the upheavals the pandemic has brought to our way of working and doing business in general.

CYBERANGELS: EVEN MORE SECURITY THANKS TO PARTNERSHIP WITH POSTE ITALIANE

In recent months, Cyberangels has participated in an important competition held by Poste Italiane and LVenture Group. National and international start-ups competed in the "SME Insurtech - Call for Solutions" with the aim of presenting innovative solutions for the insurance world to bring to Poste's customers.

FINANCIAL POLICE LEAK: LAW ENFORCEMENT NOT SAFE

About a month ago, an unidentified cybercriminal (but known on the net as 'Dre*d') distributed sensitive data from the Guardia di Finanza free of charge and exposed it to everyone in a data leaks forum known as RaidForums.

Your company finally protected and secure.

We offer protection and insurance tailored to your company and your level of risk.
Registration free of charge.

en_GBEN

Contact us for more information