Marposs victim of a Cryptolocker-type attack that severely compromised some company operations. Prevention that secures companies comes through quality training.
We are at the layoff to cope with a cyber attack.
It happens in Bentivoglio (Bologna), where the Marposs company, which employs more than 3,500 people worldwide and is present, with more than 80 of its own offices, in 34 different countries, suffered a major cyber attack of the type Cryptolocker on Jan. 26. At the operational level, the attack, which involved encrypting some servers part of the system, impacted company operations in different ways, preventing some departments from operating regularly.
For this reason, Marposs points out, “To protect the people and the company itself, the activation of the Ordinary Layoff Benefits Fund has been requested until Feb. 7. The tool, the adoption of which is provided for emergency situations such as this, will be applied in a partial and flexible manner to the most affected sectors, going to be reduced with the gradual restoration of activities.”
The Cryptolocker-type attack involves encrypting the victim’s data with a computer virus and demanding a ransom to “free” it. Often what looks like a harmless e-mail attachment is actually not. It is ransomware that encrypts the victim’s computer data, effectively locking it, and demanding payment of a ransom to restore it.
In this case, the effect of the attack on production departments would have been negligible, while greater difficulties would have been encountered in company logistics.
Meanwhile, Marposs, which specializes in providing cutting-edge solutions for quality control in the shop floor environment, and a primary supplier to major automotive manufacturers, as well as the aerospace, biomedical, consumer electronics, semiconductor and glass industries, notified the relevant authorities, including theNational Cyber Security Agency and the Postal Police, in accordance with current regulations. The company has also communicated transparently to customers and suppliers, ensuring constant updates on the status of recovery operations. Activities are expected to gradually return to normal in the coming days.
Now the group, while working to return to full operation, is cooperating fully with the postal police to find the criminals who orchestrated the cyber attack.
Currently, none of the major cyber gangs specializing in ransomware attacks have claimed action in underground circuits. More details may emerge in the coming days, allowing for a more in-depth analysis of the situation.
Certainly the group has taken all the necessary actions and is moving as best it can to resolve the problem, but there is no denying that the damage has been there. The attack in question falls under the widespread type of ransomware, which, as reported by all experts, has seen a surge in recent times. According to the new Ransomfeed report, globally there were 1,747 ransomware claims monitored in the second quarter of 2024.
According to the study, the most affected sectors were industry, consulting and services, together accounting for 56 percent of the ransomware market.
As far as Italy is concerned, 58 ransomware attacks were recorded, equivalent to just over one every two days, an increase of nearly 100 percent over the second four months of 2022.
May 2024 was the most affected month, with 557 attacks, followed by August with 446, July with 405, and June with 339 attacks. During the reporting period, 208 globally active criminal groups were tracked and 427 servers used for ransomware attacks were monitored.
The growing number of attacks is also due, according to the researchers, to a substantial gap in awareness of cyber threats, both among companies and public institutions. A gap that results in inadequate responses and delays in the adoption of effective security measures.
In summary, the report stresses the need for increased investment in cyber security and, above all, a strong focus on the human factor.
Indeed, even in this latest news case related to Marposs, this was a classic attack that exploited the vulnerability of the human factor, which still remains the weakest link in the security chain.
The only way to prevent these kinds of attacks is therefore to strengthen the digital posture of all employees through high-quality training courses that provide a diversified approach based on user knowledge and continuous hands-on training to cope with the constant and unstoppable evolution of an increasingly intelligent and refined crime.
