When a wave of ransom-requesting cyber attacks hit computers across the globe earlier this month, Leonardo SpA cyber-security experts had already warned clients that a larger-than-usual strike was about to hit. Now, the company is set to roll out a new weapon against hackers.
The Rome-based defense company, which counts the U.K. Ministry of Defence, the North Atlantic Treaty Organization and Italy’s civil service among its 3,000 cyber-security clients, will roll out new technology this week to prevent ransomware attacks, Andrea Biraghi, managing director of the security and information systems division, said in an interview.
More than 200,000 computers in at least 150 countries were infected in an unrivaled global cyber-attack in mid-May.
In a memo a few weeks earlier, when the infection was in its early stages, Leonardo advised companies and institutions to run updates for the latest Microsoft software, from which the attack was perpetrated, and to refresh back-up processes. The warning was based on open-source technology which allows analysts to surf chat rooms and websites in the “deep web,” an area not accessible via traditional browsers.
“Something was going to happen, what we didn’t know was what, exactly,” Biraghi said. While the center received a significant inflow of calls as the attacks unfolded, no clients suffered dysfunctions or damages, he said.
The cost of online crime for businesses is expected to reach $2 trillion by 2019, according to Juniper Research. BAE Systems estimates the markets where it operates are worth more than $60 billion a year, making cyber-security an attractive area of investment for defense companies.
According to Biraghi, who oversees Leonardo’s cyber-security operations globally, the attack was “a wake-up call.” Unlike past cyber-attacks that targeted individual companies this one was a simultaneous mass strike mostly focusing on individuals.
“The alert level should have been higher and this attack had to be and could be anticipated,” said Stefano Mele, a lawyer specializing in cyber-security and chairman of the Cyber-security Commission of the Italian Atlantic Committee.
According to Mele, civil servants are still struggling to implement “even simple patch management policies which could have avoided this clamor.”
Leonardo’s new software will help fight back ransom attacks and will intercept potential invasions by blocking data cryptography. It will also double up on data back-ups in anticipation of future ransom malware able to bypass behavioral-based antiviruses.
The company’s Security Operations Center, which operates from two sites in Bristol, U.K., and Chieti, Italy, filters about 40,000 potentially malicious events per second, 24 hours a day, seven days a week, the executive said.