'Italian Job' was staged, says Trend Micro
A cyber attack on Italian tourism web sites was done to prove the criminals could, Trend Micro warned this week.
The cyber criminals who infected thousands of Italian tourism web sites over the weekend may have done so to prove their capability to mount future attacks, a senior security expert told ITP.net.
The attack, dubbed "The Italian Job" by Trend Micro researchers, has seen nearly 4,000 Italian travel and tourism sites infected with malicious code, the security firm said this week. Users who visit the infected sites risk having their computer taken over by a Trojan program that could allow a remote user to take control of the computer or to secretly record information entered on to - including sensitive data such as credit card and banking details.
Justin Doo, managing director of Trend Micro Middle East and Africa, said the attack, which began last Friday, was the biggest such threat the firm had ever seen, dwarfing the scale of previous such attacks.
Such a large-scale threat suggests that the cyber criminals will almost certainly strike again, he said: "If you think about what they managed to achieve in such a short space of time, we're fairly confident that this was a proof-of-concept attack."
Particularly alarming, Doo said was "these guys didn't have to be found out" suggesting the whole attack was done to demonstrate their capability to attack other targets. "This was proving a point, this was proving it could be done," he said.
A future attack could be conducted "more stealthily" Doo said, with one possibility that the cyber criminals would launch another attack that "has high potential to be an extortion demand". Monetary gain is likely to be a consideration, Doo said, because staging such an attack would be an expensive project.