For cyber warfare and information as a valuable commodity - the Director of the Technological Institute of VFU "Chernorizets Hrabar", Konstantin Kosev for BTA:
Protection against cyber attacks? Hire a hacker!
The hackers are those professionals who are looking for cracks and vulnerability in the systems that are being developed.
The total number of cyber offences increased with 61% during the period 2013-2014, compared with the breakthroughs registered in 2012. This is shown in a report produced by the European Network and Information Security Agency /ENISA/, cited by BTA.
One in eight of these violations results in the loss of tens of millions of data records, of which 552 million are personal identities. According to data of the European industry in 2013, the cyber criminality and the virtual cyber espionage caused it damage between 300 billion and 1 trillion dollar annual loss is stated in the report. Bulgaria does not stand aside from these processes, we are witnessing an unprecedented hacker attack to the internet portal of the Central Election Commission of the type "denial of service" (DdoS) in the first round of local elections, experts commented. And literally yesterday the sites of several government institutions were attacked.
This is what was commented before BTA on the issues of cyber security by Konstantin Kosev, Director of the Technological Institute of VFU "Chernorizets Hrabar", Varna and Major Ivan Mihalev, senior expert at the headquarters of the command of the Navy of Bulgaria.
According to Ivan Mihalev, the notion of a boom of cyber attacks in the world is created by theinformation which has gained publicity regarding the results of the attacks. Otherwise the registered real growth in cyber attacks is not more than 20-30 percent a year, says the military expert. According to him, if we talk about malicious software, the growth is more modest. In most cases these are modifications of already existing and known malicious code looking for the weak points in the system, explains Mihalev.
For Konstantin Kosev, the crackers rather than hackers are the evil-doers in the network. He explains that when large companies develop commercial software, they create security teams. The hackers are those professionals who are looking for cracks and vulnerability in the systems that are being developed. The attackers are an expanded concept of a community of superspecialists worldwide.
Hiring "state hackers" of various special services is a way to strengthen a given sector with experts in this sphere, added Kosev. According to him, hackers often direct the attention or leave traces leading to them in their conquests. We must admit, however, that the malicious code is the work of talented specialists, that they exist and are part of cyberspace, the expert says.
The development of technology has made information a valuable commodity. The development of technology has made information a valuable commodity and naturally, the interest in it has increased, says Kosev. Logically comes the effort this information to be accessed in "another" way. It can be assumed that in any system device there is something that is important information and attracts interest, Kosev points out. He reminds that at the moment processes in which money loses its materiality and becomes virtual are running globally. The time of safebreakers and classic bank robberies has passed, states the expert. According to him, today's cyber criminals need only to penetrate into a particular server and initiate a transfer to other accounts.
The mass idea of a network is the Internet, a term with a capital "N", which unites millions of other networks and devices, adds Mihalev. There are other networks that are not bound globally - government, military, corporate networks, but they are of interest to hackers, says the expert. When considering networks as ways to cyber penetrating, we should add to them also mobile communications, as well as the billions of devices of subscribers, says the military expert. Thus any attack spread on a massive scale and the number of potential victims of cyber crimes is ever increasing. Even the comments on the topic have a negative impact, only the threat of hacker attacks creates an atmosphere of uncertainty, says the military expert. The wild nature of cyber weapons.
In fact, the weapons are codes, says Mihalev. According to him, viruses, Trojan horses, etc. strictly obey their "masters". Sometimes the creators of weapons are an intermediate unit, which uses the effect of malignancy of its creation or the idea of the direction of the attack, to sell it or to seek fame for itself, says the military expert. According to him, there are some codes that give the impression of independence or the presence of intelligence, but it is only within the predefined behaviour. To put intellect similar to human, in this kind of weapons is done only when they must remain hidden for a long time, specifies Mihalev. And he points out that this is a complex task because the intellect implies storing of large amounts of information, and such data could hardly be concealed or transferred from one system to another.
What is a cyber attack like?
Usually, says Mihalev, the consequences ofcyberattackcome fromitssuddenness. The regular usercan also be faced with such an attackat any time.At that time differentinscriptionscan "shine" on the screen- from"denial of service" and "changed person"to"server can not be found" or "empty debit or credit card."
The name of the cyber weapon comes from "malicious software" which means malicious code, which also can be found as "Mauer", a combination of words of the same, adds Kosev. The expert states that for several months "ransomwares" - non-resident programs have been spread in the cyberspace. In those cases when the machine is taken over, the virus encodes all files and documents available, then a message appears notifying of the attack and the actions you need to take to get access to your files, he says. Usually the attackers are ready to return your access to your files if you pay, he says.
The experience shows, however, that there is no guarantee that the system can be restored even after paying "the ransom," he adds. According to him, many of these viruses penetrate with the receipt of the email. The expert reveals that most hackers use the names of close people to the attacked users or email addresses with which they work. Tricky time for ordinary users is the availability of an antivirus program on their computer, says Kosev. According to him, many people believe that they are protected, but the installed security programs actually react late. Even for the scale of the Bulgaria, the attack of "ransomeware" can be defined as a big strike, he adds. He reminds that some time ago banks and other large organizations were hit. According to the expert, currently the cyber situation has calmed down, but a new serious attack is being waited. A virus is being expected, he adds. According to him, the malicious code will be able to penetrate into the computer in parts, then alone it will assemble itself and strike the system. This behaviour hides it for a long period of time from the antivirus programs, the expert explains. In his words, after being assembled inside a computer, the virus begins to act as a "ransomware."
The global political events generate environment for cyber threats.
According to Mihalev, for the information security in defence, it should be created an international legal environment through which to reduce the risks of using new technologies for hostile actions and aggression. The various centres of cyber crime activity are facilitated by new means of communication between cyber criminals and activists who use the Black Web to buy and sell hacking tools and techniques by using the anonymous currency Bitcoin.
In 2010, the military expert says, a malicious code called "Stagsnet" belonging to the group of worms attacked the Iranian nuclear program. No matter that the networks of various institutions and organizations are closed, they are still subject to attack, he says. One of the most serious attacks was implemented thanks to a simple memory stick, says Mihalev. The key has been used by the military somewhere in the Middle East. Within seconds, the information from the infected computer has been sucked out.
Administrators have their maxim related to security - much more difficult is to protect ourselves from the stupidity of a person on the inside than of an outside attack, the military says. He points out that in 2013 an American company was attacked and information about 40 million cardholders and 70 million other customers was stolen. When an attack is fulfilled, it is conducted through a preliminary scenario and direction, which can be compared with the implementation of a bombing, said Mihalev. He specifies that everything can start with harmless peek in our personal profile on social networks. The paradox is that we voluntarily give information and inform daily about our status, the military says, adding that there is evidence that in some social networks posts are recorded forever.
Hacker Armies Cyber threats are not an isolated phenomenon especially towards countries, where with the help of modern technology, the political and social situation may at any time be destabilized said Mihalev. According to experts, China, for example, supports three types of cyber operative units. The first one is specialized military forces for actions in the network that perform defensive and offensive network attacks. The second one consists of groups of experts from various organizations. The third is made up of outsiders, much like hackers hired by NGOs. They can be organized and mobilized for combat operations in the network. All these units are also used for non-military cyber operations. For Chinese cyber division reported US private security firm that described the hacker group located somewhere on the outskirts of Shanghai. The division purposefully collected extensive and detailed information on foreign government agencies and companies, says the expert.
How best to protect ourselves?
Cyber risk is identified as the second among the biggest risks, said Kosev. According to him, however, throwing more money for defence is not a solution. The solution is in the creating of an internal monitoring to prevent threats. This protective monitoring allows organizations to identify suspicious actions taken bytheir employees, says the specialist.
For example, employees who return to the office late at night or early in the morning to have access to the system with which they work, must be identified and managed, explains the expert. Kosev adds that to overcome the difficulties in dealing with cyber criminality, we should take into consideration that it is virtually global, it has no nationality and there is no internationally recognized legal definition for it in the world.
A number of countries including the EU adopted legislation on cyber crimes, but in the civic sense the struggle for free and independent cyberspace means that malfunctions should not be allowed for long periods of time
According to him, the main task is prevention of breaks in the system of the so called critical infrastructure - institutions, business, agriculture, transport management, telecommunications, electricity, banks, military sector, healthcare. Therefore, each of these systems, and each company is advised to have specially trained cyber police officer, summarizes Konstantin Kosev.