Experts believe that the hacking attacks on large agencies and companies around the world — it's only a rehearsal for future kibersrazheny. All world countries should prepare for new battles with lovers of the hidden disk imaging.
Specialists from the field of information security said that the increasing number of reports of attacks on burglars naikrupneyshie companies and companies all over the world, banks and government agencies, as the detection of new viruses targeted for industrial espionage — is only a rehearsal for future full-scale cyber warfare.
From the announcement of McAfee this week it became clear a series of hacking attacks that affected 72 organizations around the world. At the moment it is the most naikrupneyshey cyber attack from hackers disclosed.
Special on IT-security organization McAfee announced the disclosure of a series of targeted attacks linked among themselves. The victims of these attacks were many big companies around the world: International Olympic Committee, the UN, governmental organizations in many countries: Taiwan, India, South Korea, United States, Vietnam and Canada.
Backroom information became the target of burglars. Hackers stormed the secretariat system of international organizations in Geneva in 2008, in consequence of which they have full access to all the hidden to the UN for a couple years.
McAfee vice president Dmitri Alperovitch (Dmitri Alperovitch) in its own report, said: "Even we were surprised by the large list of organizations who have been victims, perpetrators and brutality."
Experts believe that all of this is run by a powerful country-customer. Jim Lewis (Jim Lewis), kiberekspert the Center for Strategic and International research, after reviewing the report of McAfee said that it might be behind all this is China. Several companies and organizations affected by the attack, have valuable information, which is of great importance to the Chinese capital of Beijing, writes the Guardian.
Not children fun
Pisemsky Alexander, deputy general director of Group-IB, explained to BFM.ru, that the cyber attack, which they say at this time, refers to the deliberate threats (Advanced Persistent Threat, APT). Such attacks require a huge monetary costs on the part of the attackers. Because experts think that such attacks are made to order. This is explained by the fact that hackers are independent will never take up the case, if the price of disk imaging, acquired in the course of the attack, did not pay back the money spent on the theft of the disk imaging. Because there must be a customer to whom the data are to some extent necessary.
To perform these tasks formed a team that consists of highly qualified professionals. This is a cyber attack on several fronts, as it should, the team should consist of harmful software developers, artists hacking, experts in the field of vulnerability "zero day" and so on, ending opytneyshemi psychologists, social engineers. Also in the target company may be an accomplice. It is commonly referred to as an insider. He is working in the company and having access to all systems, helping hackers to find the information they need and to overcome all the difficulties on the way to the theft of these important and hidden data.
If it is an attack on the scale of the country, it is very difficult to imagine that any hacker group in the past couple years will be able to steal information from government agencies and remain undetected and uncaught, experts say.
Sergey Golovanov, a leading anti-virus expert "Kaspersky Lab", talked to him, it is very difficult to find out about breaking with such cyber attacks. Hackers will not leave any trace of the 1st behind. If offenders are kidnapped classified information, they will use it very carefully, because they do not wish to cause even the tiniest suspicion about the origin of the information data.
"At this point in the network to find the penetration of botnets is very difficult. It may be, if they begin to respond to commands from the control center. There is a possibility that the last 5 years were not a massive attack, and the point character. Specifically, this was a major obstacle to finding a network of infected computers "- a world view expressed by managing the direction of information security company" Krok "Misha Bashlykov.
The company G Data Software believe that no matter what kind of exploration of the world of dreams is to make a channel for information from government agencies enemy states and discreetly use them for their own purposes in the past couple years. But this is not a confirmation that any such attack orders country. Such information can be used completely safely in almost all large corporations in the world.
Very heavy budget
The level of protection and the value of the data determines the amount of money spent on targeted a large-scale cyber attack.
"For such operations require a true master, not the poor technical equipment, the need to prevent any leakage of disk imaging, an adequate level of secrecy, and also much more. To protect yourself from hackers beginners, for you would rather install on your own computer is a good antivirus with firewall, but if this is the case come for the master, then it may be similar to the operation of special services with no small funding "- talked about the sales manager in the corporate sector G Data Software in Russia and the CIS Alexey Demin.
"The cost of the operation consists of the payment of professional hackers and purchase the necessary equipment. Imagine that the group consisted of 5 people. Any of the attackers could evaluate their own work price of 1 million dollars a year for a test operation. Purchase of the equipment will cost about the same money (1 million dollars per year). As can be seen, the potential customer will give about 30 million dollars in 5 years "- such calculations did Sergey Golovanov.
Alexander Pisemsky confirmed the words of Sergey Golovanov, "Give an accurate estimate in this case is not easy, because it all depends on the objectives of making crackers. You can only rely on the experience in the investigation of computer crimes, which give me a hint what I can handle tens of millions of dollars. "
High costs for such an attack under the force of every commercial organization. Because experts have concluded that certain specific special service of order such a large-scale cyber attacks. "One evidence of this conjecture is that the main target of attacks are the IT-infrastructure of municipal organizations. But all this is circumstantial evidence to catch the offender in the hot pursuit has not been able "- said the representative of the Group IB.
Who is the customer?
One of the professionals "Kaspersky Lab" believes that establish who organized a similar cyber attack impossible. But the countries that may be customers may experience complication in relation to its neighbors. And companies who have committed theft of commercial information, on the verge of financial losses and reputational risks.
With this view, the representative agreed to G Data Alexey Demin. He predicted: "If the customer is a government that on one of its borders will not be allowed. Local providers will be instructed, it should be noted. Perhaps all the "hang" on a handful of beginners, but it is very promising attackers. And then everything will be quiet until the subsequent large-scale kiberskhvatki. "
Misha Bashlykov agree with that position: "Unfortunately, to find out exactly who organized a cyber attack is impossible. Often multinational groups commit sim
ilar acts. Evidence that the customer — this particular government, no. Offenders may act through control centers, which are an entirely different countries. "
Alexander Pisemsky believes that the examples set forth above cyber attacks and similar cases show that today the state needs a certain strategy for possible cyber conflict. Also, the government needs special unit, which will counteract cyber attacks on the infrastructure of the principal objects of the state of the economy.
"Thank God, has not been large-scale cyber-warfare. All currently known cases can be characterized as a rehearsal. But we can already state that the development of the U.S. and the UK official concepts to protect against cyber attacks and the establishment in India, "Information Troops" is a direct reflection of threats ", — says deputy. Director of Group-IB.
In this regard, it can be concluded that the world powers are prepared to kibersrazheniyam. In the United States attacks on computer systems at the municipal level equate to an armed attack, because they are just as tempting with devastating consequences.
Everyone has long been clear that the special units are created with cyber attacks conducted by the United States, China, Iran, France and several other countries. In this list, according to official figures, Russia is not, but in our country there are specially trained people, experts say.
National Counterterrorism Committee of the Russian Federation is developing a set of measures for safety are very fundamental objects, including objects of state power, from the threats of cyber-terrorism.