Choosing a path.
Based on the materials of the Free Economic Society (FES) of Russia Abalkin Readings Forum
Igor Sheremet
Deputy Director of the Russian Foundation for Fundamental Research in Science, Head of the Department of Information Security of the Finance University under the Government of the Russian Federation, Corresponding Member of the Russian Academy of Sciences, Doctor of Technical Sciences.
Cybernetic and cyber-kinetic attacks
The new state of the technosphere is based on the global information infrastructure, which in turn is based on the Internet. And this new state is characterized by partial-mesh topology. That is, every person, every technical device has a unique network address from which certain functions can be performed. Software tools utilized by global information infrastructure facilities have a lot of so-called unintentional defects, exploits — errors that were made during the development of huge volumes of software products which are related, one way or another, to the intellectual functions offered by the technosphere. Of course, these exploits can be used by attackers. In addition, those software products and patterns can be converted in advance into software computational and communication tools that form the basis of the Internet.
These exploits are used in different ways to attack information and technological targets. Attacks can be either cybernetic or cyber- kinetic. Cybernetic attacks are aimed at information targets, for instance they can be used to deface websites. And cyber-kinetic attacks target material objects, say, aerial drones, energy infrastructure facilities; that is, information technology is used to disable a drone by causing it to fall and crash into the ground.
By and large, the whole Internet is a bunch of networking activities which are performed by the three largest market players: two US companies (Cisco and Juniper) and a Chinese company (Huawei Technologies). During all these networking activities, operational mines were pre- installed, more than 9,000 of them in the Russian Federation. Percentage-wise, practically the entire information infrastructure of the Internet was controlled by those networking tools. We see there was quite a lot of them in the US, and there was a lot of them in China too. Where necessary, this kind of pre-installed operational mines enabled full control of the web traffic and information/technological attacks whereby information circulating between two network nodes is changed in a certain way by an intermediary. This makes it possible to implement any false management processes.
Financial Cyber Security
In the widest sense, Russia’s financial infrastructure consists of individuals, legal entities and corporate clients. Through client access points, linear operations are performed while banks’ local networks ensure the functioning of automated banking systems and remote access. Naturally, Russia’s financial infrastructure is not isolated, it is incorporated into the global financial infrastructure, based on the well-known SWIFT network.
This infrastructure includes access points to banking services, personal computers, smartphones, card readers, ATMs, automated parking terminals, banks’ software computing environments, servers, cloud architectures, personnel workstations and computing environments administrations as well as networking and global information infrastructure security tools: adapters, switches, routers, cybersecurity tools, etc. All these tools, of course, can contain software patterns for an operational mine, exploits that can be used by attackers. And, unfortunately, it does happen, with the financial segment being the most attacked, the most vulnerable and requiring the most attention.
With all due respect to all other critical infrastructures — cybernetic, industrial, and even military or defense — the intensity of cyberattacks on the financial segment exceeds the intensity of attacks on any other infrastructures by many orders of magnitude. And it is understandable, because it has a lot of money that can be stolen from it.
At present, the market of cybercrime significantly exceeds all other segments. Since around 2007, when the transition to next- generation banking technologies began enabling the use of online services, the intensity and effectiveness of cybercrime have grown significantly.
According to Sberbank, 2% of money was stolen through cyberattacks and 98% through physical, i.e. traditional, methods in 2007. By 2017, only 10 years later, the situation has reversed to the exact opposite. Only 2% of money is stolen through physical methods, and 98% through cyberspace.
Russian cybercrime, according to Russia’s law enforcement agencies (FSB, Interior Ministry, Interpol), is characterized by the fact that most of the perpetrators are, unfortunately, members of cyber security staff at the banks themselves, who very often prepare and implement these attacks under the guise of external attackers.
The array of threats must be countered by certain measures:
1. Establishing a unified system for countering cyberattacks.
Such a system, called GosSOPKA (State System for Detection, Prevention and Elimination of the Effects of Computer Attacks) is being created in accordance with a presidential decree. The law on the security of the critical information infrastructure of the Russian Federation, adopted last year, is in operation. Under the leadership of the FSB, with the participation of the Federal Service for Technical and Export Controls, a wide range of activities are being carried out.
2. Banning transit of Russian web traffic through foreign countries.
About 30% of Russia’s web traffic goes through foreign providers. The global information infrastructure is arranged so that information highways pass from Rostov to Saratov via Palermo, for example. In this sense, significant efforts are being made to exclude any configurations that may create conditions for attacks on intra-Russian traffic.
3. Creating decoy systems.
This, in my opinion, is the most promising way that will allow us to control any type of cyberactivity. In such case, the attacker is offered a decoy (a “honey pot” to use a term from American computer slang) and all his subsequent actions are fully controlled without any damage being caused. Moreover, he himself is under control, and certain arrangements can be made for his neutralization, if necessary.
4. Preparing highly trained personnel.
Opening special departments in universities. We already have an information security department, and in my opinion it is quite strong: 9 doctors, 10 candidates of science. Traditionally, the competition for this department is one of the highest at the Financial University. We teach postgraduate students and work closely with consumers of our products, employers and the largest banks, primarily Sberbank.
Creating permanent training fund systems for banking staff. The development in this sphere is extremely fast and dynamic, and it is simply impossible to meet the strict requirements that exist in this sector without constant retraining.
5. Security operations centers.
Such a cybersecurity center was created and has been successfully operating at Sberbank, which is now the largest digital company in the Russian Federation, the world’s 21st largest bank with a capitalization of 11.6 billion dollars. Since the time the center was put into operation in mid-2015, not a single penny has been stolen from correspondent accounts at Sberbank.
Oleg Dukhovnitsky
Head of the Federal Communications Agency, Active State Counselor of the Russian Federation, I class, candidate of technical sciences.
Information Security Infrastructure
The Digital Economy program , approved in last July by the order of the Government, having combined the intellectual resources of high-tech enterprises, research and educational groups, has become one of the most important documents that determine the main vector of the country’s development. One of the main objectives of the Information Security effort is to ensure the unity, stability and security of the information and telecommunications infrastructure of the Russian Federation at all levels.
As regards the program, the Federal Communications Agency is one of the government entities responsible for the implementation of the basics of the Information Infrastructure program.
Certain areas have been highlighted for the development of the entire Information and Computing Tech sector, including:
1) formulating the main provisions for the future development of the Unified Telecommunications Network of the Russian Federation until 2024;
2) developing a general outline for the expansion of communications networks in the Russian Federation;
3) providing broadband Internet access services in population centers with populations of 250 to 500;
4) developing proposals for amending the standards and specifications required for building a 5G satellite networking segment;
5) preparing a general outline for the development of a data storage and processing infrastructure to service the government and corporate sectors as well as other sectors.
The basic principles of ensuring information security include prioritizing the development of up-to-date domestic information and telecommunication technologies, producing hardware and software that can ensure the improvement of national telecommunications networks and enable their connection to global information networks in order to secure the vital interests of the Russian Federation. In this regard, the main emphasis in all the basic efforts undertaken as part of the program, including the Information Security effort, should be placed on import substitution, on measures to support and stimulate the domestic market of telecommunications equipment with a view of gradual import substitution of infrastructure equipment.
Sergey Bodrunov
President of the FES of Russia, Director of S.Yu. Witter INID
Technologies of Trust
Speaking at the Economic Forum in St. Petersburg the President of Russia said that without technologies we will sink to the lower limits of economic development; therefore I would like to reiterate that today we are discussing a topic that is essential to solving many of the problems. The future of the world economy and world development is directly linked to the development of technology. Technologies have become the main resource in the economic struggle. The leaders of the future will be technological leaders. And among technologies, digital technologies are the most important.
Here I would like to make an important point. Usually we consider technologies in relation to the economy. There will come a time when the word “economy” will be forgotten. There will come a time when, thanks to technologies, including digital ones, man, according to Marx, will transcend material production and will emerge into the high tech space that will hopefully exist under his control. In this regard, it is very important to understand what man’s role is.
When we talk about problems of digitalization, problems of technological development as a whole, we must clearly understand that they should be solved with human development in mind because technologies can be applied in different ways. The most striking example is nuclear technology, the same goes for digital technology. I believe that digital technologies have made it possible to promote what we are currently lacking within our society, and not just Russian society: trust. The greater the trust, including in the sphere of economic transactions, the lower the costs, the greater the effect. When we say that 50% of all costs in the banking system are the costs of re-checking the items that pass through the banking system, we understand how much cheaper it would be if the level of trust was higher. Digital technologies allow us to solve such problems more effectively. We have learned about the blockchain, there are other new technologies that help increase the level of trust. In my papers, I call them technologies of trust.
It is important to keep the other side in mind, the human side. If man does not change his consumerist approach, if today’s paradigm of economic development remains intact and if we continue monitoring the percentages of GDP without understanding its properties or inner structure, we will remain on the predatory path. When creating new technologies, we must understand that these technologies should also work towards the development of man and human qualities. As you might remember, Kant said: “The starry heavens above us, the moral law within us.” In order to have the moral law within us, we must understand that this moral law needs support, therefore, technologies should develop alongside the appropriate education and many other institutional changes and approaches to building an economic space.
