«Accelerating digital innovation creates fertile ground for cybercriminals»
Western analysts argue that cyber threats, to which literally all states are exposed today, can destroy the world economy and cause another global crisis. This, in particular, was discussed on the sidelines of the recent World Economic Forum in Davos, held in January. What new cyber threats have emerged and how Russia is going to counter them, said Doctor of Jurisprudence, Honored Lawyer of Russia, Professor Yuri Zhdanov.
– Yuriy Nikolaevich, what are the current cyber threats and where do they come from?
– How can we not remember the colorful figure of Popandopulo from «Wedding in Malinovka» and his famous phrase – «we are on the eve of a grand nix».
Accelerating digital innovation creates fertile ground for cybercriminals. That’s really – woe from the wit. For some reason, new technologies are the first to be used by crooks. This, of course, does not mean that scientific research and technological progress should be stopped. But it is necessary to take it into account.
Of course, financial institutions are often targeted by cybercriminals.
According to IBM’s 2023 Cost of a Data Breach report, which examines cybercrime in 16 countries, the financial sector ranks second in global cyber incident damage statistics. At the same time, the average cost of a cyberattack among financial institutions is the highest compared to other institutions, with organizations incurring losses of almost 5.9 million US dollars per incident.
On average, according to IBM’s report, the cost of cyber hacking in the world increased by 2.3% and amounted to 4.45 million US dollars. Most seriously, it took organizations an average of 207 days to identify a breach and another 73 days to contain it. «Only» a little less than a year!
Again, in 2023, small businesses faced significantly higher data breach costs compared to 2022. And here it is, a direct road to a crisis: due to the high cost of each cyberattack, most organizations (regardless of size) have risen sharply in price, and data breaches have led to higher prices for services and products. Naturally, all costs are passed on to consumers.
– Where is the highest cost of damage from a cyberattack?
– In terms of location, the USA is the region with the highest average cost of a data breach ($9.48 million), while the UK dropped out of the top five worst-hit regions in 2023 after a 16% drop in average cost to 4.21 million US dollars. However, I foresee your skepticism, which is little consolation…
– What types of cyberattacks are used today?
– Globally, malware continues to be the biggest cyber threat to financial institutions. In 2023, ransomware accounted for 63% of attacks, up from 18% in 2022. This is such a dangerous explosive growth.
But there are other types of malwares as well: forklifts, remote control trojans, spyware, banking trojans, data-wiping malware. However, there are some interesting nuances — in 2023, there were changes in the way malware was delivered. While the number of social engineering attacks decreased (from 47% to 25%), there was a significant increase in the number of incidents involving the exploitation of software vulnerabilities. Another type of attack that is becoming increasingly popular are supply chain attacks, when cybercriminals exploit vulnerabilities in an organization’s supply chain to spread malware to multiple businesses.
– Did the hackers prove themselves with high-profile actions?
– Yes, in 2023 there were several cybercrimes that made the world community very worried. For example, in May last year, the LockBit ransomware group launched an attack on one of Indonesia’s largest banks, BSI. The bank refused to pay the requested ransom of 20 million US dollars, so the attackers published more than 1.5 TB of sensitive bank data online, including the personal and financial information of approximately 15 million customers and employees.
Another example: exploiting vulnerabilities in the technology stack of the American subdivision of the Industrial and Commercial Bank of China (ICBC) allowed criminals to launch a ransomware attack that temporarily disrupted US Treasury bond trading in November 2023. In the end, ICBC paid the ransom in order to regain access to the full technology stack.
In the first half of 2023, a group of cybercriminals also actively exploited a zero-day vulnerability in the secure data transfer app MOVEit Transfer. As a result, several organizations using this app have been affected by data breaches, and a new update was released in June 2023.
Again, in the spring of 2023, application security firm Checkmarx identified a series of open-source software attacks specifically targeting the banking sector. Employing advanced techniques and deceptive tactics, cybercriminals have used legitimate services to deliver malicious open-source packages. To keep out of trouble, Checkmarx has issued a warning that industry-wide collaboration is essential to strengthen defenses against these attacks, as current controls often fail to prevent breaches. In general, law-abiding users, regardless of nationality, need to unite to counter hackers. This idea is already up in the air.
– What is the situation with cybercrime in Russia?
– Not very happy either. As reported by the official representative of the Ministry of Internal Affairs of Russia Irina Volk, summing up the results of 2023, «every third crime was committed using information and telecommunication technologies. In this area, 29.7% more criminal offenses were registered than in January-December last year. Such crimes were solved by 21% more than in 2022. Their prevention is still one of the most important tasks of the internal affairs bodies.»
Moreover, Alexei Petrov, Head of the Department of Security Problems in the Information Sphere of the Office of the Security Council of the Russian Federation, said at «Infoforum-2024»: «The Internet has turned from a safe environment for the economic development of sovereign countries into an arena of geopolitical confrontation. As a result, in recent years we have seen a change in the nature and scale of information threats. Thus, in 2023 alone, about 200 thousand of the most dangerous computer attacks were committed against the information infrastructure of the Russian Federation.»
– In other words, we are no longer talking about «ordinary» criminality, but about sabotage planned by other states?
– It turns out that it is. According to Alexei Petrov, such attacks were mainly organized by foreign special services.
Vadim Shamarin, Head of the Main Directorate of Communications of the Armed Forces of the Russian Federation, Deputy Chief of the General Staff of the Armed Forces of the Russian Federation, spoke about the same at «Infoforum-2024»: «In order to achieve information superiority, more than 120 countries of the world have begun to create information weapons capable of disorganizing state military management, demoralizing and disorienting the population, as well as creating mass panic.»
According to him, the cost of developing information weapons is much lower than other types of weapons, the use of which can lead to similar damage.
– Can Russia do anything to counter this?
– Absolutely. Vadim Shamarin stated that the funds allocated in recent years for the creation and development of the information security system of the Ministry of Defense have increased the protection of the Armed Forces of the Russian Federation: «The protection of our automated systems from external and internal threats is increasing, together with leading domestic organizations and enterprises, work continues on the development of cloud technologies, secure telecommunications networks and other promising computing complexes in the Armed Forces.»
– Does this mean that a round of confrontation is unfolding in cyberspace?
– But Russia is trying to stop this unwinding.
– How?
– Russia proposed to sign the UN Convention on Countering the Use of Information and Communication Technologies for Criminal Purposes, which will help to create a framework for operational cooperation at the international level and help developing states to combat a new type of threat. This was announced at «Infoforum-2024» by Ernest Chernukhin, Head of the Department of International Information Security of the Ministry of Foreign Affairs of Russia. According to him, this will be the only document in the world on the fight against cybercrime, which is being developed in the UN on the initiative of Russia.
Ernest Chernukhin emphasized: «Our main task is to strengthen the capabilities of law enforcement agencies in terms of countering, combating and preventing cybercrime.»
The negotiations are ongoing very difficult because of the opposition from the United States and its satellites. The universalization and codification of the fight against cybercrime frightens our partners, so to speak, because the current situation allows them to manipulate the tools of combating crime and not take into account the interests of developing countries. The business lobby pushes solutions on the world market that suit the United States, but do not take into account the legislation of the countries where these companies are represented.
«It is difficult for us to work with them because of the narratives of our western partners about their human rights and gender component. Those processes that, from the point of view of traditional values, have received return mechanisms, are strongly reflected in the work of the special committee. The West also wants to provide in the treaty all the possibilities for refusing cooperation,” Ernest Chernukhin believes.
According to him, even the formation of a special committee was complicated due to the reluctance of a number of countries to vote for a unified approach to combating cybercrime and the creation of common transparent mechanisms. Ernest Chernukhin predicts an obstructing vote on this issue due to the fragility of the balance in modern diplomatic relations. Nevertheless, in his opinion, the adoption of the convention will help the development of a multipolar world.