When will computer viruses have any intelligence? Will Ukraine be ready for this? Innovation House has made some inquiries about this issue.
Over the past few years Ukraine has turned into the testing ground for cyberweapon. Ukrainian companies had to face attacks that are new to the world.
Thus, in December 2015 hackers have used BlackEnergy virus to interfere in the operational process of energy producers. This has caused disruption in the electricity supply to hundreds of thousands of consumers. In June 2017 Ukraine faced with the largest in its history virus attack: virus called Petya/NotPetya has infected Maersk, Deutsche Post, WPP, and other major corporations in 65 countries across the world.
It should come as no surprise that Ukraine has been robustly trained of how to meet attacks of the future. World’s best experts would have come here to study the threats. Some companies of international renown could open their competence centers here.
But this is not the case. Ukraine still lagging behind global cybersecurity ratings. Thus, according to the report of the International Telecommunication Union for 2017, Ukraine’s cybersecurity level was lower than in Moldova, Tajikistan, Georgia, Russia. So what are the reasons of such standing behind? Innovation House has visited IDC Security Roadshow 2018 conference and tried to sift this issue to the bottom.
Security gets smarter… viruses too
On February 9 the 23rd Olympic Winter Games officially kicked off in Pyeongchang, South Korea. More than 27 million spectators were watching the ceremony. However, it has not been without challenges. Сyberattack hit systems, which led to 12 hours of downtime on the official website, the collapse of Wi-Fi in the Pyeonchang Olympic stadium, and the failure of televisions and internet in media rooms.
Virus stole passwords and looked for the fastest path to spread along the system.
“It is not artificial intelligence yet, but it already has some automatic learning elements,” – Volodymyr Ilibman, Security Account Manager at Cisco, said.
Petya/NotPetya virus that has attacked Ukraine in summer 2017 has also shown some sparks of “intelligence”. It was spreading from one computer to another in the form of an avalanche.
Every sign indicates that viruses will soon have some “intelligence”
“Every sign indicates that sooner or later both viruses and useful software will have some “intelligence”. The fight against such viruses will be incredibly tough. Smart cybersecurity systems powered by artificial intelligence and machine learning will confront them,” – Mr. Ilibman said.
The study conducted by Cisco shows that 83% of companies around the world are going to cut their security costs through automation. 92% of IT-experts believe that behavioral analytics will help to identify illegal intruders.
Ukrainian companies may find themselves unprepared to attacks of the future. Experts say that despite previous experience, little attention is paid to the security issues.
We have experience, but have no labor power
“In the old days we walked along these streets and had no fear, now we are walking along these very streets and are frightened,” – this is what Victor Zhora, member of Ukrainian Information Security Group, said about the readiness of business to attacks.
It is not yet fully understood by Ukrainian companies that cyberwar has started and that they are endangered
Volodymyr Styran, co-founder at Berezha Security, explained the words of his colleague in such a way: having learned from the experience, the business started to be more afraid of attacks, but did not start to pour considerably more cash and resources in security. For instance, only two customers have addressed to his company after Petya. These are large businesses that came for a comprehensive audit and understanding of how to reorganize their infrastructure and raise the staffing level. A total of several dozens of customers came to Berezha Security during four years of company’s existence.
However, there are other examples too. Stanislav Pokhylko, Business Development Manager at Oberig IT, told that amount of work performed by his company has increased after Petya. “Our experts were working days and nights to restore the business systems of many major Ukrainian companies. And then these companies became our key customers,” – he said.
Security experts complain that Ukraine is in the serious shortage of qualified personnel. Therefore, even if there is a will to do something, there is no understanding what exactly shall be done and how to utilize funds most efficiently. The system of education is unable to train personnel, business pays no enough attention to this issue. “Security teams held meetings, conferences, engage in self-education with little or no involvement of business,” – Volodymyr Styran explained. It is not yet fully understood by business that cyberwar has started and that it is endangered.
New targets
According to Cisco, in 2018 malicious persons will actively explore industrial automated facilities in search for vulnerable areas there.
This is sad news for Ukrainian companies. “We have analyzed Ukrainian companies and found only age-old systems there. Controllers that are used for ventilation system control, video controllers – all this is vulnerable to attacks,” – Volodymyr Ilibman, Security Account Manager at Cisco, said.
Even strategic assets – such as telecommunication companies or energy producers, are not always properly secured. As alleged by Innovation House’s source in Ukrenergo, the enterprise shall raise tariffs to steer some money to cybersecurity. And since the company operates in a non-competitive market, all tariff escalations are being done through the National Commission for State Regulation of Energy and Public Utilities. “First of all, in our country consumers are supersensitive to raising of tariff rates. Secondly, when the issue of where to spend money is raised – for cybersecurity or to provide inhabited localities of Anti-Terrorist Operation Zone with electricity, then, sure thing, preference is given to the latter,” – the source in Ukrenergo said.
Volodymyr Styran believes that, in theoretical terms, it would be good to connect privately owned strategically vital enterprises to state CERTs – Computer Emergency Response Teams. “But having realized that Security Service of Ukraine may creep anywhere, private companies will never accept such cooperation,” – added he.
This year Ukraine is going to open 5 different CERTs
How to protect the “smart home” from hackers
It is very easy to scan your home computer for viruses. All you need is antiviral software. However, this situation with smart devices – home security cameras, smart home management systems, various sensors – is more complicated. Here are some recommendations made by security experts:
- always update software of your devices
- keep these devices within a separate subnetwork
- network of devices shall be isolated from the internet, if possible
- choose manufacturers that have long been on the market
- scan your devices by free Open DNS service at regular intervals
Banks have positive experience in doing business with the state in the cybersecurity field. “Thanks to interaction with CERT via National Bank of Ukraine we receive notifications when cyberattack are conducted and when some addresses shall be blocked,” – Max Moloshaga, Chief Information Security Officer at Piraeus Bank, said. No confidential information is transferred in this case. What banks do is only inform each other about any changes. So, as a matter of fact, National Bank of Ukraine has no connections to banks, except for its own electronic payment system.
According to Max Moloshaga, this year Ukraine is going to open 5 different CERTs that will inform companies connected to them about cyberthreats.
According to Cisco, in 2018 various smart devices will also be target for hackers. Illegal intruders make botnets (network of viral-infected devices) from gadgets, video cameras, digital video recorders. Mirai is the most famous botnet.
It unites hundreds of thousands of devices. Since the end of 2016 it has conducted several attacks, inclusive of on the only external Internet channel in Liberia, which resulted in a situation where entire country was without internet.
