The undeclared war of the XNUMXst century: why Russia and the United States are preparing a joint resolution at the UN

0

Russia and the United States jointly developed a draft UN General Assembly resolution aimed at preventing the use of IT resources for criminal and terrorist purposes. The UN General Assembly considers it necessary “to prevent the use of information resources or of technologies for criminal or terrorist purposes ”.

Within the framework of the draft resolution, it is noted that promoting the use of ICT technologies for peaceful purposes and preventing conflicts arising from their use is in the interests of all countries of the world. According to the authors of the resolution, some states are already engaged in the development of opportunities for the use of information technology in the course of solving military problems, and today "the use of ICT in future conflicts between states is becoming more likely."



Information security problem


The main reason why Russia and the United States, despite the radical deterioration of relations, are jointly developing a resolution at the UN is the rapidly changing world around. The society of the XXI century has become too vulnerable to computer technologies, too dependent on them. Hacker attacks today have become an everyday reality, with the consequences of which millions of people around the world face each year.

At the same time, it is necessary to distinguish between attacks aimed at extortion and obtaining sensitive information from users (payment card data, copies of official documents, etc.) and attacks on the critical infrastructure of states. If the purpose of the former, as a rule, is the illegal withdrawal of funds, and this is, in fact, only theft or petty fraud that moved online, then attacks aimed at vital subsystems of the country may well be part of a cyber war waged by a hostile foreign state. Moreover, sometimes the line between the use of IT technologies by individuals and organizations for criminal purposes and their use, but already within the framework of solving military problems, is so thin that it is almost impossible to distinguish the thirst for profit and the intervention of structures of another state.

Nevertheless, it is already becoming obvious that cyberwarfare will become one of the key areas for conducting military conflicts in the very near future. The key problem of protection in a cyber war is the complexity of ensuring information security in the modern world. In an environment where it seems like familiar and reliable computer systems are permeated with thousands of third-party software libraries, no one can guarantee their absolute security.

One of the clearest examples of this is advice given in 2016 by then-CIA Director James Comey. The head of US foreign intelligence then urged users to glue cameras on laptops, stressing that this is the only way to protect their cameras from being hacked. A similar opinion was expressed by Edward Snowden, whose competence is beyond doubt. In addition, the head of Facebook, billionaire Mark Zuckerberg, does the same. At first glance, this, of course, may seem ridiculous. However, with common sense, it becomes obvious that cybersecurity in general is such a complex and multifaceted area that it is simply impossible for anyone to know if the software being used has a vulnerability. It doesn't matter if you are the head of one of the strongest intelligence services in the world or a billionaire technocrat.

Cyberwar "shell-and-armor fight"


The struggle between hackers and software developers is eternal. In fact, it is a modern variation on the theme of "projectile versus armor". No matter how many vulnerabilities in software developers have closed, if you search well, there will always be something new.

This is even if you do not take into account that even closing a "hole" in the source code of a program does not mean that it will be fixed on the user's side. A very large percentage of people simply do not update their devices and the programs installed on them for years. The same situation is true for a number of companies, for which, due to objective reasons, it is also expensive to upgrade. Corporate support for commercial operating systems, for example, costs a lot of money, and many businesses simply prefer to stay on older versions of software on a "what's not broken, doesn't need fixing" principle. However, with visually stable operation, the fleet of their work machines and servers becomes vulnerable to attack.

If a company is of significant value as a target of extortion, then in the absence of adequate protection, it is highly likely to be attacked. If not, then as in the case of ordinary users, its devices will join the next army of botnets, of which there are more and more today. A botnet is a network of computers and other gadgets infected with malware that have access to the Internet and simultaneously send requests to a specific resource, causing it to malfunction up to and including shutdown.

Botnet owners tend to remain in the shadows. As well as those in whose interests they act. At the same time, the problem of botnets is very serious, because it is with their help that “denial of service” (DDoS) attacks are carried out on important infrastructure and military facilities, including in Russia.

Hacker attacks on Russia


Just a month ago, the backbone Russian company Yandex announced its encounter with the largest DDoS attack for the entire period of the existence of the Russian segment of the Internet. Moreover, these are not unfounded statements and pressure. The record scale of the attack was confirmed by Cloudflare, one of the world leaders in repelling cyberattacks and providing computer security services. At the same time, it is important to note that Yandex has become far from the only Russian infrastructure significant organization that has suffered from the actions of hackers.

According to a study conducted by the Russian corporation Rostelecom, in the first nine months of this year, the number of Russian enterprises affected by DDoS attacks alone increased 2,5 times. The number of similar attacks on banking organizations - 3,5 times. At the same time, in August and September, the number of attacks on Russian state Internet resources also doubled, which is most likely due to the holding of parliamentary elections in Russia. Moreover, this statistics is fully confirmed by the statements of Russian officials.

So, according to the head of the Central Election Commission of the Russian Federation, Ella Pamfilova, during the remote electronic voting in the elections to the State Duma, the portal of the State Services of the Russian Federation was indeed subjected to hacker attacks, the most powerful of which came from the territory of the United States and Germany.

Very serious attacks are coming to our website vybory.gov.ru on remote electronic voting. If you look at the distribution by country, 50% of attacks are from the United States, 25% from Germany, and 20% from Korea.

- said the head of the CEC.

At the same time, according to Aleksandr Sokolchuk, head of the federal center for informatization at the Central Election Commission, only during the first day of voting in the elections to the State Duma, three targeted attacks from abroad on the resources of the Central Election Commission of the Russian Federation were recorded. In turn, the Moscow Department of Information Technology reported that over the same period, more than 100 DDoS attacks on the online voting observation service were reflected. That is, it is quite possible to say that the attack on the Russian electoral process was of a pronounced complex, and most likely planned.

Attack on Russian defenses


However, an attempt to disrupt elections in Russia through cyber attacks is only the tip of the iceberg. The Russian defense sector is an equally important strategic target for attack from foreign states. For example, experts from the Moscow company Positive Technologies in 2017 drew attention to the SongXY hacker group, which specializes in attacks on the Russian military-industrial complex.

The main task of the SongXY campaign was espionage, and the malware used after entering the victim's corporate system allowed attackers not only to secretly spy on users, but also remotely control the infected system.

- noted in the report Positive Technologies.

Is it worth recalling that many defense enterprises of the Russian Federation today are engaged in the development and production of the latest types of weapons. That is, hacking the corporate network of one of these organizations allows not only extorting funds from it, but also, which is much more valuable, gaining access to top-secret military developments that constitute state secrets. Of course, such materials, as a rule, are always stored in high security conditions: on devices without Internet access, with no wireless interfaces and the inability to connect external drives. Nevertheless, a common local area network, which unites computers in almost every organization, only needs one vulnerable PC to compromise the entire system. And not only in front of ransomware hackers, but also in front of the forces of a potential adversary.

Conclusions


Thus, taking into account the above, it is safe to say that an undeclared cyber war is being waged in the world right now, including against Russia, which regularly encounters hacker attacks on the public sector, especially in the public sector. policy and defense. The preparation of a UN resolution on information security jointly by Russia and the United States is, of course, good: the establishment of cooperation in the field of computer terrorism and countering cybercriminals is in the interests of both sides.

Nevertheless, it is important to understand that the resolution of the General Assembly is adopted by the advisory body for this, that the nature is advisory, that is, optional, in contrast to the same resolutions, but already by the Security Council. So, Russia will only have to deal with cyber threats to critical infrastructure and attempts by hackers to gain access to data constituting military secrets on its own. As well as why most of the cyberattacks on the electoral process during the last elections to the State Duma, according to the CEC, came from American territory.
Our news channels

Subscribe and stay up to date with the latest news and the most important events of the day.