Cyberattacks are hurting businesses here


Should Quebecers fear the threats of cyberattacks that Russian President Vladimir Putin is launching across the West? Companies, yes, since they “can experience a nasty ordeal”, believe two experts.

Long before Russia invaded Ukraine, like China, it had a reputation for being the source of many cyberattacks. But what is it in reality?

To answer the question Simon Fontaine, CEO of ARS Solutions, a cybersecurity company in Quebec, bases himself on the publications of the NSA (National Security Agency), the FBI and the CISA (Cybersecurity and Infrastructure Security Agency) “references in cybersecurity”.

“According to them, the latest waves of attacks are coming from Russia and China. There is always a signature specific to the country from which the attack originates. But these agencies cannot tell whether the attack is coming from the government or from individuals,” he said.

vpn

Jamming the tracks is always possible, but the modus operandi does not lie.

“There is also always the possibility of connecting from here via a VPN to a server in North Korea, but the American agencies, depending on the method used, are able to attribute an attack to a country” , adds Mr. Fontaine.

Éric Parent, CEO of Logicnet and EVA Technologies, agrees.

“Analysts from agencies or a company like Mandiant, which Google just bought, are watching the attack sequence. They infiltrate some chat groups and can come to safe conclusions. For example, if we find that the CONTI group is at the origin of an attack, we know that they are Russians. We recognized their method for the attack on the Alouette aluminum smelter,” he says, about the incident that hit the Sept-Îles company at the end of February.

Frequent and successful attempts

Simon Fontaine “sees cyberattacks every day” among his clients. He estimates that they have been increasing for five years.

He remarked that “since Christmas Russia has been quite active”, wondering if this could have something to do with the aggression in Ukraine.

“China’s attacks are often noticeable from the traffic on a factory’s cameras from which they try to infiltrate the company’s network,” he said.

And if the attacks are more and more frequent, it is because they pay off big.

In eight months in 2019 and 2020 $7.5 billion the Ryuk virus brought in $7.5 billion ahead of Mr. Fontaine.

“If we consider all the viruses on the planet, we realize how profitable it is, it’s a whole market. The return on investment of a single email, hackers have understood it.”

Serious consequences

Éric Parent believes that it is “not entirely true” that there are more cyberattacks coming from Russia, but that more attention is now being paid to it.

But he notes the regularity and the consequences of these attacks.

“Companies can go through a nasty ordeal. There isn’t a week where I don’t see a company being taken in by ransomware.”

And even if the attack is not successful, there may be consequences.

“Once an attack has been discovered, you have to wonder what was affected. In theory, all critical systems must be reassembled. It creates a disturbance for two weeks, ”he says.

More serious

Éric Parent adds that certain traditional methods for setting up a network make it easier for hackers to work.

“If we put in a backup infrastructure and call it backup in the network, it does not take a genius to notice it. Exchange for email, DC for domain controller, that’s what a hacker looks for on a network.”

“We are no longer in the era of just changing passwords and doing a security audit every year,” adds Mr. Fontaine.

In his presentations to his clients, he likes to show maps of cyberattacks.

“It’s impressive. It almost looks like fireworks. And that’s only from one router manufacturer that shows attack on their devices. We must now imagine the map with all the router companies in the world,” explains Mr. Fontaine.

From top

The two experts also agree on the responsibility of the upper hierarchy of a company in the ability to resist cyberattacks.

“Managers become jaded when we talk to them about threats, until it happens to them,” regrets Éric Parent.

“In a company, it must come from the management. Cybersecurity is a bit nebulous. But management needs to realize that this is not just the responsibility of the IT department. When the management doesn’t care, the employees do the same and it doesn’t help to have equipment costing $15 or $20,000,” concludes Simon Fontaine.

Cyberattacks: Russia’s capability should not be exaggerated

Despite calls from Vladimir Putin to jeopardize the West with attacks on the Internet, an expert in the field believes that Canadians do not have too much to worry about for their safety.

Éric Parent, CEO of Logicnet and EVA Technologies, does not minimize the potential impact of cyberattacks on companies “which can experience a nasty ordeal”, nor the consequences for citizens of data theft.

But, according to him, Russia does not have the capacity to take control of our dams or air traffic, for example, in short to put the physical safety of Quebecers at stake.

“Yes someone could disturb something, but a human can always act” and correct the situation, he thinks.

He does not hesitate to draw a parallel between the inefficiency of the Russian army in Ukraine, its tactical errors, and the limited effectiveness of its cyberwar “since Putin declared that it was open bar and make efforts” to attack Western infrastructure.

Return of the pendulum

He also claims that like Russia, “Ukraine and Romania have large criminalized communities generally when it comes to ransomware to seek financial gain.”

But since February 24, the picture has changed, and Ukrainian criminals have a new target.

“There are people like me in Ukraine who have IT jobs by day and retrain to launch attacks in Russia by night. We are truly in a cyber war. These are no longer ransomware, but destructive attacks. As with their somewhat wacky military, we see that the Russians are also having it cybernetically. Ukraine has a lot of sympathizers and Russia is starting to have a bad time,” thinks Éric Parent.

Nor is he convinced that Putin’s call has been heard by all Russian hackers.

“These groups don’t necessarily agree with Putin. They do business,” he says, believing that for some – and their bosses – the appeal of money might be more important than that of homeland.

In Quebec

Éric Parent also does not believe that Russia can harm Hydro-Québec, for example, by blocking the electricity production of a dam. Because there are ways around computerization, put in place by cybersecurity experts themselves.

“I did a security audit at an airport. The runway lighting was computerized. The solution was the installation of an electric switch to manually turn the lighting back on. An attack on the runway lighting wouldn’t have a big impact. That’s risk management,” he says.

He is also reassuring about an incident in which a pirate had come into contact with an airplane pilot.

“A fool bragged about hijacking a plane. Yes, it’s disturbing, but there was a human, the pilot, who was always in control,” he insists.

Anonymous

In the wave of reactions following the invasion of Ukraine Anonymous, the notorious hacker group, said it had targeted Russia. He also took credit for several intrusions.

“Anonymous claims many attacks, including Russian government sites. It’s possible, it’s still hard to prove, but yes there are very competent people among them,” said Simon Fontaine, CEO of ARS Solutions.

He adds that Russian banks and media are also among their alleged targets.

“A country can attack another and say the attack is from Anonymous. The idea of ​​an anonymous group is very useful for attacks sponsored by governments, because they can attribute responsibility to them”, opines Éric Parent.

Responses

And it should not be thought that the United States, and probably Canada too, are not giving back to the Russians.

“Everything is done anonymously, but the Americans do much the same thing”, is convinced Simon Fontaine.

“Americans are pretty well equipped when it comes to cyber warfare. It’s not the best thing to do to threaten a country with as much capacity as the United States and its allies,” adds Éric Parent.

Knowing now whether these attacks on Russia could change the course of the war, Éric Parent has a reservation.

“It’s always hard to predict because it depends on the reliance on technology. Even if Russia boasts of being very modern, we see that this is not true on many things. Perhaps cyberattacks will have less impact than we think. But on the political level, on the appearances, Russia does not look good”, concludes Éric Parent.




Reference-www.journaldequebec.com

Leave a Comment