The coronavirus (COVID-19) pandemic has caused a spike in attacks on the critical infrastructure of Russian companies.

A recent study by the local telecoms giant Rostelecom has revealed that the number or attacks on Russian companies has doubled since the beginning of 2020 as hackers mostly have attempted to intercept top managers' emails or take over control of companies' key infrastructure.

Rostelecom's division in charge of cyber-attack monitoring, Solar JSOC, has reported over 200 professionally executed cyber-attacks targeting Russian companies in the January to November period of 2020, which is twice as much as for the entire year 2019.

Most often, attackers have targeted strategically important companies, such as banks and firms in the areas of nuclear power, electricity, defence, healthcare and state governance. Solar JSOC wouldn't reveal any names of specific companies that have suffered cyber-attacks.

According to the research firm, in the lion's share of cases, attackers tried to exploit so called zero-day vulnerabilities – that is software vulnerabilities that are unknown to the developers and users. Of all the registered attacks, zero-day vulnerabilities played a role in 85% of cases.

Another type of attack involved attempts to intercept control of critical infrastructure by targeting work stations of IT administrators with high-level access privileges.

The high security level of a company's IT infrastructure can't guarantee that hackers won't be able to get access to it, Solar JSOC's general director Vladimir Drukov said in comments to the report.

"More and more often, hackers choose not to attack a company directly, but target its sub-contractors instead, which are generally less concerned about cyber-security issues but have access to the infrastructure of the target company," he explained.

Incidentally, a sizeable proportion of cyber-attacks directed at Russian companies come from abroad, local cyber-security firms say.

According to the company Check Point, between May and October, hackers based in the United States accounted for 36% of all cyber-attacks against Russian companies, while only 29% came from inside Russia.

Meanwhile, one of the main reasons for the spike in cyber-attacks observed this year is the coronavirus (COVID-19) pandemic, which caused many companies to fully or partially switch to remote work. As a result, many employees have been accessing companies' IT infrastructures from home and other places more vulnerable to cyber-attacks.

"Cyber-criminals' activity has stepped up by 20% to 25% since the beginning of the pandemic," Yevgeny Kaspersky, general director of Kaspersky Lab, was quoted as saying by TASS. "And this is good news for companies working in the cyber-security area. We have a lot of work." According to Pavel Korostylev, head of the product promo department at the cyber-security firm Kod bezopasnosti, the pandemic has created a window of opportunity for hackers.

"There is an entire class of systems where vulnerabilities cannot be fixed without completely shutting down the entire system," he was quoted as saying by Kommersant. "Therefore, a system can stay vulnerable as long as permission has been issued to shut it down." Meanwhile, global exchange of data could also provide hackers with opportunities for attacks.

Andrey Yurshev, director of the product management department at InfoWatch ARMA, told Kommersant that an increase in the number of cyber-attacks in recent months is part of a global trend that involves higher proliferation of software controlled by cyber-criminals in one way or another.

"Imported software is manufactured in such a way that it sends so called telemetric info back to the manufacturer," he explained. "Therefore, corporate networks used only for enterprise purposes can inadvertently send all information required for cyber-attacks to hackers." The increase in the number of cyber-attacks could also have to do with the general digitalisation trend in Russian business and state agencies, Pavel Kuznetsov, deputy head of the expert security centre Positive Technologies, added.

-

This article is part of bne IntelliNews coverage of technology, blockchain, fintech, cryptocurrencies and the new economy. Sign up for the free monthly newsletter bneTech here, or read more tech stories on the website here.

Read the latest issue of bneTech here

https://online.flipbuilder.com/myab/hhkm/

Sign up for free here

https://to989.infusionsoft.com/app/form/sub-bnetech-sign-up

bne’s tech section online

http://www.intellinews.com/tech/