Cloned Boy
Professional
- Messages
- 1,192
- Reaction score
- 923
- Points
- 113
CYBER-SAFE COUNTRY.
IT crimes are becoming a serious threat not only to ordinary users. Medium and large businesses, entire industries and government agencies regularly suffer from hacker attacks. And this trend must be reversed! How to make our country cyber-secure? What is quantum cryptography? And where is the main cyber battle between information security specialists and real hackers taking place? What is NFT? What is a quantum phone and what is it for?
Russia is confidently among the TOP-10 countries in the world with the highest level of cybersecurity. This is confirmed by regular UN reports. At the level of the United Nations, the problem of hacker attacks is now receiving much attention. It is not surprising, because we live in the digital age.
Alexey Novikov (Director of the Expert Security Center)
Digitalization is advancing at a leaps and bounds. New services, new gadgets, new devices, the Internet of things, the constant digitalization of various services. Yes, it is convenient, you don’t have to go anywhere else, but open a website, government services, or some other one, and do everything via the Internet. And, unfortunately, most people in the race for this figure think about information security at the last moment. Or do not think about it at all until some high-profile incident occurs.
And there are many, many examples of this.
IT crimes are becoming a serious threat not only to ordinary users. Medium and large businesses, entire industries and government agencies regularly suffer from hacker attacks. This trend must be reversed.
Life in a modern city is constant interaction with digital systems. Wireless Internet waves, programs, codes are an integral part of our habitat. Each person leaves a digital trace in the concrete jungle, which can be followed by hunters for confidential information. In any passing car there may be a person who is ready to take what is lying around in our gadgets. An experienced hacker knows that everything can be hacked.
For example, attackers want to penetrate the network of a large company via Wi-Fi. All they need is a tinted minivan, an antenna, a couple of smart guys with laptops and a fake pass to the territory of company "X". The antenna is directed to the Wi-Fi zone. A little hacker magic - and that's it. The attacker is no longer in the car. Now it's as if he is sitting in the office, like an ordinary employee. Through a hacked Wi-Fi, a hacker can penetrate anywhere.
To accountants' computers and bank accounts. To mail servers with top management correspondence. To software developers' cloud storage or to the production management system. Every company has vulnerabilities through which it can get what it is afraid of losing. And hackers actively use this.
Anton Selyanichev (senior business development manager of an IT company)
The fact is that the more we implement and use smart technologies, and in particular, the Internet of Things, the more vulnerable companies and their assets are to cyberattacks. Let me give you a classic example. In 2018, attackers gained access to confidential data of a Las Vegas casino by hacking, pay attention, a thermostat in an aquarium, which for some reason was connected to the corporate network.
That is, it seems to be a completely ordinary thing, but it is a springboard for an attacker to gain access to confidential data, possibly personal data of casino users.
Every year, there are more and more cybercriminals in the world. After all, when switching to digital, they have two very important advantages - no borders and almost complete impunity.
Alexey Novikov (Director of the Expert Security Center)
: That is, a person who lives in Ukraine, his citizenship is some other strange one, and he rents a dedicated server somewhere in Asia, a number of proxies, there, Germany, the Netherlands, the USA, whoever. And then he attacks some company in Russia. In order to unravel and find this attacker, coordination, cooperation of a huge number of companies, law enforcement agencies, official requests, and so on, and so forth are necessary.
All this takes a lot of time, and, accordingly, these crimes are solved for a very long time.
But they are committed very quickly, and often hackers do not even have to leave home to do this.
Alexey Novikov (Director of the Expert Security Center)
Attackers currently understand perfectly well that if earlier, in order to, roughly speaking, steal money, as in Hollywood movies, it was necessary to stop a collector, or blow up an ATM or something else, now it is possible to gather groups of people located in different countries, just be an effective manager, divide the tasks and steal significantly larger sums of money from a bank or from an organization that has quite a lot of money in their account.
To counter this international criminal community, Russian information security specialists regularly conduct cyber exercises.
Positive Hack Days is the largest cybersecurity forum in the country. More than 8 thousand visitors and over 127 thousand viewers online. Such a surge of interest is caused by the appearance of real hackers on the forum.
Every year, virtual hacking virtuosos from different countries come to Moscow to participate in TheStandOff. This is the largest open cyber battle in the world. It is taking place in state F. In essence, it is a model, which presents the main city infrastructure and key industries.
Oleg Ivanov (head of development of the cyber polygon "The Standoff")
Yes, this city infrastructure also includes an amusement park with a circular observation deck and a lot more. We have a full reproduction process at a metallurgical plant, we also have a transport company, railway, sea transportation, plus air and so on. Here, and there is also the energy sector.
Don't be confused by the childish size of the state F, in fact, everything here is for adults.
Alexey Novikov (Director of the Expert Security Center)
Business can actually see in practice whether it is possible to move a switch on a railway and push two trains together. Because the controller that is there is a real physical controller. They are visible industrial SUTP controllers. And within this framework, we directly work out and watch how products behave, how information security copes, we track new techniques and tactics
that hackers bring.
Seventeen red teams of experienced hackers are trying to break through the defense and paralyze the life of the virtual state F.
Egor Bogomolov (hacker)
We are having fun in destroying them as much as possible, in order to realize some risk, I don’t know, turn them into a cauldron, spill iron or, I don’t know, stop an airplane or, I don’t know, create free tickets. Anything.
The army of hackers is opposed by the blue team, the defenders. These are cybersecurity specialists from leading Russian companies.
Sergey Noskov (captain of the defender team)
Each team was given its own segment. Oil, energy, railway transport. In particular, we will provide the segments entirely with energy. All of our sites are entirely related to energy, and, accordingly, the entire infrastructure too.
The list of energy complex facilities is displayed on the main board of the forum. The defenders can see successful hacker attacks on their segments in real time.
Sergey Noskov (captain of the defender team):
This is for us the shutdown of the electric power station, the shutdown of wind turbines. From the user and administrative segment, this is the spread of the ransomware virus, the introduction of malware into the development process, the theft of confidential information, and others. There are also lists of successful attacks that hackers need to implement. And we, accordingly, control them all.
According to the terms of the cyber battle, defenders cannot stop hacker attacks. Their task is to find out how the unacceptable became possible.
Sergey Noskov (captain of the defender team) :
We will not be able to resist hackers in any way, because we have selected track monitoring, and we can only analyze the traffic that comes from the infrastructure sources within their stands that have been developed. And as part of providing reports, if a successful incident has occurred on any of the infrastructure assets, we provide, along with detailed information about this incident, we provide a response event.
The task of the defenders is to defeat the enemy on paper. In fact, to prescribe a sequence of actions that will stop the criminal at one of the lines of defense.
Alexey Novikov (Director of the Expert Security Center)
In matters of information security, it is impossible to build information security so that computer incidents do not happen. But it is necessary to build it so that even if an incident did happen, this incident would in no way lead to the implementation of these unacceptable events, so that money was stolen, production was stopped, or the infrastructure was encrypted. The information security system must be echeloned.
The action of a team of hackers resembles the storming of a fortress. Each soldier has his own tasks.
Egor Bogomolov (hacker)
My direction is the direction of primary attacks. That is, I break through, an information resource, so to speak, I break through, jargon, I hack them primarily and give them to those who begin to dig deeper into them and try to gain a foothold further, to penetrate them, and so on. And I move on to another system. Because all hackers do not actually do everything at once. Each specializes in a separate topic that is close to him, interesting, and so on. Here is my topic of a web application, external services, public. The topic of a friend's colleague, maybe a local network.
Storming states F teams of hackers fight not only with defenders, but also among themselves. For each successful hack they receive points. The team that causes the greatest damage to the infrastructure will become the winner in the overall standings. However, this is rather a pleasant bonus. The main goal of the so-called "white" hackers is to gain professional experience.
Egor Bogomolov (hacker)
Well, in general, all hackers are necessarily curious. Whites simply do not cross the line, yes, that is, they do not violate someone's privacy or anything else. Globally, that is, all specialists in security analysis or so-called penetration testing, who, in general, are engaged in hacking, only legal.
Private companies and government agencies regularly engage white hackers to check the security of their systems. So in this case, both sides, both red and blue, work in the name of cybersecurity. Specialists from the defense side also compete with each other. Their work is assessed by a jury consisting of the strongest experts.
Oleg Ivanov (Head of Development of the Cyber-Pool "The Standoff")
Defenders can investigate incidents that they see in the infrastructure and send the jury for validation. And also, when a business risk is realized for them, when the attackers have implemented something, namely a specific task, the defenders must fully investigate this incident. Since they recorded it all step by step, they, in principle, only have to glue it all together and send it for validation. That's how the process is arranged.
But again, the most important thing that the blues will take away from the forum is invaluable experience.
Oleg Ivanov (Head of Development of the Cyber-Pool "The Standoff")
As for the blues, it is mainly interesting for large companies to participate here in order to hone their skills, plus use some new products, choose between other products. Blue teams can experiment here, they cannot afford this in real life. Because to launch a hacker right close to your heart and see how he will act is a very big risk. And here the risks are minimal for them, and the experience is colossal.
The experience gained will help cybersecurity specialists to resist real dark hackers. They can attack a variety of objects, for example, the infrastructure of an oil company. Such attacks are not so rare.
Sergey Noskov (captain of the defenders team)
Of course, first of all, it is necessary for hacker groups that work for foreign countries, this is first of all. Second on the list are hackers who pursue some goal, a financial goal, just to undermine the authority of some company, competitors. And the third area is just lone hackers, beginners who just want to practice on some infrastructure.
The cyber training ground is exactly the place where professionals learn to resist the most sophisticated and insidious hacker attacks. How successfully they will succeed will become clear in four days. That is how long the main cyber battle lasts.
And for those hackers who do not participate, the forum organizers have provided many other competitions. One of the most interesting is The Stand of Digital Art. Is it possible to steal a work of art without leaving home? It turns out that yes, if it is in the Metaverse. This term was first introduced in 1992 by Neal Stephenson in his science fiction novel Snow Crash to describe a comprehensive 3D virtual world that imitates, complements, improves and connects with physical reality.
And thanks to the cult film The Matrix, the Metaverse entered the mainstream. Now anyone can get into it. All you need to do is buy a virtual reality headset or use an augmented reality app on your smartphone. Visitors to the modern Metaverse use it to physically interact in the virtual world, where they take the form of avatars.
There you need to communicate, play games, walk around the digital space, look at interesting objects.
Denis Matveev (advanced user of the Metaverse)
You can take out your phone and watch any things that are in this meta-verse, which is created by the users themselves, who are created by the developers. Enjoy, earn on it, where would we be without it. And, of course, there are various values that we need to keep safe. These are NFT, Non-Fungible Tokens, which can be used absolutely as you want. They are made in the form of 3D models, and they can really be art, art, just come and watch.
You can make various attractions, relatively speaking, some bloggers can go to the project and create something unique, while clicking on the same augmented picture, model, and possibly get another token of another project.
We can say that we live in the era of NFT. The trading volume on this market is more than 40 billion dollars a year. Classic works of art are sold for about the same amount. Virtual currency, tokens allow everyone to own unique items. When artists, especially during quarantine, had new opportunities to sell their works, cyber fraudsters came on the scene. Blockchain remembers everything. This is what hackers can use.
Denis Matveyev (advanced Metaverse user)
The NFT itself, as we assume, a model, a picture, and so on, is a kind of code, a kind of smart contract. And hackers are looking for a vulnerability in it, where it is easiest to enter it and replace the information with another. Perhaps with a reference to another contract. And so that the human user then, roughly speaking, “Oh, I poke at my favorite lock, with which I can receive silver, again, our meta-universe,” he actually gets, roughly speaking, poke send this silver, but he does not send it to his wallet, not to his own, but directs it to another.
And in this case, the hacker almost has the opportunity to get all the funds, transfer them to his wallet, and then resell them for a higher price. Well, I'll tell the guys how to do it. The guys themselves will find where to quietly drain it, but we would not like that. We want users to have the opportunity, of course, to use this and feel that all the funds they transferred from the real world have been supplemented, so that they are safe.
The best way to test the reliability of the meta gallery is to launch hackers there. During the competition, they will try to steal crypto art from real artists.
Andrey Sologub (Metaverse developer)
Our Russian artists have prepared their works especially for today's event. They have made several paintings, which we have converted into NFT, put on the Ethereum network and placed on our digital lands. Small loopholes in the smart contract were also specially made to make it possible to carry out the theft operation.
Because, in fact, our protection is very serious.
The most interesting thing is that the theft process can be observed in real time through the application. Every time tokens appear in the hacker's wallet, an art object disappears from a special tree in the Metaverse. The results of the competition prove the relevance of this direction. After all, hackers closely follow trends, and all the latest technologies instantly fall into their field of vision. Companies that deal with information security must be one step ahead of intruders, take measures, create new products that ensure cybersecurity.
One of such innovative products was once biometrics. Methods of user identification using a face image, retina or fingerprint have long been adopted by a variety of services. At first glance, they seem to us to be as reliable as possible, but biometrics has its vulnerabilities.
A separate competition, "Hackers' tasks - bypass the biometric system", is dedicated to them at the forum.
Alexandra Murzina (Head of Advanced Technologies Department of an IT company)
This is a specific task, it is very limited, unlike real life, but it is something specific, yes. For example, a website, and you need to log in using a photo of a user. Accordingly, these services are vulnerable in advance. We have embedded vulnerabilities in them, participants need to find them and implement the risk that may exist in reality.
Successful bypasses of biometrics by hackers allow developers to clearly demonstrate the vulnerabilities of such systems.
Alexandra Murzina (Head of Advanced Technologies Department of an IT company)
And, on the other hand, this is an opportunity for specialists who are engaged in machine learning, biometrics, to also look at these tasks and understand how this is possible, so that they can then take it into account when developing their services.
Their number is growing every year. For example, Russian financial institutions have begun large-scale implementation of biometric ATMs. In general, a modern ATM is not just a machine with money. It is a computer to which hackers can successfully pick up an electronic key.
Maxim Kostikov (bank representative)
This is a competition for hacking ATMs. That is, we have an ATM stand here, when hacked, money will be given out. Since there is one ATM, and many participants, there is a separate table where the participants sit and hack virtual machines with ATMs, where there is a task. Accordingly, the essence of the competition is to hack two virtual machines, get all the privileges on the system, bypass the kiosk. Well, in general, to make an attack close to reality, which can be done by intruders.
There are two options for real hacker attacks on ATMs. In the first case, the intruder can gain access to the service area. Open the door with a crowbar, drill or fake key. Then he directly connects to the computer and bypasses the kiosk. In fact, he forces the ATM to give him all the money. And the second method is called "BlackBox". In this case, the criminal attacks the dispenser, which is responsible for issuing cash.
He disconnects the wire from the dispenser to the computer and connects it to his laptop. Then he directly issues a command to the dispenser and takes the money.
Maxim Kostikov (bank representative)
A prepared attacker attacks an ATM, well, at least five minutes, maximum ten minutes. He carried out a planned attack, took the money and left.
White hackers who break into an ATM have an easier task than real criminals. They do not need a crowbar or a drill. They already have access to the ATM software.
Maxim Kostikov (bank representative)
In this case, the guys are engaged in the first stage of logical attacks. That is, bypass, kiosk, bypass of security tools, privilege escalation. And after each solved task, the ATM gives out money, thereby showing that it has been hacked. Now an ATM has been hacked. And as we can see, money was given out, the ATM lights up, which means something happened.
We look at how many tasks were solved and how quickly people solve these tasks. Who is faster, who is better. Competitive mode.
Representatives of banks are also closely watching the competition. In fact, it is held in order to show their vulnerability to such threats.
Maxim Kostikov (representative of the bank)
We show that if the ATM is not sufficiently protected, then the level of the intruder who can approach it and hack it is quite low. Since this is a conference, people come here, including from the banking sector, and, seeing how an ATM is hacked, they make logical conclusions that they should not do this.
By the way, the banking sector in Russia is quite reliably protected from cyber threats. This is confirmed by the course of the main cyber battle. Almost all the companies presented in the model suffered at the hands of hackers. With the exception of the banking system of state "F". It turns out that we can be absolutely calm about our hard-earned money? Or not? Bank card fraud is one of the most common ways to steal money.
According to statistics provided by the central bank, criminals annually withdraw more than 1.3 billion rubles from customer accounts.
Pavel Kuznetsov (Deputy Managing Director for Cybersecurity Technologies of an IT company)
If we are talking specifically about fraud, then the share of fraudulent crimes is indeed growing, growing, growing every year, almost exponentially. For the simple reason that, probably, the world of information technology is now such a modern Wild West, the Wild West, because it is much easier to carry out a sociotechnical attack on a bank client or a bank employee and extract confidential information from them, or force
them to make a transfer by contacting them via IP telephony or email, or another method of electronic communication, than to put a gun to their head in an alley. Moreover, the second is still punishable by law much more strictly than the first.
It is very difficult to solve this problem, because the weakest link in the defense is the clients, who have to be taught basic personal cyber hygiene.
Pavel Kuznetsov (Deputy Managing Director for Cybersecurity Technologies of an IT company)
Including the Central Bank and representatives of at least large organizations in the banking sector, now almost everyone has a program to improve the cyber literacy of the population and with the population, namely with individuals with us. Organizations work with you and try to explain to them which calls may be fraudulent, that in no case should you tell the operator by phone if you receive a corresponding call, or via another communication channel, including email or electronic messengers.
Although security service employees work daily to eliminate the possibility of theft of funds. Criminals come up with new schemes for fraud with bank cards. But perhaps the final victory over the intruders will be achieved with the help of artificial intelligence. Products based on it are already being actively implemented by banks.
Pavel Kuznetsov (Deputy Managing Director for Cybersecurity Technologies of an IT company)
Artificial intelligence technology is perhaps one of the largest and closest technological directions to the development of such products. Accordingly, the second direction, also very close to machine learning, is actually data mining. That is, both are tied to the training of expert systems, the detection of fraudulent transactions, separating them from legitimate ones, based on the processing of huge amounts of transaction data, both legitimate and illegitimate transactions.
Under the guidance of specialists, the electronic brain gradually learns to make decisions about which payment is legitimate and which is suspicious. Artificial intelligence blocks such payments just in case, because the client or the financial institution itself may suffer. After all, advanced hackers are able to commit large-scale thefts directly from correspondent bank accounts. We can talk about colossal sums, so expensive innovative artificial intelligence products will be implemented here first of all.
Pavel Kuznetsov (Deputy Managing Director for Cybersecurity Technologies of an IT company)
For this purpose, we are now offering the market the concept of our meta-product O2. In decoding, "detect" and "stop". Accordingly, we detect the intruder at the stage of his attempts to penetrate the system, and before he reaches the implementation of an unacceptable event, we restore him.
Plus, understanding the absolutely serious market problem of shortage of personnel, shortage of experts, shortage of specialists in the field of cybersecurity, our product will allow implementing such effective cybersecurity, covering specific risk areas with minimal involvement of expert human power. If there is at least one specialist, he has basic skills in the field of cybersecurity, he will be able to use this product effectively.
Maybe that is why white hackers failed to take the bank "State F" in 4 days of cyber battle? The forum jury is already summing up the results of the battle. Who won? Who lost? Which objects were the best protected, and which, on the contrary, were attacked with maximum damage? This year the cyber battle turned out to be epic. The attackers implemented unacceptable events 63 times.
Moreover, 30 of them were unique. By the way, absolutely any company that wants to pump up its cyber defense can participate in the annual hacker forum.
Oleg Ivanov (head of development of the cyber polygon "The Standoff")
There are various formats when a company can directly place its software or its developments on our infrastructure. But the main thing is that many companies, already mature ones, have their own separate stands on which they can launch attackers. And the company simply uses the platform in Ak-Bounty, because this platform is funny because a lot of attention from hackers who search for vulnerabilities.
The more such advanced companies there are, the higher the overall level of cybersecurity in the country will be.
Alexey Novikov (Director of the Expert Security Center)
If each of the companies that influences and has a key importance for the industry, raises its level of information security, then the entire industry will become more protected. When in a state of such industries, roughly speaking, all key industries become safe, then the security of this particular one state will become significantly higher.
And Russia is actively moving in this direction, that is, both Federal Law No. 187, "On the Security of Critical Information Infrastructure", and the State Defense Industry Complex, which is being created, this is, in principle, all about this.
And our country should have good cyber immunity. In May 2017, a real cyber pandemic broke out on the planet. The Wona Cry encryption worm infected more than 200 thousand computers in 150 countries. Factories around the world stopped, hospitals were paralyzed, government agencies, banks, and telecommunications companies suffered. Estimates of the damage from this epidemic vary from several hundred million to several billion dollars.
But why are such large-scale cyberattacks possible at all? The reason is the vulnerabilities in the architecture of the operating systems that we use every day. They are built on a shaky foundation, from a security point of view. Its foundations were laid back in the 70s of the last year, when the first operating systems were created. Back then, the problem of mass cyber threats practically did not exist.
Modern commercial operating systems are protected many times better, but the basic approaches to their construction have not changed much. Numerous holes shine in the software, which are patched with patches and imposed security measures, and sometimes are not fixed at all for years.
Anton Selyanichev (Senior Business Development Manager, IT Company)
This approach has certain drawbacks, because even if the vulnerability is eliminated or information security tools are improved, the malware can cause great damage to the victim company. How can this problem be solved? Change the approach to developing software and hardware products and solutions. We at the company have created our own approach, which we call cyber immunity.
The basic principle of cyber immunity can be formulated as follows. Security should be the foundation of each system, not an add-on. If now all vulnerabilities are covered by antivirus, then in the new type of operating systems the very architecture will act as a vaccination.
Anton Selyanichev (senior business development manager of an IT company)
The approach uses the concepts of security domains. A security domain is a function or block of software. And the interaction between these functions and blocks can only be carried out in the order laid down in the security policies.
Even if a vulnerability appears in one of the blocks, these security policies will not allow it to spread and gain access to the entire device.
Everything is built by analogy with a biological virus and human immunity. Malicious agents constantly enter our body, this is inevitable. But if a person has good immunity, the disease is easily tolerated, does not develop and does not progress to a severe stage. Cyber immunity works the same way. A virus can penetrate an operating system, but a well-designed architecture does not allow malicious code to develop success, so it is not able to disrupt the processes of the operating system performing its functions.
At the same time, the cost of human error is reduced. The user can use primitive passwords, fall into phishing networks or social engineering traps. A properly built operating system architecture will forgive outright stupidity, but will allow you to remain invulnerable to intruders.
Anton Selyanichev (Senior Business Development Manager, IT Company)
To create cyber-immune products based on our concept, it is necessary to use a certain operating system that is developed on the basis of this immune approach. We believe that products that are implemented on this cyber-immune approach will allow you to create a solution of any complexity, while being sure that they are resistant to any type of cyberattack.
Of course, hackers can bypass such sophisticated protection if they put in a lot of effort. But in this case, the cost of the attack becomes so expensive that its implementation is simply pointless. This approach is now being actively implemented by leading domestic IT companies. And on the territory of Moscow State University, a cyber-secure Russia of tomorrow is already being created.
Scientists are doing something amazing – quantum encryption. Humanity has learned to use encryption methods to protect data since ancient times. Then one of the most famous ways to encode information was the Caesar cipher. It was used to transmit messages between legions. The essence of the cipher was that a symbol – a letter or a number – in the open text was replaced by another symbol, shifted from it by several positions to the left or to the right.
The key to the cipher was the direction, shifting the number of steps. For example, our key to the right is 2. Thus, the letter "A" after encryption turns into the letter "B". And the word "Legion" - into the cipher "НЖЕКР". Cryptography reached its peak in the 20th century. During World War II, a unique encryption machine Enigma made a lot of noise.
Its use allowed the German fleet to dominate the Atlantic until the brilliant British scientist Alan Turing cracked the Enigma code. And now almost all data encryption systems have a critical vulnerability.
Anton Kozubov (researcher at the Laboratory of Quantum Processes and Measurements at ITMO University)
Today, almost all algorithms are based on factorization in one way or another. Factorization is the decomposition of a number into simple cofactors. Speaking on your fingers, what does this mean? It means that we have vegetables, and it is easy to cut them into a salad, and then to collect whole vegetables from the salad back, well, it is difficult. Of course, you can try, and it will work, but it will take quite a long period of time.
If you suddenly learn to do it quickly, then there will be no problems with decrypting our current information.
The speed of decryption directly depends on the computing power of the equipment that hackers have. If a criminal community gets their hands on some supercomputer, then it's all over.
Anton Kozubov (research associate at the Laboratory of Quantum Processes and Measurements at ITMO University)
Any sharp jump in computing could result in us all being left without money on our cards and someone stealing it all. This is very bad, so we need to do something about it. To do something about it, we need to move to a more fundamental level of information security.
A striking example of a new level of security is the first quantum communication line in Russia, operating on the territory of Moscow State University.
Nikolay Nikolaevich, hello, a test call.
However, from the outside you wouldn’t say that we are dealing with a caller of cutting-edge technologies. To the average person, a quantum phone may seem like a funny greeting from the past, some kind of hybrid of a handset and a tablet, but this is only at first glance.
Nikolay Sysoev (Dean of the Physics Department at Lomonosov Moscow State University)
What is quantum communication? This is a completely secure connection, that is, it is impossible to eavesdrop on it, it is impossible to interrupt it, it is impossible to write it off, any manipulations with this connection are impossible. It will be located in the communication centers that will distribute these quantum keys.
The key to encryption is carried by light quanta. The principle of operation is as follows. The transmission generates photons of light, remembers their state and sends them via fiber optics to the destination. It is impossible to wedge into this line and remain unnoticed.
Dmitry Gusev (Deputy General Director of an IT company)
Indeed, there is a physical principle that prohibits intercepting single photons without changing their state. Well, because all photons themselves are a unit of information. If you counted it, you essentially consumed this unit of information. There is no way, therefore, to do it in such a way that the photon itself is not damaged and continues to fly in this quantum channel.
Any attempt at unauthorized interception of photons immediately becomes noticeable. All the equipment needed for encryption is located at the service provider. And for the end user, talking on a quantum phone is no more difficult than on a regular one.
Sergey Kulik (Head of the Quantum Technologies Laboratory, Physics Department, Lomonosov Moscow State University)
Technical devices, between which keys for quantum are secretly distributed, are connected to each other by optical fiber. Now the technology has reached the point where not only speech is encrypted. You can transfer types, files, in general, texts, any. That is, in general, this is an electronic document flow.
At the initial stage, the network made it possible to generate the so-called single communication key between only two phones. Now the university quantum communication line already connects 20 points.
Dmitry Gusev (Deputy General Director of an IT company)
Then we took the next step and created a quantum key distribution system that already works in a star scheme. And, in fact, last year we successfully demonstrated this system live with MSU, having implemented the so-called university quantum network. And this quantum network continues to function at the moment, connecting several sites that are located at Moscow State University on Vorobyovy Gory, the old Moscow State University site, which is located in the center of Moscow, and our office, which is located near the Otradnaya metro station.
The company and Russian Railways decided to go even further, put photons on rails and create a quantum communication line between Moscow and St. Petersburg, on June 8, 2021, the date of which went down in history. After all, on this day, the first quantum teleconference in Russia took place. Deputy Prime Minister Dmitry Chernyshenko, Governor of St. Petersburg Alexander Beglov and General Director of PJSC Russian Railways Oleg Belozerov took part in the test video conference.
This is the first step of Russian Railways to create an all-Russian quantum network. Such a large-scale task was entrusted by the company and the government of the Russian Federation. The length of the first section of the national quantum network between Moscow and St. Petersburg was 700 kilometers. It became the longest in Europe and the second longest in the world after a similar Chinese line Shanghai-Beijing.
Anton Kozubov (research fellow, Laboratory of Quantum Processes and Measurements, ITMO University)
China has already outstripped the whole world by a long way, and they have built a network between their largest cities. This network is more than two thousand kilometers long, and inside each city they have large branched networks, in which there are about 50 nodes in each.
At significant distances, more than 100 kilometers, the loss of individual particles in the optical channel is inevitable, so photons are transferred over shorter sections between trusted nodes of the quantum network. There are 18 such typical nodes and several large data control centers on the Moscow-Saint Petersburg line. The main node of the system is located in Moscow in the main computing center of JSC Russian Railways and another one in Smolny, in Saint Petersburg.
The third powerful quantum communication facility is located in the middle between the capitals at the Data Processing Center in the city of Udomlya in the Tver Region, not far from the Kalinin Nuclear Power Plant. And this is just the beginning. By 2025, Russian Railways plans to build more than 7 thousand kilometers of quantum networks in Russia, as well as launch the production of equipment necessary for their creation.
In the future, Russian developers should take a significant share of the global market for quantum communication devices and quantum cryptography services. According to forecasts, by 2026 it will reach $291.9 million and will grow at a rate of 20.8%.
Dmitry Sklyarov (Head of Application Analysis Department, IT company)
These modern solutions are very expensive. Three years ago, subscriber server equipment cost about 35 million rubles. It is clear that no one would install such a thing at home, and probably no one would even install such a thing in the office, and it is not necessary. But there are some areas of application where these costs can be justified. Government communications, military technologies, some super-super-super security levels.
Quantum communication lines are as necessary as air for strategic and defense industrial enterprises, transport and energy infrastructure, and government agencies. However, large commercial organizations are also beginning to show genuine interest in them.
Dmitry Gusev (Deputy CEO of an IT company)
There is a company, a pioneer of these technologies, a Swiss company that historically created such equipment at the request of Swiss banks, and, in fact, people protected the channels of information transmission through which, in fact, banking secrecy circulated.
Quantum cryptography experts are confident that these technologies will one day become available to ordinary citizens.
Dmitry Sklyarov (Head of Application Analysis Department of an IT company)
In technology, this is an eternal story that the first prototypes turn out to be insanely expensive, but in 100 years or 20 years they take over the world. Take the same LCD screens, I remember the time when a 14-inch screen cost $2,000, and it was very expensive, and a 20-inch CRT cost $500, and why buy some LCD, it had poor color rendering. Ugh, where are these CRT screens, and no one knows them anymore. It's
just that the technology has been developed, honed, and probably the same will happen with quantum channels.
The country that puts their production on a conveyor belt will hit the jackpot. Therefore, the quantum race has already begun in the world. And Russia is among the leaders in it. For example, in February 2021, a group of Russian researchers updated the world record for the efficiency of classical post-processing algorithms in quantum cryptography systems.
Anton Kozubov (researcher at the Laboratory of Quantum Processes and Measurements at ITMO University)
In addition, we are also developing in open space, that is, relatively speaking, some quantum signals can also be transmitted between two telescopes.
On February 22, 2022, the first experiment in Russia on wireless transmission of a quantum key in open space at 180 and 3100 meters took place on the roof of the Moscow Institute of Technology. During the experiment, atmospheric optical communication terminals designed to exchange data using a laser beam were installed and pointed at each other. For a week, a team of researchers observed the operation of the equipment in conditions of high humidity, rain, snow, fog, smog, sunlight and artificial lighting.
In general, wireless quantum communication is a trend of recent years. Chinese scientists have achieved incredible success in this area. They were even able to transmit a quantum cryptographic key from a satellite to a ground terminal through the thickness of the earth's atmosphere.
Anton Kozubov (researcher at the Laboratory of Quantum Processes and Measurements, ITMO University)
The Chinese are also great, they launched a quantum satellite, That is, they have already put quantum communications into orbit, which will allow us, in principle, to connect continents using such technology.
In the new world, entangled in quantum networks, its own spiders are already appearing.
Anton Kozubov (researcher at the Laboratory of Quantum Processes and Measurements at ITMO University)
Quantum hackers, so-called, in particular, there is one specialist, his name is Vadim Makarov, the creator of this area of quantum hacking, and he has his own large laboratory and a very large background in this whole business. We had, again, joint research with him, we tested our system. Actually, thanks to the research conducted together with him, we eliminated a number of vulnerabilities in our system.
But quantum communication is invulnerable. Not quite so. And it can be hacked. But only if hackers manage to get inside the equipment that ensures the operation of the quantum communication line. And it is very difficult to gain access to it. On the other hand, as we have already found out, it is possible to hack absolutely everything. Therefore, if you find yourself on the PositiveHackDays forum in some distant 2050, you will probably meet a lot of hackers there, only not ordinary ones, but quantum ones, or some even more advanced guys.
After all, that is why we love modern technologies, because they never stand still.
IT crimes are becoming a serious threat not only to ordinary users. Medium and large businesses, entire industries and government agencies regularly suffer from hacker attacks. And this trend must be reversed! How to make our country cyber-secure? What is quantum cryptography? And where is the main cyber battle between information security specialists and real hackers taking place? What is NFT? What is a quantum phone and what is it for?
Russia is confidently among the TOP-10 countries in the world with the highest level of cybersecurity. This is confirmed by regular UN reports. At the level of the United Nations, the problem of hacker attacks is now receiving much attention. It is not surprising, because we live in the digital age.
Alexey Novikov (Director of the Expert Security Center)
Digitalization is advancing at a leaps and bounds. New services, new gadgets, new devices, the Internet of things, the constant digitalization of various services. Yes, it is convenient, you don’t have to go anywhere else, but open a website, government services, or some other one, and do everything via the Internet. And, unfortunately, most people in the race for this figure think about information security at the last moment. Or do not think about it at all until some high-profile incident occurs.
And there are many, many examples of this.
IT crimes are becoming a serious threat not only to ordinary users. Medium and large businesses, entire industries and government agencies regularly suffer from hacker attacks. This trend must be reversed.
Life in a modern city is constant interaction with digital systems. Wireless Internet waves, programs, codes are an integral part of our habitat. Each person leaves a digital trace in the concrete jungle, which can be followed by hunters for confidential information. In any passing car there may be a person who is ready to take what is lying around in our gadgets. An experienced hacker knows that everything can be hacked.
For example, attackers want to penetrate the network of a large company via Wi-Fi. All they need is a tinted minivan, an antenna, a couple of smart guys with laptops and a fake pass to the territory of company "X". The antenna is directed to the Wi-Fi zone. A little hacker magic - and that's it. The attacker is no longer in the car. Now it's as if he is sitting in the office, like an ordinary employee. Through a hacked Wi-Fi, a hacker can penetrate anywhere.
To accountants' computers and bank accounts. To mail servers with top management correspondence. To software developers' cloud storage or to the production management system. Every company has vulnerabilities through which it can get what it is afraid of losing. And hackers actively use this.
Anton Selyanichev (senior business development manager of an IT company)
The fact is that the more we implement and use smart technologies, and in particular, the Internet of Things, the more vulnerable companies and their assets are to cyberattacks. Let me give you a classic example. In 2018, attackers gained access to confidential data of a Las Vegas casino by hacking, pay attention, a thermostat in an aquarium, which for some reason was connected to the corporate network.
That is, it seems to be a completely ordinary thing, but it is a springboard for an attacker to gain access to confidential data, possibly personal data of casino users.
Every year, there are more and more cybercriminals in the world. After all, when switching to digital, they have two very important advantages - no borders and almost complete impunity.
Alexey Novikov (Director of the Expert Security Center)
: That is, a person who lives in Ukraine, his citizenship is some other strange one, and he rents a dedicated server somewhere in Asia, a number of proxies, there, Germany, the Netherlands, the USA, whoever. And then he attacks some company in Russia. In order to unravel and find this attacker, coordination, cooperation of a huge number of companies, law enforcement agencies, official requests, and so on, and so forth are necessary.
All this takes a lot of time, and, accordingly, these crimes are solved for a very long time.
But they are committed very quickly, and often hackers do not even have to leave home to do this.
Alexey Novikov (Director of the Expert Security Center)
Attackers currently understand perfectly well that if earlier, in order to, roughly speaking, steal money, as in Hollywood movies, it was necessary to stop a collector, or blow up an ATM or something else, now it is possible to gather groups of people located in different countries, just be an effective manager, divide the tasks and steal significantly larger sums of money from a bank or from an organization that has quite a lot of money in their account.
To counter this international criminal community, Russian information security specialists regularly conduct cyber exercises.
Positive Hack Days is the largest cybersecurity forum in the country. More than 8 thousand visitors and over 127 thousand viewers online. Such a surge of interest is caused by the appearance of real hackers on the forum.
Every year, virtual hacking virtuosos from different countries come to Moscow to participate in TheStandOff. This is the largest open cyber battle in the world. It is taking place in state F. In essence, it is a model, which presents the main city infrastructure and key industries.
Oleg Ivanov (head of development of the cyber polygon "The Standoff")
Yes, this city infrastructure also includes an amusement park with a circular observation deck and a lot more. We have a full reproduction process at a metallurgical plant, we also have a transport company, railway, sea transportation, plus air and so on. Here, and there is also the energy sector.
Don't be confused by the childish size of the state F, in fact, everything here is for adults.
Alexey Novikov (Director of the Expert Security Center)
Business can actually see in practice whether it is possible to move a switch on a railway and push two trains together. Because the controller that is there is a real physical controller. They are visible industrial SUTP controllers. And within this framework, we directly work out and watch how products behave, how information security copes, we track new techniques and tactics
that hackers bring.
Seventeen red teams of experienced hackers are trying to break through the defense and paralyze the life of the virtual state F.
Egor Bogomolov (hacker)
We are having fun in destroying them as much as possible, in order to realize some risk, I don’t know, turn them into a cauldron, spill iron or, I don’t know, stop an airplane or, I don’t know, create free tickets. Anything.
The army of hackers is opposed by the blue team, the defenders. These are cybersecurity specialists from leading Russian companies.
Sergey Noskov (captain of the defender team)
Each team was given its own segment. Oil, energy, railway transport. In particular, we will provide the segments entirely with energy. All of our sites are entirely related to energy, and, accordingly, the entire infrastructure too.
The list of energy complex facilities is displayed on the main board of the forum. The defenders can see successful hacker attacks on their segments in real time.
Sergey Noskov (captain of the defender team):
This is for us the shutdown of the electric power station, the shutdown of wind turbines. From the user and administrative segment, this is the spread of the ransomware virus, the introduction of malware into the development process, the theft of confidential information, and others. There are also lists of successful attacks that hackers need to implement. And we, accordingly, control them all.
According to the terms of the cyber battle, defenders cannot stop hacker attacks. Their task is to find out how the unacceptable became possible.
Sergey Noskov (captain of the defender team) :
We will not be able to resist hackers in any way, because we have selected track monitoring, and we can only analyze the traffic that comes from the infrastructure sources within their stands that have been developed. And as part of providing reports, if a successful incident has occurred on any of the infrastructure assets, we provide, along with detailed information about this incident, we provide a response event.
The task of the defenders is to defeat the enemy on paper. In fact, to prescribe a sequence of actions that will stop the criminal at one of the lines of defense.
Alexey Novikov (Director of the Expert Security Center)
In matters of information security, it is impossible to build information security so that computer incidents do not happen. But it is necessary to build it so that even if an incident did happen, this incident would in no way lead to the implementation of these unacceptable events, so that money was stolen, production was stopped, or the infrastructure was encrypted. The information security system must be echeloned.
The action of a team of hackers resembles the storming of a fortress. Each soldier has his own tasks.
Egor Bogomolov (hacker)
My direction is the direction of primary attacks. That is, I break through, an information resource, so to speak, I break through, jargon, I hack them primarily and give them to those who begin to dig deeper into them and try to gain a foothold further, to penetrate them, and so on. And I move on to another system. Because all hackers do not actually do everything at once. Each specializes in a separate topic that is close to him, interesting, and so on. Here is my topic of a web application, external services, public. The topic of a friend's colleague, maybe a local network.
Storming states F teams of hackers fight not only with defenders, but also among themselves. For each successful hack they receive points. The team that causes the greatest damage to the infrastructure will become the winner in the overall standings. However, this is rather a pleasant bonus. The main goal of the so-called "white" hackers is to gain professional experience.
Egor Bogomolov (hacker)
Well, in general, all hackers are necessarily curious. Whites simply do not cross the line, yes, that is, they do not violate someone's privacy or anything else. Globally, that is, all specialists in security analysis or so-called penetration testing, who, in general, are engaged in hacking, only legal.
Private companies and government agencies regularly engage white hackers to check the security of their systems. So in this case, both sides, both red and blue, work in the name of cybersecurity. Specialists from the defense side also compete with each other. Their work is assessed by a jury consisting of the strongest experts.
Oleg Ivanov (Head of Development of the Cyber-Pool "The Standoff")
Defenders can investigate incidents that they see in the infrastructure and send the jury for validation. And also, when a business risk is realized for them, when the attackers have implemented something, namely a specific task, the defenders must fully investigate this incident. Since they recorded it all step by step, they, in principle, only have to glue it all together and send it for validation. That's how the process is arranged.
But again, the most important thing that the blues will take away from the forum is invaluable experience.
Oleg Ivanov (Head of Development of the Cyber-Pool "The Standoff")
As for the blues, it is mainly interesting for large companies to participate here in order to hone their skills, plus use some new products, choose between other products. Blue teams can experiment here, they cannot afford this in real life. Because to launch a hacker right close to your heart and see how he will act is a very big risk. And here the risks are minimal for them, and the experience is colossal.
The experience gained will help cybersecurity specialists to resist real dark hackers. They can attack a variety of objects, for example, the infrastructure of an oil company. Such attacks are not so rare.
Sergey Noskov (captain of the defenders team)
Of course, first of all, it is necessary for hacker groups that work for foreign countries, this is first of all. Second on the list are hackers who pursue some goal, a financial goal, just to undermine the authority of some company, competitors. And the third area is just lone hackers, beginners who just want to practice on some infrastructure.
The cyber training ground is exactly the place where professionals learn to resist the most sophisticated and insidious hacker attacks. How successfully they will succeed will become clear in four days. That is how long the main cyber battle lasts.
And for those hackers who do not participate, the forum organizers have provided many other competitions. One of the most interesting is The Stand of Digital Art. Is it possible to steal a work of art without leaving home? It turns out that yes, if it is in the Metaverse. This term was first introduced in 1992 by Neal Stephenson in his science fiction novel Snow Crash to describe a comprehensive 3D virtual world that imitates, complements, improves and connects with physical reality.
And thanks to the cult film The Matrix, the Metaverse entered the mainstream. Now anyone can get into it. All you need to do is buy a virtual reality headset or use an augmented reality app on your smartphone. Visitors to the modern Metaverse use it to physically interact in the virtual world, where they take the form of avatars.
There you need to communicate, play games, walk around the digital space, look at interesting objects.
Denis Matveev (advanced user of the Metaverse)
You can take out your phone and watch any things that are in this meta-verse, which is created by the users themselves, who are created by the developers. Enjoy, earn on it, where would we be without it. And, of course, there are various values that we need to keep safe. These are NFT, Non-Fungible Tokens, which can be used absolutely as you want. They are made in the form of 3D models, and they can really be art, art, just come and watch.
You can make various attractions, relatively speaking, some bloggers can go to the project and create something unique, while clicking on the same augmented picture, model, and possibly get another token of another project.
We can say that we live in the era of NFT. The trading volume on this market is more than 40 billion dollars a year. Classic works of art are sold for about the same amount. Virtual currency, tokens allow everyone to own unique items. When artists, especially during quarantine, had new opportunities to sell their works, cyber fraudsters came on the scene. Blockchain remembers everything. This is what hackers can use.
Denis Matveyev (advanced Metaverse user)
The NFT itself, as we assume, a model, a picture, and so on, is a kind of code, a kind of smart contract. And hackers are looking for a vulnerability in it, where it is easiest to enter it and replace the information with another. Perhaps with a reference to another contract. And so that the human user then, roughly speaking, “Oh, I poke at my favorite lock, with which I can receive silver, again, our meta-universe,” he actually gets, roughly speaking, poke send this silver, but he does not send it to his wallet, not to his own, but directs it to another.
And in this case, the hacker almost has the opportunity to get all the funds, transfer them to his wallet, and then resell them for a higher price. Well, I'll tell the guys how to do it. The guys themselves will find where to quietly drain it, but we would not like that. We want users to have the opportunity, of course, to use this and feel that all the funds they transferred from the real world have been supplemented, so that they are safe.
The best way to test the reliability of the meta gallery is to launch hackers there. During the competition, they will try to steal crypto art from real artists.
Andrey Sologub (Metaverse developer)
Our Russian artists have prepared their works especially for today's event. They have made several paintings, which we have converted into NFT, put on the Ethereum network and placed on our digital lands. Small loopholes in the smart contract were also specially made to make it possible to carry out the theft operation.
Because, in fact, our protection is very serious.
The most interesting thing is that the theft process can be observed in real time through the application. Every time tokens appear in the hacker's wallet, an art object disappears from a special tree in the Metaverse. The results of the competition prove the relevance of this direction. After all, hackers closely follow trends, and all the latest technologies instantly fall into their field of vision. Companies that deal with information security must be one step ahead of intruders, take measures, create new products that ensure cybersecurity.
One of such innovative products was once biometrics. Methods of user identification using a face image, retina or fingerprint have long been adopted by a variety of services. At first glance, they seem to us to be as reliable as possible, but biometrics has its vulnerabilities.
A separate competition, "Hackers' tasks - bypass the biometric system", is dedicated to them at the forum.
Alexandra Murzina (Head of Advanced Technologies Department of an IT company)
This is a specific task, it is very limited, unlike real life, but it is something specific, yes. For example, a website, and you need to log in using a photo of a user. Accordingly, these services are vulnerable in advance. We have embedded vulnerabilities in them, participants need to find them and implement the risk that may exist in reality.
Successful bypasses of biometrics by hackers allow developers to clearly demonstrate the vulnerabilities of such systems.
Alexandra Murzina (Head of Advanced Technologies Department of an IT company)
And, on the other hand, this is an opportunity for specialists who are engaged in machine learning, biometrics, to also look at these tasks and understand how this is possible, so that they can then take it into account when developing their services.
Their number is growing every year. For example, Russian financial institutions have begun large-scale implementation of biometric ATMs. In general, a modern ATM is not just a machine with money. It is a computer to which hackers can successfully pick up an electronic key.
Maxim Kostikov (bank representative)
This is a competition for hacking ATMs. That is, we have an ATM stand here, when hacked, money will be given out. Since there is one ATM, and many participants, there is a separate table where the participants sit and hack virtual machines with ATMs, where there is a task. Accordingly, the essence of the competition is to hack two virtual machines, get all the privileges on the system, bypass the kiosk. Well, in general, to make an attack close to reality, which can be done by intruders.
There are two options for real hacker attacks on ATMs. In the first case, the intruder can gain access to the service area. Open the door with a crowbar, drill or fake key. Then he directly connects to the computer and bypasses the kiosk. In fact, he forces the ATM to give him all the money. And the second method is called "BlackBox". In this case, the criminal attacks the dispenser, which is responsible for issuing cash.
He disconnects the wire from the dispenser to the computer and connects it to his laptop. Then he directly issues a command to the dispenser and takes the money.
Maxim Kostikov (bank representative)
A prepared attacker attacks an ATM, well, at least five minutes, maximum ten minutes. He carried out a planned attack, took the money and left.
White hackers who break into an ATM have an easier task than real criminals. They do not need a crowbar or a drill. They already have access to the ATM software.
Maxim Kostikov (bank representative)
In this case, the guys are engaged in the first stage of logical attacks. That is, bypass, kiosk, bypass of security tools, privilege escalation. And after each solved task, the ATM gives out money, thereby showing that it has been hacked. Now an ATM has been hacked. And as we can see, money was given out, the ATM lights up, which means something happened.
We look at how many tasks were solved and how quickly people solve these tasks. Who is faster, who is better. Competitive mode.
Representatives of banks are also closely watching the competition. In fact, it is held in order to show their vulnerability to such threats.
Maxim Kostikov (representative of the bank)
We show that if the ATM is not sufficiently protected, then the level of the intruder who can approach it and hack it is quite low. Since this is a conference, people come here, including from the banking sector, and, seeing how an ATM is hacked, they make logical conclusions that they should not do this.
By the way, the banking sector in Russia is quite reliably protected from cyber threats. This is confirmed by the course of the main cyber battle. Almost all the companies presented in the model suffered at the hands of hackers. With the exception of the banking system of state "F". It turns out that we can be absolutely calm about our hard-earned money? Or not? Bank card fraud is one of the most common ways to steal money.
According to statistics provided by the central bank, criminals annually withdraw more than 1.3 billion rubles from customer accounts.
Pavel Kuznetsov (Deputy Managing Director for Cybersecurity Technologies of an IT company)
If we are talking specifically about fraud, then the share of fraudulent crimes is indeed growing, growing, growing every year, almost exponentially. For the simple reason that, probably, the world of information technology is now such a modern Wild West, the Wild West, because it is much easier to carry out a sociotechnical attack on a bank client or a bank employee and extract confidential information from them, or force
them to make a transfer by contacting them via IP telephony or email, or another method of electronic communication, than to put a gun to their head in an alley. Moreover, the second is still punishable by law much more strictly than the first.
It is very difficult to solve this problem, because the weakest link in the defense is the clients, who have to be taught basic personal cyber hygiene.
Pavel Kuznetsov (Deputy Managing Director for Cybersecurity Technologies of an IT company)
Including the Central Bank and representatives of at least large organizations in the banking sector, now almost everyone has a program to improve the cyber literacy of the population and with the population, namely with individuals with us. Organizations work with you and try to explain to them which calls may be fraudulent, that in no case should you tell the operator by phone if you receive a corresponding call, or via another communication channel, including email or electronic messengers.
Although security service employees work daily to eliminate the possibility of theft of funds. Criminals come up with new schemes for fraud with bank cards. But perhaps the final victory over the intruders will be achieved with the help of artificial intelligence. Products based on it are already being actively implemented by banks.
Pavel Kuznetsov (Deputy Managing Director for Cybersecurity Technologies of an IT company)
Artificial intelligence technology is perhaps one of the largest and closest technological directions to the development of such products. Accordingly, the second direction, also very close to machine learning, is actually data mining. That is, both are tied to the training of expert systems, the detection of fraudulent transactions, separating them from legitimate ones, based on the processing of huge amounts of transaction data, both legitimate and illegitimate transactions.
Under the guidance of specialists, the electronic brain gradually learns to make decisions about which payment is legitimate and which is suspicious. Artificial intelligence blocks such payments just in case, because the client or the financial institution itself may suffer. After all, advanced hackers are able to commit large-scale thefts directly from correspondent bank accounts. We can talk about colossal sums, so expensive innovative artificial intelligence products will be implemented here first of all.
Pavel Kuznetsov (Deputy Managing Director for Cybersecurity Technologies of an IT company)
For this purpose, we are now offering the market the concept of our meta-product O2. In decoding, "detect" and "stop". Accordingly, we detect the intruder at the stage of his attempts to penetrate the system, and before he reaches the implementation of an unacceptable event, we restore him.
Plus, understanding the absolutely serious market problem of shortage of personnel, shortage of experts, shortage of specialists in the field of cybersecurity, our product will allow implementing such effective cybersecurity, covering specific risk areas with minimal involvement of expert human power. If there is at least one specialist, he has basic skills in the field of cybersecurity, he will be able to use this product effectively.
Maybe that is why white hackers failed to take the bank "State F" in 4 days of cyber battle? The forum jury is already summing up the results of the battle. Who won? Who lost? Which objects were the best protected, and which, on the contrary, were attacked with maximum damage? This year the cyber battle turned out to be epic. The attackers implemented unacceptable events 63 times.
Moreover, 30 of them were unique. By the way, absolutely any company that wants to pump up its cyber defense can participate in the annual hacker forum.
Oleg Ivanov (head of development of the cyber polygon "The Standoff")
There are various formats when a company can directly place its software or its developments on our infrastructure. But the main thing is that many companies, already mature ones, have their own separate stands on which they can launch attackers. And the company simply uses the platform in Ak-Bounty, because this platform is funny because a lot of attention from hackers who search for vulnerabilities.
The more such advanced companies there are, the higher the overall level of cybersecurity in the country will be.
Alexey Novikov (Director of the Expert Security Center)
If each of the companies that influences and has a key importance for the industry, raises its level of information security, then the entire industry will become more protected. When in a state of such industries, roughly speaking, all key industries become safe, then the security of this particular one state will become significantly higher.
And Russia is actively moving in this direction, that is, both Federal Law No. 187, "On the Security of Critical Information Infrastructure", and the State Defense Industry Complex, which is being created, this is, in principle, all about this.
And our country should have good cyber immunity. In May 2017, a real cyber pandemic broke out on the planet. The Wona Cry encryption worm infected more than 200 thousand computers in 150 countries. Factories around the world stopped, hospitals were paralyzed, government agencies, banks, and telecommunications companies suffered. Estimates of the damage from this epidemic vary from several hundred million to several billion dollars.
But why are such large-scale cyberattacks possible at all? The reason is the vulnerabilities in the architecture of the operating systems that we use every day. They are built on a shaky foundation, from a security point of view. Its foundations were laid back in the 70s of the last year, when the first operating systems were created. Back then, the problem of mass cyber threats practically did not exist.
Modern commercial operating systems are protected many times better, but the basic approaches to their construction have not changed much. Numerous holes shine in the software, which are patched with patches and imposed security measures, and sometimes are not fixed at all for years.
Anton Selyanichev (Senior Business Development Manager, IT Company)
This approach has certain drawbacks, because even if the vulnerability is eliminated or information security tools are improved, the malware can cause great damage to the victim company. How can this problem be solved? Change the approach to developing software and hardware products and solutions. We at the company have created our own approach, which we call cyber immunity.
The basic principle of cyber immunity can be formulated as follows. Security should be the foundation of each system, not an add-on. If now all vulnerabilities are covered by antivirus, then in the new type of operating systems the very architecture will act as a vaccination.
Anton Selyanichev (senior business development manager of an IT company)
The approach uses the concepts of security domains. A security domain is a function or block of software. And the interaction between these functions and blocks can only be carried out in the order laid down in the security policies.
Even if a vulnerability appears in one of the blocks, these security policies will not allow it to spread and gain access to the entire device.
Everything is built by analogy with a biological virus and human immunity. Malicious agents constantly enter our body, this is inevitable. But if a person has good immunity, the disease is easily tolerated, does not develop and does not progress to a severe stage. Cyber immunity works the same way. A virus can penetrate an operating system, but a well-designed architecture does not allow malicious code to develop success, so it is not able to disrupt the processes of the operating system performing its functions.
At the same time, the cost of human error is reduced. The user can use primitive passwords, fall into phishing networks or social engineering traps. A properly built operating system architecture will forgive outright stupidity, but will allow you to remain invulnerable to intruders.
Anton Selyanichev (Senior Business Development Manager, IT Company)
To create cyber-immune products based on our concept, it is necessary to use a certain operating system that is developed on the basis of this immune approach. We believe that products that are implemented on this cyber-immune approach will allow you to create a solution of any complexity, while being sure that they are resistant to any type of cyberattack.
Of course, hackers can bypass such sophisticated protection if they put in a lot of effort. But in this case, the cost of the attack becomes so expensive that its implementation is simply pointless. This approach is now being actively implemented by leading domestic IT companies. And on the territory of Moscow State University, a cyber-secure Russia of tomorrow is already being created.
Scientists are doing something amazing – quantum encryption. Humanity has learned to use encryption methods to protect data since ancient times. Then one of the most famous ways to encode information was the Caesar cipher. It was used to transmit messages between legions. The essence of the cipher was that a symbol – a letter or a number – in the open text was replaced by another symbol, shifted from it by several positions to the left or to the right.
The key to the cipher was the direction, shifting the number of steps. For example, our key to the right is 2. Thus, the letter "A" after encryption turns into the letter "B". And the word "Legion" - into the cipher "НЖЕКР". Cryptography reached its peak in the 20th century. During World War II, a unique encryption machine Enigma made a lot of noise.
Its use allowed the German fleet to dominate the Atlantic until the brilliant British scientist Alan Turing cracked the Enigma code. And now almost all data encryption systems have a critical vulnerability.
Anton Kozubov (researcher at the Laboratory of Quantum Processes and Measurements at ITMO University)
Today, almost all algorithms are based on factorization in one way or another. Factorization is the decomposition of a number into simple cofactors. Speaking on your fingers, what does this mean? It means that we have vegetables, and it is easy to cut them into a salad, and then to collect whole vegetables from the salad back, well, it is difficult. Of course, you can try, and it will work, but it will take quite a long period of time.
If you suddenly learn to do it quickly, then there will be no problems with decrypting our current information.
The speed of decryption directly depends on the computing power of the equipment that hackers have. If a criminal community gets their hands on some supercomputer, then it's all over.
Anton Kozubov (research associate at the Laboratory of Quantum Processes and Measurements at ITMO University)
Any sharp jump in computing could result in us all being left without money on our cards and someone stealing it all. This is very bad, so we need to do something about it. To do something about it, we need to move to a more fundamental level of information security.
A striking example of a new level of security is the first quantum communication line in Russia, operating on the territory of Moscow State University.
Nikolay Nikolaevich, hello, a test call.
However, from the outside you wouldn’t say that we are dealing with a caller of cutting-edge technologies. To the average person, a quantum phone may seem like a funny greeting from the past, some kind of hybrid of a handset and a tablet, but this is only at first glance.
Nikolay Sysoev (Dean of the Physics Department at Lomonosov Moscow State University)
What is quantum communication? This is a completely secure connection, that is, it is impossible to eavesdrop on it, it is impossible to interrupt it, it is impossible to write it off, any manipulations with this connection are impossible. It will be located in the communication centers that will distribute these quantum keys.
The key to encryption is carried by light quanta. The principle of operation is as follows. The transmission generates photons of light, remembers their state and sends them via fiber optics to the destination. It is impossible to wedge into this line and remain unnoticed.
Dmitry Gusev (Deputy General Director of an IT company)
Indeed, there is a physical principle that prohibits intercepting single photons without changing their state. Well, because all photons themselves are a unit of information. If you counted it, you essentially consumed this unit of information. There is no way, therefore, to do it in such a way that the photon itself is not damaged and continues to fly in this quantum channel.
Any attempt at unauthorized interception of photons immediately becomes noticeable. All the equipment needed for encryption is located at the service provider. And for the end user, talking on a quantum phone is no more difficult than on a regular one.
Sergey Kulik (Head of the Quantum Technologies Laboratory, Physics Department, Lomonosov Moscow State University)
Technical devices, between which keys for quantum are secretly distributed, are connected to each other by optical fiber. Now the technology has reached the point where not only speech is encrypted. You can transfer types, files, in general, texts, any. That is, in general, this is an electronic document flow.
At the initial stage, the network made it possible to generate the so-called single communication key between only two phones. Now the university quantum communication line already connects 20 points.
Dmitry Gusev (Deputy General Director of an IT company)
Then we took the next step and created a quantum key distribution system that already works in a star scheme. And, in fact, last year we successfully demonstrated this system live with MSU, having implemented the so-called university quantum network. And this quantum network continues to function at the moment, connecting several sites that are located at Moscow State University on Vorobyovy Gory, the old Moscow State University site, which is located in the center of Moscow, and our office, which is located near the Otradnaya metro station.
The company and Russian Railways decided to go even further, put photons on rails and create a quantum communication line between Moscow and St. Petersburg, on June 8, 2021, the date of which went down in history. After all, on this day, the first quantum teleconference in Russia took place. Deputy Prime Minister Dmitry Chernyshenko, Governor of St. Petersburg Alexander Beglov and General Director of PJSC Russian Railways Oleg Belozerov took part in the test video conference.
This is the first step of Russian Railways to create an all-Russian quantum network. Such a large-scale task was entrusted by the company and the government of the Russian Federation. The length of the first section of the national quantum network between Moscow and St. Petersburg was 700 kilometers. It became the longest in Europe and the second longest in the world after a similar Chinese line Shanghai-Beijing.
Anton Kozubov (research fellow, Laboratory of Quantum Processes and Measurements, ITMO University)
China has already outstripped the whole world by a long way, and they have built a network between their largest cities. This network is more than two thousand kilometers long, and inside each city they have large branched networks, in which there are about 50 nodes in each.
At significant distances, more than 100 kilometers, the loss of individual particles in the optical channel is inevitable, so photons are transferred over shorter sections between trusted nodes of the quantum network. There are 18 such typical nodes and several large data control centers on the Moscow-Saint Petersburg line. The main node of the system is located in Moscow in the main computing center of JSC Russian Railways and another one in Smolny, in Saint Petersburg.
The third powerful quantum communication facility is located in the middle between the capitals at the Data Processing Center in the city of Udomlya in the Tver Region, not far from the Kalinin Nuclear Power Plant. And this is just the beginning. By 2025, Russian Railways plans to build more than 7 thousand kilometers of quantum networks in Russia, as well as launch the production of equipment necessary for their creation.
In the future, Russian developers should take a significant share of the global market for quantum communication devices and quantum cryptography services. According to forecasts, by 2026 it will reach $291.9 million and will grow at a rate of 20.8%.
Dmitry Sklyarov (Head of Application Analysis Department, IT company)
These modern solutions are very expensive. Three years ago, subscriber server equipment cost about 35 million rubles. It is clear that no one would install such a thing at home, and probably no one would even install such a thing in the office, and it is not necessary. But there are some areas of application where these costs can be justified. Government communications, military technologies, some super-super-super security levels.
Quantum communication lines are as necessary as air for strategic and defense industrial enterprises, transport and energy infrastructure, and government agencies. However, large commercial organizations are also beginning to show genuine interest in them.
Dmitry Gusev (Deputy CEO of an IT company)
There is a company, a pioneer of these technologies, a Swiss company that historically created such equipment at the request of Swiss banks, and, in fact, people protected the channels of information transmission through which, in fact, banking secrecy circulated.
Quantum cryptography experts are confident that these technologies will one day become available to ordinary citizens.
Dmitry Sklyarov (Head of Application Analysis Department of an IT company)
In technology, this is an eternal story that the first prototypes turn out to be insanely expensive, but in 100 years or 20 years they take over the world. Take the same LCD screens, I remember the time when a 14-inch screen cost $2,000, and it was very expensive, and a 20-inch CRT cost $500, and why buy some LCD, it had poor color rendering. Ugh, where are these CRT screens, and no one knows them anymore. It's
just that the technology has been developed, honed, and probably the same will happen with quantum channels.
The country that puts their production on a conveyor belt will hit the jackpot. Therefore, the quantum race has already begun in the world. And Russia is among the leaders in it. For example, in February 2021, a group of Russian researchers updated the world record for the efficiency of classical post-processing algorithms in quantum cryptography systems.
Anton Kozubov (researcher at the Laboratory of Quantum Processes and Measurements at ITMO University)
In addition, we are also developing in open space, that is, relatively speaking, some quantum signals can also be transmitted between two telescopes.
On February 22, 2022, the first experiment in Russia on wireless transmission of a quantum key in open space at 180 and 3100 meters took place on the roof of the Moscow Institute of Technology. During the experiment, atmospheric optical communication terminals designed to exchange data using a laser beam were installed and pointed at each other. For a week, a team of researchers observed the operation of the equipment in conditions of high humidity, rain, snow, fog, smog, sunlight and artificial lighting.
In general, wireless quantum communication is a trend of recent years. Chinese scientists have achieved incredible success in this area. They were even able to transmit a quantum cryptographic key from a satellite to a ground terminal through the thickness of the earth's atmosphere.
Anton Kozubov (researcher at the Laboratory of Quantum Processes and Measurements, ITMO University)
The Chinese are also great, they launched a quantum satellite, That is, they have already put quantum communications into orbit, which will allow us, in principle, to connect continents using such technology.
In the new world, entangled in quantum networks, its own spiders are already appearing.
Anton Kozubov (researcher at the Laboratory of Quantum Processes and Measurements at ITMO University)
Quantum hackers, so-called, in particular, there is one specialist, his name is Vadim Makarov, the creator of this area of quantum hacking, and he has his own large laboratory and a very large background in this whole business. We had, again, joint research with him, we tested our system. Actually, thanks to the research conducted together with him, we eliminated a number of vulnerabilities in our system.
But quantum communication is invulnerable. Not quite so. And it can be hacked. But only if hackers manage to get inside the equipment that ensures the operation of the quantum communication line. And it is very difficult to gain access to it. On the other hand, as we have already found out, it is possible to hack absolutely everything. Therefore, if you find yourself on the PositiveHackDays forum in some distant 2050, you will probably meet a lot of hackers there, only not ordinary ones, but quantum ones, or some even more advanced guys.
After all, that is why we love modern technologies, because they never stand still.
