KEY CONCLUSIONS
Cyberattacks damage economies, both globally
and in Russia
«In the global risks report prepared by
the World Economic Forum, cyberattacks take the fifth place. In 2018, the global
economy lost USD 1.5 trillion to cyberattacks. The damage is expected to reach
8 trillion by 2022 and 90 trillion by 2030,» — Dmitry Samartsev Chief Executive
Officer, BI.ZONE.
«Russian economy lost RUB 2.5 trillion
in 2019,» — Stanislav Kuznetsov Deputy Chairman of the Executive Board,
Sberbank.
International standards and rules on cybersecurity
must be designed and implemented
«We need unified standards, as criminals
do not respect any borders, whereas nations do. If we do not establish unified rules
the risks are going to keep growing,» — Stanislav Kuznetsov Deputy Chairman of
the Executive Board, Sberbank.
Preventive measures are to be prioritized
to defeat cybercrime
«Cybercriminals are not standing still.
In order to defeat them we need to analyze the future threats, we need build proper
processes and start implementing on preventive measures,» — Stanislav Kuznetsov
Deputy Chairman of the Executive Board, Sberbank.
Collaboration is a mandatory
prerequisite to battling cybercrime
«The global community needs to learn to cooperate and join forces to fight cybercrime. Data exchange, design and implementation of unified cybersecurity standards, joint personnel development and improvement of cyberliteracy will allow for a joint response to the cyberthreat,» — Stanislav Kuznetsov Deputy Chairman of the Executive Board, Sberbank.
PROBLEMS
Cybercriminals are far more efficient in
using cutting edge technologies than many companies and they act across the
borders
«We are half a step or step behind the cybercriminals,»
— Stanislav Kuznetsov Deputy Chairman of the Executive Board, Sberbank.
«Zero day attacks using previously unknown
malware are taking place daily, whereas just a year ago they occurred maybe
once a week,» — Dmitry Samartsev Chief Executive Officer, BI.ZONE.
«2 January we thwarted an attack: it
was 34 million packets per second coming from 1.5 million cameras scattered all
around the world. Over a million smart devices in a single attack — it is an unprecedented
case that illustrates the rapid development of cybercrime,» — Stanislav
Kuznetsov Deputy Chairman of the Executive Board, Sberbank.
«Today, there are plenty of communities
designing frameworks for AI technologies. These are our future threats, much
like the developing 5G technologies: they present an opportunity for
cybercriminals to rev up the attacks by dozens or even hundreds of times. Darknet
helps them coordinate their efforts,» — Dmitry Samartsev Chief Executive
Officer, BI.ZONE.
«AI technology is used to make fake news:
criminals emulate news and use them to attack corporations. These attacks are
still very efficient, especially when combined with phishing,» — Dmitry Samartsev
Chief Executive Officer, BI.ZONE.
«In 2019, Russia and Eastern Europe-based
RTV hacking squad was particularly active. Criminals did thousands of mass send-outs
with attached malware to tens of thousands of Russian companies. They aimed to infiltrate
operating systems, above all accounting software. In dozens of reported cases they
managed to steal companies’ funds,» — Stanislav Kuznetsov Deputy Chairman of
the Executive Board, Sberbank.
Private companies and SMEs in particular
are not sufficiently protected from cyberthreats compared to state-run
infrastructure elements
«Nowhere in the world are companies stress-resistant
adequately to the threat level. We lack mandatory rules. Many critical infrastructure
elements have them already, while businesses still do not,» — Stanislav
Kuznetsov Deputy Chairman of the Executive Board, Sberbank.
«Today, there is not an entity in
Russia that can design cybersecurity rules for SMEs,» — Stanislav Kuznetsov
Deputy Chairman of the Executive Board, Sberbank.
Most companies deal with the aftermath of
the attacks instead of allocating resources to minimize the risks
«83% of companies around the world address
the consequences of the attacks and do not foster the risk targeting approach.
This is why we are behind the cybercriminals,» — Stanislav
Kuznetsov Deputy Chairman of the Executive Board, Sberbank.
Lack of laws regulating cybersecurity and
tech companies
«Lawmakers are not catching up with tech companies. As a result, technologies advance more rapidly then their security requirements. We need rules and norms, both domestic and international,» — Dmitry Samartsev Chief Executive Officer, BI.ZONE.
SOLUTIONS
Aim to strategically block cyberattacks,
analyze their origins, as well as model and forecast them
«We need to analyze the models of the
threats and principles on which they are based. It would help us understand how
we can defend against them and thwart future threats,» — Stanislav Kuznetsov
Deputy Chairman of the Executive Board, Sberbank.
Implementing defense tools on the level
of architecture design
"Defense need to be implemented on the
very early stages, at the level of architectural design. Today, many still neglect
this rule,«— Stanislav Kuznetsov Deputy Chairman of the Executive Board,
Sberbank.
Putting cybersecurity for SMEs on the
task list for the new government
«Protecting SMEs is one of the priority
tasks for the new government,» — Stanislav Kuznetsov Deputy Chairman of the
Executive Board, Sberbank.
Implementing overall protection measures
to block internal data leakage
«Our priority for 2020 is creating a system
to counter internal data leakage. We are implementing rigid rules on internal data
exchange, as well as organize trainings, mock phishing send-outs, and educate
the employees that do not follow cybersecurity rules,» — Stanislav Kuznetsov Deputy
Chairman of the Executive Board, Sberbank.
For more information, visit the
Roscongress Foundation’s Information and Analytical System at roscongress.org/en.
