March 3 in Samara opened the seventh support center of the National Cyberpolygon. Such centers are created to prepare information security specialists (IB) to the reflection of cyberak. Deputy Prime Minister Dmitry Chernyshenko said that the centers in the Orenburg region and St. Petersburg will open until the end of the year. Next, the network of support centers will be deployed throughout the country.

National cyberpolygon is a virtual platform for exercises on IB. Conditions are as close as possible to combat. But the main thing is the scale. To prepare for the protection of the enterprise, you can do with more modest means. But only on the cyberpolygon you can work the interaction of teams on IB and industry protection systems, cities, countries.

Cyberpolygon deployment is part of the federal project "Information Security", which started in 2018. Why did Ib become one of the priorities of the state?

The SFERA large-scale IT project moves to its release and is open to invest. Developers are constantly improving the quality of the product. Learn about the project more by reference. Thanks for the support!

At the end of 2021, experts from Rostelecom-Savar, FSTECs, Milcyfra, Ministry of Energy, Sberban and other leaders in the field of IB were gathered at the annual forum on IB. And bitterly recognized: for two pandemic years, the onslaught of cybercrime in the world increased. The number of incidents increased, including with severe consequences. According to the selection estimates, economic damage caused in 2021 doubled and reached 7 trillion rubles. Attacks have become more difficult, more diverse using more advanced tools.

Sources of threats are varied. We list the main:

With the beginning of hostilities in Ukraine, the problem of IB turned by a new face. The TASS reports that from February 24 to February 28, a wave of DDoS-attacks on key companies began: Gazprom, Lukoil, Norilskel, Sber, Yandex, Sibur, Severstal and others.

What is the essence of DDOS attacks? First captures control over thousands of computers. Nothing no dewing users. The network is based on them. The network generates avalanche of requests to victim's company servers. Chugging, IT infrastructure fails. The purpose of attacks is not theft and not always extortion. In our case, rather military-political motives. Why? The main sources of attacks on dozens of resources at the same time - the United States (28.9%) and the European Union (46.7%).

Interstate tension sharply increases the value of the IB. It can be expected that in response to the use of Cyber ​​Building National Project "Information Security" will be adjusted. And by the volume of IB measures, and in terms of implementation.

In the era of hybrid wars, digital fraudsters did not disappear. On the contrary, they will definitely take advantage of the situation. Let's say, the departure of IT giants from the Russian market. Goodbye Windows, Farewell to Intel, Goodbye SAP and Oracle. But over many years, imported in the IT systems of enterprises has grown with domestic.

Let there be means to re-educate and install the whole Russian. But first it is necessary to pull out everything imported, which is called with meat. Shoots and holes will appear. They will become targets for cyber crafts. So, now the services of the IB and the entire Branch of the IB will have to work at the limit.

Is it possible to postpone the automatic tools of IB, make an IT system in impregnable and forget about threats? It is impossible. What is allowed?

On time to detect an attack. Quickly stop. Do not give her to penetrate the critical trace, after which the damage will become unacceptable. Situations and scripts can be a lot. The task is creative. Machine algorithms such tasks do not solve. Only the creative intelligence of the defender against the creative intellect of the criminal. Hence the value of large-scale exercises is clear. This is a school of high-speed thinking and accurate response to unexpected situations.

The human factor is the basis of IB. He is also the main weakness. More than 90% of successful attacks begin with the use of tricks and receptions to the employees of the victim. Bet for inattention, curiosity, greed and other human weaknesses.

Especially popular phishing (fishing). How do you catch the hooked staff? A letter comes, allegedly from the client. Or from bosses. From inspection bodies. And maybe a tempting advertising offer. In the letter link to the resource. The recipient clicks on the link and launches the malicious software on its computer.

Today the IB community is convinced: without literacy of each employee, reliable protection cannot be built. With any level of equipment and qualifications of specialists, the task of universal learning of vigilance remains. In any division and at any workplace.