"Systems are vulnerable": an expert on the readiness of Karelian companies for DDos attacks

Last week, a number of the republic's largest media outlets - Stolitsa Na Onego, PTZ Speaks, Daily, Karelinform, Kostomuksha News, Parallel 64 - were subjected to a cyberattack. Some media turned out to be inaccessible from several hours to days. During such attacks, hackers send a large number of requests to the site that exceed the network bandwidth, which blocks the operation of the information resource. It may take a long time to restore the normal operation of the site.

Reduction of budgets for information security and shortage of qualified personnel. Such reasons are called by experts, explaining that more and more often DDos attacks on Russian resources end in the success of hackers.

“In regional companies, budgets for information security measures are usually small and most often subject to sequestration. Every organization should develop a security statement that includes a threat model: what is vulnerable, what actions should be taken in the event of an attack, and so on. To develop a complete threat model, 2-3 specialists should be invited. These are all expenses. Therefore, most often the state has an administrator to maintain the site, but there is no information security specialist. At the same time, 10 years ago in Russia there were only two universities that prepared the necessary graduates. Now the specialty "Information Security" can be obtained in more than 30 universities. 200-300 specialists graduate throughout Russia a year, ”Dmitry Kositsyn, Candidate of Technical Sciences, told RBC Karelia

If each company decides for itself the issues of financing its digital security, then, according to the expert, academic education needs to respond more quickly to the demands of the time.

“Information security is a direction that requires constant training, advanced training in order to keep up with life. Companies that understand this monitor the situation, develop specialists, and are more prepared. So, for example, according to experts, Sberbank successfully copes with emerging threats. It must be understood that any system is vulnerable. Now there is a real cyber war and the attacks will continue, ”the expert believes.

According to Kaspersky Lab, since the beginning of March, the number of DDoS attacks in Russia has increased by 54%. The websites of banking institutions, private companies, regional and federal media, including RBC, are being attacked. Compared to March 2021, there were almost eight times more attacks. In addition, a historical record for the maximum duration of one DDoS attack was set - 145 hours. For comparison, in February and March 2021, the average duration did not exceed 12 minutes, and the longest attack lasted no more than an hour and a half.