Cybercriminals attack through the weakest point

Interview by Georgi Dukov, head of Security Solutions at TechnoLogica, for “Economy + Cybersecurity” special edition of the Economics magazine, issue 114

– Mr Dukov, in recent months cyber-attacks on government departments, private companies and even schools have been increasing. What is the reason for this – are hackers getting better or the protection of information systems no longer meets modern requirements?

– First, it is the ubiquitous use of the Internet and information technology in every aspect of our daily lives, which improves our quality of life, but also inevitably increases the number of potential targets of cyber criminals. Secondly, today information is stored and exchanged digitally and any breach in information security creates the possibility of theft or manipulation. Thirdly, the biggest problem yet is the lack of adequate understanding of potential threats and insufficient training on how to protect ourselves.

Even reputable institutions are not immune from risks because most use software developed specifically for them, sometimes even decades ago. I am aware of a number of cases where such software has been used without adequate support and development, even when the systems are critical to the institution’s operations.

At TechnoLogica, we provide our clients with a service to cover every aspect of cyber security. The assistance we offer covers the security of the infrastructure and of specific application software, the effectiveness of various organisational and technical protection measures, the assessment of the capabilities of the users of the information systems or of the employees directly responsible for cyber security and their training.

– Recently, there have been rumours that various corporations and countries are acquiring data on thousands of people, even using smartphone apps, for example for social networking or shopping, and siphoning data on the traffic and behaviour of their owners through them? Could this also put businesses at risk?

– Yes, the danger is real as most of us use our smart devices for both personal and business purposes. Hackers will attack the organization through the weakest point. A holistic approach is important and we advise and help organisations identify and plug any holes to control the risk.

A popular example from recent years is the teleworking. It is a convenience but also a security risk and requires additional protection.

This is the reason we recommend that our clients perform an initial assessment of their overall approach to information security. This includes the organization’s vision for governance and development, policies, protection and recovery systems used, business continuity approach, supply chain management. Next, the adequacy of all security controls should be verified with penetration tests, cyber incident recovery tests, or verification of how defences are working. All these checks should be carried out regularly, not on a one-off basis. It often turns out that of all the weaknesses we find and describe in our reports, our clients manage to fix about ten percent in a timely manner, and the threats evolve and increase. In order to be protected there must be a continuous cycle of checking, updating security policies and rules, planning and implementing new measures.

Sometimes it happens that an organisation comes to us after something has already been the victim of a cyber-attack or cyber incident. In such cases, we of course respond and help investigate the attack, minimize the damage and restore the affected systems. But preventive measures are more effective than reactive ones.

– How do cybersecurity professionals keep in shape with so many types and strengths of threats?

– We continuously invest in developing our own capabilities. A few years ago, the TechnoLogica team participated in the Global CyberLympics international cyber security competition, and ranked 7th in the world and 5th in Europe. Colleagues regularly take part in NATO’s largest international cyber defence exercises – Locked Shields and Crossed Swords, organised by the  NATO Cooperative Cyber Defence Centre of Excellence in Estonia, as well as the Cyber Coalition, which is organised by the NATO Military Committee. Our specialists have been from the red team, the blue team and since last year also from the green team. The red team simulates an attack, the blue team defends against it, and the green team evaluates and improves security processes and policies. Last year, Dimitar Radev, who is the head of Information Security and Infrastructure division at TechnoLogica, was part of the green team at Locked Shields in Tallinn, where a cyberattack was played out on an imaginary country, with the goal of taking over all the important systems – electricity distribution, the money transfer network of local banks, the 5G network, the radio communications of the local army.

Which private sector companies need assistance with their cyber defences?

– Virtually all, even the smallest, because they also have fewer resources and lack specialists. Most often, their measures boil down to finding a hosting company to provide them with electronic communication services with basic levels of protection. In such cases, it is a good idea for employees to take a basic course on how to protect themselves from cyber-attacks and safeguard their data. For example, knowing how to access work information from their laptop if they are in a public place and using an open Wi Fi network. My colleagues have developed such a course in which we explain the main risks, the ways of attack and the corresponding protection measures. We also use an abridged version of it in the Business Teaches programme of the Ministry of Education to train teachers and students. We are also a partner of EC-Council, the most widely recognised cyber security training organisation, and offer the full range of iClass certification training.

The protection of information is also particularly important for companies that are engaged in development activities or are part of the supply chain of large global manufacturers, for example, companies from the automotive cluster in Bulgaria, which produce components for almost all well-known car brands. It is standard for a contracting company to require its suppliers to implement a top-level security policy. In this case, TechnoLogica can offer solutions to implement all the necessary requirements.