On October 10 Moscow hosted annual Group-IB conference CyberCrimeCon/17, focusing on the cybercrime development tendencies and pro-active defense technologies.
The conference was attended by leading Russian and foreign experts who specialize in the prevention and investigation of cybercrime, cyberthreat researchers, representatives of major banks, telecommunication, trade, industrial and high-tech companies, as well as representatives of law enforcement agencies.
RIAC and EastWest Institute made a presentation of a joint article «Suggestions on Russia-U.S. Cooperation in Cybersecurity».
On October 10 Moscow hosted annual Group-IB conference CyberCrimeCon/17, focusing on the cybercrime development tendencies and pro-active defense technologies.
The conference was attended by leading Russian and foreign experts who specialize in the prevention and investigation of cybercrime, cyberthreat researchers, representatives of major banks, telecommunication, trade, industrial and high-tech companies, as well as representatives of law enforcement agencies.
RIAC and EastWest Institute made a presentation of a joint article «Suggestions on Russia-U.S. Cooperation in Cybersecurity».
The cross-cutting theme of the conference was the need for society and the state to counter the growing threats from cybercriminals in the face of increasing available arsenal of cyber weapons, the growing number of cyber attacks carried out by criminal groups with the support from the states.
The conference was opened by Noboru Nakatani, Executive Director, INTERPOL Global Complex for Innovation — a facility, coordinating the investigation of cybercrime. N. Nakatani named three main tools of cybercriminals: crypto-ware, financial institutions attacks, and DDoS attacks; as well as three major cyber threats of the near future: critical infrastructure attacks (nuclear power plants, airports, hydroelectric facilities), the use of drones for terrorist attacks, and the use of robotic means.
Dmitry Volkov, Head of Threat Intelligence Department, Group-IB, analyzed the cybercrime market and identified several key trends:
— Russia traditionally acts as a testing ground for hacker groups. It is here that new tools and schemes are developed, which are then replicated throughout the world.
— The emphasis in motivating cyber attacks is shifting towards espionage. Pro-state hackers successfully attack financial institutions — they try to get access to SWIFT, card processing for espionage or stealing money purposes.
— The main goals of pro-state groupings are financial structures and energy companies. The latter are used to a greater extent to test new cyber weapons.
— Attacks are usually built through the personal space of corporate employees.
— The development of the crypto-currency segment has formed a new target for cyberattacks, both from independent and from pro-state groupings — crypto-currency services and private user accounts.
D. Volkov designated the main cyberthreat — attacks of pro-state hackers on large financial structures for the purpose of subversion and sabotage.
CEO and Group-IB founder Ilya Sachkov began his speech stating that it is now that mankind lives in the safest time and has the largest population number with the minimum number of classical threats to human security, given that new types of criminal behavior have already emerged in cyberspace. As a result, it is a paradoxical situation when state budgets are spent on providing security and preventing traditional crime, which is becoming less and less dangerous for citizens, while the citizens of practically any state are actually defenseless in the face of the growing flow of new cyberthreats.
Ilya Sachkov called for changing the attitude of society and state to cybercrime.
Within the press conference framework, CEO and Group-IB founder stated his position on the use of cyber weapons at the state level:
«You can not pander to cyber weapons. I am sure that neither the U.S. nor Russia will initiate cyberwarfare, because its consequences will be much worse than the ones of the traditional war. The UN is considering the introduction of a moratorium on cyber weapons. If this does not happen, we will face a global catastrophe. But then, whoever survives, will still sign this moratorium.»
Cyber threat intelligence experts Matthew Haynes and Joep Gommers spoke about the principles and tools of intelligence in cyberspace to counter cybercrime.
The second part of the conference focused on applied issues of cyber defense and methods of responding to cyberattacks.
Ilya Remizov, Chief Technology officer Blackmoon, and Ruslan Yusufov, Director of Private Client Services Group-IB, gave practical recommendations on the protection of investment projects using crypto currency on the example of ICO BlackMoon protection.
Tamer El Refaey, Senior Director at SOC Du Telecom (UAE), spoke about the use of cyber intelligence in countering cyberattacks. Andrey Ivanov, Cloud security Lead Microsoft, described the use of machine learning for automatic intrusion and attacks detection systems on personal accounts. Stewart Garrick (Special Projects Manager The Shadowserver Foundation, the UK) and Sander van der Maden (Advisor Team High Tech Crime Dutch National Police, the Netherlands) shared their experience in implementing non-commercial network projects in the field of cybersecurity and public-private partnership projects.
At the end of the conference Sergey Pimenov, Head of Internet Threats Prevention team, Web Search Yandex, spoke about the most common threats to the RuNet.