Networks broke through – Newspaper Kommersant No. 67 (7512) dated 04/18/2023
[ad_1]
The volume of personal information of citizens that illegally got into the network for the first quarter exceeded 118 million unique records. This is 2.3 times higher than in the same period last year, when the Russian IT infrastructure for the first time faced massive cyber attacks due to military operations in Ukraine. The dynamics is comparable to the growth of leaks over the entire last year, that is, the situation is not improving. Experts attribute the trend to an increase in attacks on companies providing IT outsourcing services, including in the field of security: the demand for such services in Russia has been gaining popularity since 2022.
“Kommersant” got acquainted with the report of the darknet monitoring service DLBI, which analyzed data leaks for the first quarter that were publicly available. The volume of stolen personal information increased by 2.3 times compared to the same period last year, reaching 118 million unique records. Since the beginning of the year, the darknet databases have been replenished, for example, with data from SberSpasibo and the Sportmaster network, DLBI specified: “Among the victims are also Internet projects, websites of government agencies and payment systems.”
InfoWatch analysts, in turn, estimated the volume of leaks in the first quarter at more than 350 million records of personal data, which is 2.4 times more than in the first quarter of 2022. At the same time, over the past year as a whole, according to the company’s calculations, the volume of leaks amounted to 667 million records, which is 2.67 times more than in 2021. “The high dynamics of the growth of leaks remains,” the company emphasizes. In Roskomnadzor, Kommersant specified that in January-March, 39 incidents related to data leaks were recorded.
Information about the leak “SberSpasibo” (Sber’s service for receiving bonuses for purchases) appeared on the network in early March. The archive included more than 6 million lines with phone numbers, email addresses, dates of birth, dates of registration, hashed (cryptographically encrypted) bank card data and other proprietary information (see Kommersant of March 9). The data of Sportmaster customers began to circulate at the beginning of the year, the leak contained the names, dates of birth, phone numbers and email addresses of customers. Later, the company confirmed the incident (see Kommersant on March 14).
DLBI believes that the incidents in the first quarter confirm the growing danger of IT outsourcing in terms of cybersecurity: “Analysis shows that companies that outsource data processing to contractors or trust them to manage infrastructure are often less protected.” If hackers manage to break into a contractor, they gain access to all of his clients, the DLBI notes.
The IT outsourcing market began to grow just last year. According to a study by Technologies of Trust (formerly PwC), Russian companies now outsource more than 10% of their IT services. Among them, for example, IT infrastructure audit, deployment of protection systems, situation analysis and decision support when responding to incidents. The increase in the popularity of outsourcing was primarily the result of a shortage of personnel and a lack of own resources in Russian business, analysts noted.
Cyber attacks through contractors and supply chains today look like one of the most dangerous, confirms Alexey Pavlov, director of business development at the Solar JSOC Cyber Attack Center RTK-Solar. This year, the number of such attacks has more than doubled, he says, most often it is IT and information security service providers that have wide access to customer infrastructure that are the targets of attackers: “And if large IT and information security companies control their own security, then for small contractors, the level of protection may be at a low level. Informzashchita confirmed that attacks on cybersecurity companies providing outsourcing services were made at least twice this year.
[ad_2]
Source link
