The number of cyber attacks on Russian IT companies quadrupled in the second quarter

According to the results of the second quarter, the number of attacks on Russian IT companies has quadrupled, according to MTS RED. Other market participants confirm the trend and draw attention to the fact that the share of attacks on Russian technology companies in the total number of incidents has increased in parallel. Experts suggest that the shift in the interest of attackers, who after the outbreak of hostilities focused primarily on state-owned companies, towards IT may be due to the desire to gain access to infrastructure and customer data.

The total number of cyber attacks on Russian companies in April-June almost doubled, to 12.7 thousand incidents, calculated in MTS RED. Hackers have become particularly active against IT companies – the number of such attacks has quadrupled to 4,000.

According to Positive Technologies, the share of IT companies in the total number of those attacked almost tripled, to 17%. Gazinformservice notes an increase in attacks on IT companies by 20–25%, with a general market share of 10–15%.

In Russia and the CIS, IT remains in the top three most attacked industries, the Kaspersky Lab cybersecurity monitoring center confirms. They added that the number of “complex incidents”, including “involving a person”, is growing.

Attacks on IT companies in Russia “are part of a global trend”: in the second quarter, technology companies accounted for 11% of the total number of ransomware victims, says Natalia Yushkova, an analyst at the Positive Technologies research group: “This is due to the potential benefit for attackers: successful attacks on IT companies allow access to confidential data not only of the companies themselves, but also of their clients.”

Russian IT companies are developing and implementing new domestic solutions in organizations of other industries, Andrey Dugin, head of the MTS RED cybersecurity services center, notes: “By implementing an attack on an IT company, you can modify the code of the system it is developing and gain access to the infrastructure of organizations related to import substitution “.

In terms of company losses due to cyberattacks, the dynamics are also negative: in the first half of the year, the average damage caused by hackers increased by a third, to about 20 million rubles. (see “Kommersant” dated July 14). Among the major incidents of the second quarter were attacks on 1C-Bitrix clients, as a result of which many websites were hacked and the data of the largest retailers were posted online (see “Kommersant” of June 6).

Representatives of the IT industry call the intensification of attacks on the technology sector an “alarming trend.”

They are aimed at paralyzing the network infrastructure, which can lead to serious disruptions in the work of companies, the loss of a customer base and a complete stoppage of work, emphasizes Artem Izbaenkov, director of cybersecurity development at EdgeCenter (cloud solutions). He adds that cyberattacks can be used “to achieve geopolitical goals and manipulate public opinion.”

The vulnerability of Russian companies to hackers is associated with a lack of IT specialists in the market to provide full-fledged protection, import substitution of significant systems and the transition to products such as OpenSource (open source), believes Dmitry Ovchinnikov, chief specialist of the Gazinformservice complex information security systems department.

“Before the accounts of Russian developers were blocked in foreign repositories, many IT companies actively took their developments, but now products with foreign open source are not updated in Russia, which has led to an increase in vulnerabilities in the infrastructure of organizations,” Mr. Ovchinnikov believes.

This threat is confirmed in Astra Group of Companies, both in terms of using third-party code from OpenSource projects and developer code. The solution in the company is considered “technological cooperation of vendors in terms of secure development.” By the end of the year, Astra Group itself intends to bring to the market its own platform for the joint development of open source (see “Kommersant” dated August 28), which is intended to replace GitHub and GitLab.

Tatyana Isakova