MOSCOW (Pakistan Point News / Sputnik - 01st December, 2020) In 2020, professional cyberteams conducted more than 200 hacker attacks on Russian systems, of which about 30 were carried out by cyber mercenaries pursuing the interests of foreign states, according to a study by the Rostelecom-Solar cybersecurity company released on Tuesday.
"In 2020, the cyberattacks monitoring and response center Solar JSOC recorded more than 200 hacker attacks from professional cyberteams, including massive attempts to influence entire industries and sectors of the economy. In about 30 cases, the perpetrators behind attacks were of the highest level of training and qualifications - cybermercenaries and cyberteams pursuing the interests of foreign states. Among the most frequent targets is the critical information infrastructure of Russia," the document said.
In 45 percent of cases, hackers attacked web applications, and in 35 percent of cases, they exploited known and unpatched vulnerabilities of organizations. After infiltrating the infrastructure, cybercriminals tried to gain access to organizations' confidential information by accessing mail servers (85 percent of cases) and work computers of top officials, their deputies and secretaries (70 percent of cases).
According to the study, cybercriminals sought to seize maximum control over the infrastructure by attacking workstations of IT administrators with a high level of privileges (80 percent of cases) and IT infrastructure management systems (75 percent of cases).
Attacks by average-skilled cybercriminals were aimed at financial gain or obtaining ransom for the decryption of company data.
The main tool used by cybercriminals is phishing attacks, which is a type of social engineering attack often used to steal user data. This type of attack is quite successful due to the low literacy rate of employees in information security, according to the research. To infect workstations and further develop the attack, cybercriminals used malware massively available on the DarkNet (40 percent of cases).
