#1/2014

Hacker Threats to Digital Space

Chief editor - Vladimir Krylov, PhD
Deputy chief editor - Michael Nikulichev, PhD

Business has confidently took over the digital space. Today everything is digital: TV, communication, advertising, accounting etc. Self-help guides and manuals appear daily on how to reach success with the help of digital media environment, how to build up a digital strategy. It is good, of course. But what’s the use of building a house without doors with locks?

Hackers gain access to restricted software

Digital media offers us unique opportunities but also poses significant risks. More and more hackers attack our computer networks on a daily basis. A specialized 2012 mobile security report, “State of Security in the Application Economy,” revealed that mobile application security (smart-phones, tablets, and therough them, stationary PC networks) is under a serious attack.

It was found that of the top 100 paid apps for both Android and iOS, 100% of Android applications had been compromised, and 56% of the iOS apps. They found tampering, unauthorized access, fraud, piracy and intellectual property (IP) theft. Every attack had a single end result: major financial losses.

The security of your mobile and other digital applications is your softspot, the place where your business can be hit easiest - and the hardest. The updated security report for 2013 has some more bad news: the problem is only going to intensify, particularly because your competitiveness relies increasingly on your mobile strategy. Mobility isn’t going anywhere, and hackers couldn’t be happier. Where are you most at risk? And in 2013 the tendency continued to intensify. Today the race for wire tapping is led by very serious state-run organization of some very serious countries.

Irrespective of how we protect our mobile devices, they remain vulnerable to tampering and so called reverse engineering. The main risks include:

  • Security control bypass such as authentication, encryption, license management or digital rights controls;
  • Fraud;
  • Malware;
  • Functionality modification: Unlocking or modifying application functionality;
  • Source code or intellectual property theft;
  • Piracy.

One of the main forms of serious fraud that appeared recently and that is spreading like wildfire received an adequate name of “identity theft” – penetration into a private space of a citizen, getting access to everything private, concealed and personal that people prefer to keep away from others.

Experts believe that Apple protects its mobile devices and applications better than other manufacturers. However, these protective measures are similar to door locks – they only protect you from honest people. Large companies that develop security systems and industrial applications (and here we are more concerned with CCTV cameras) such as Cisco, Bosch or Sony are protecting themselves and their clients much better. However, the price of this security is above the means of an average citizen.

Hackers attacked an LED screen in Belgrade Hackers attacked an LED screen in Belgrade

Corporations invest millions of dollars into security, but even this does not offer a reliable security guarantee: this is what happened with web-pages of prime TV channels of CNN and FOX.

Video screens are also vulnerable, and these are now located all around the world in prime sites of our major cities. Take as an example a silly prank performed by students in Serbia in May 2013. The guys decided to play their favourite video arcade game “Space Invaders” on a huge LED screen in Belgrade. Potentially, hackers may “break in” any process of data transfer, replace the original content, and display it on a separate standing LED screen or on a wide network of screens of their choice.

We should not forget the informational and advertising networks of LCD screens that are becoming increasingly popular. From the point of view of a specialist (that is, hacker) these networks are the same as our mobile phones and mobile applications. Recently experts started warning the public of another imminent threat: hacking of Smart TV sets.

In the USA only, by 2016 there will be more than 100 million personal TV sets linked to the Internet. As a result, these systems in the heart of our homes become a welcome prey for ill-doers. Through them it is equally possible to get access to our sensitive personal data or critical business data that we bring home, to spread serious digital viruses, change the factory settings. One potential scenario suggests switching on your PC video camera to broadcast at a time when you least expect or wish it.

Virus attacks on Road Police cameras are getting more frequent Virus attacks on Road Police cameras are getting more frequent

Usually people start thinking about security only after something bad had already happened. Forward-looking and strategic thinking are not your typical Russian qualities. As a result, decisions are frequently made after the fact. Here is one such example. Or rather two: two vicious attacks on surveillance Road Police cameras around Moscow in 2013 and in January 2014. In the first case, experts identified four modifications of viruses that were creating havoc in the video registration of speed control data base.

In the second case, the attack completely crippled nearly 200 “Strelka-S” cameras on major highways. The police is still searches for hackers who are hiding in the vast territories of the Internet. The attacks were so well-planned and so professionally executed that only one third of the cameras could be repaired and restarted. The other cameras had to be replaced at a considerable expense. However, these may be just the warning shots. Who knows how many other similar attacks will be launched and what critical systems will be affected.

The reader may be justified in asking: How does it happen that the important infrastructure-based state-run digital systems are not protected? The answer is obvious: the price of protecting widely spread network is prohibitive. In the recent years the USA, Japan, Russia and China made significant breakthroughs in the security area. It is now possible to protect surveillance cameras. However, there are tens of thousands of CCTV cameras in every city – and even the state budget cannot bear such burden.

Luckily, recently an interesting and affordable solution in the area of cyber security was announced by the Russian company Science & Technology Center “NAO-Pro”. We will eagerly wait for the information about the projects implemented using the new security system. What is good to notice is that new players appear in the market of digital security. This means that competition will urge the price of security systems to finally go down.