Rutube’s experience confirms the need for effective cybersecurity

image

Within the framework of the XXV St. Petersburg International Economic Forum (SPIEF) on June 16, the session “Information Struggle: Protection of national media sovereignty” was held. Its main topic was the issues of ensuring the security of the Russian media space and the creation of a competence center for cybersecurity in the media sphere. Denis Baranov, CEO of Positive Technologies, took part in the session. He called on media companies to reconsider their attitude to cybersecurity and develop specific industry-specific protection measures to ensure that events unacceptable to organizations cannot be implemented.

“The media industry today needs to understand that now your industry is at the forefront of cyber-confrontation and information warfare, and you have specific risks, — said Denis Baranov. — The experience of domestic media and RutubeIn particular, today it clearly signals that the media industry needs to reconsider its attitude to cybersecurity. Nit is necessary to gather a large consortium of all media representatives, understand what you really should be afraid of, what unacceptable risks you have, specific systems, how they work, and make sure that these risks become really unrealizable».

The CEO of Positive Technologies also dispelled some of the myths that have overgrown the history of hacking Rutube. He said that the video service was subjected to a real targeted attack, which is backed by external hackers, not insiders: “It was precisely a targeted hacker attack aimed at causing maximum and long-term damage to the service. However , aboutneither managed to light up on antiviruses, used the tools that are characteristic of the basic pentester. Hackers studied the infrastructure, identified the virtual machines involved in ensuring the operation of the service, and tried to delete them. And then the race began: IT specialists Rutube they noticed the impact on a number of infrastructure elements and immediately began to disconnect and isolate them, trying to get ahead of hackers who deleted virtual machines. The company’s IT specialists still won due to the speed of reaction”.

Denis Baranov believes that the processes of implementing practical cybersecurity, which in other companies and countries stretch for years, in Russia will be greatly accelerated and will take months, and as a result, the country will receive battle-forged solutions for detecting hacker attacks. He stressed: “Such pressure on IT-there is no infrastructure in any country in the world. And that’s great. We will have the best, most competitive, toughened by the most aggressive environment software and the best specialists who are able to resist such attacks.”.

Alexander Zharov, General Director of Gazprom-Media Holding JSC summed up what conclusions media managers need to make after the attack on Rutube: “It is fundamentally important that it is necessary to move from a defensive position to proactive actions. It is necessary to attract specialists, and the current information sphere is such that a whole consortium of companies specializing in various aspects of information security is needed. Joining forces, you also need to be a little paranoid. The present time should be a time of utmost concentration and attention of both users and media companies”.

The discussion was also attended by Head of the Presidential Administration for the Development of Information Technologies and Communications Infrastructure Tatiana Matveeva, CEO of Rutube Alexander Moiseev, Director of Research and Development of Kaspersky Lab Anton Ivanov, Deputy Director of the National Coordination Center for Computer Incidents Nikolay Murashov, Vice President for Information Security of Rostelecom PJSC Igor Lyapunov and General Director of the publishing house Argumenty i Fakty Ruslan Novikov.

The session participants agreed that even if there is no full-fledged cyber war yet, it is necessary to prepare for it. This requires consolidation of efforts both within the media industry and at the state level, as well as a new level of awareness of approaches to cybersecurity issues, the involvement of experts and the elaboration of a threat model applicable to the media business. Everyone also agreed that the creation of an industry competence center for cybersecurity in the media sphere would be an ideal result of the last session and an important step to strengthen the information security of the Russian media space.

The St. Petersburg International Economic Forum has been held since 1997, and since 2006 it has been held under the patronage and with the participation of the President of the Russian Federation. At the SPIEF in 2021, the co-founder of Positive Technologies, Yuri Maksimov, took part in a special session “Technologies and Innovations for sustainable Development” and called for considering information security in terms of results.

Start a discussion …