Cyber Security

Why such large-scale cyber-attacks become possible at all?

About couple of decades ago cyber-attacks were not a thread, but things changed. Today our systems hunted by such attacks more and more often. One of the last big cyber-attacks happened in May of 2017. We saw one of the most famous malware epidemics of recent times - WannaСry. All over the world, factories were stopped, the work of hospitals was paralyzed, government agencies, banks, telecommunications companies were affected.

This ransomware worm was spreading using a vulnerability of the Windows operating system known and already closed by the developer. But the devices on which they did not manage to install the necessary update turned out to be enough to make the world shudder. In total, WannaCry has infected more than 200,000 computers in more than 100 countries. Various estimates of the damage from the epidemic range from several hundred million to several billion dollars.

Let's start with what resources the creators of WannaCry needed. This is the work of a group of developers, literally a few people. They were greatly helped by the hacker group The Shadow Brokers, which released an exploit and a backdoor, written by high-level professionals from a very serious intelligence agency, and allowing them to use vulnerabilities in existing software for their own purposes. With their help, the WannaCry encryption worm was created. Very significant damage was done with minimal effort. This is due to the modern architecture of information systems. They are built on a shaky foundation in terms of security, the foundations of which were laid back in the 70s of the last century, when the first operating systems were created and the problem of mass cyber threats did not actually exist. Modern commercial operating systems are many times better protected, but the basic approaches to their construction have not changed much. And, unfortunately, a huge amount of software that we depend on and use every day is still created with holes that can be fixed with crutches, patches and imposed security tools. And sometimes for years they do not correct at all. Therefore, in our time, hacking someone or something is relatively easy and inexpensive.

Everyone has to understand that there is no one hundred percent guarantee of protection - both in the computer sphere and offline. There are no absolutely secure IT systems either. Therefore, such a level of protection is required in which the cost of developing an attack on a company (or device, or user) will exceed the amount of possible damage.

Security should be at the heart of every system, and not be a superstructure over it, as is the case now. In this case, we have a chance to make the cost of the attack so expensive that its implementation will be simply meaningless. Bite Consulting Services like other global IT companies, wants technologies to open up more and more new opportunities for people and businesses, make the world a better and more convenient place. We want to be sure that we can rely on technology and that it won't let us down. That is why we put so much effort into development and use the experience and knowledge of industry professionals for this. We hope, one day technologies all over the world will be safe enough to be used by everyone without any fear of meeting a cyber-attack.