'The Internet is currently treated as one of the dimensions in which there is war’, says AGH UST Professor Marcin Niemiec from the Faculty of Computer Science, Electronics, and Telecommunications. The scientist, who deals with cybersecurity issues, answers our questions about the threats that lurk in the corners of the Internet.
Professor, the Russian invasion in Ukraine has been going on for two months now. In relation to this ongoing war, are we exposed to additional threats on the Web?
As far as the Russian invasion in Ukraine is concerned and the threats in cyberspace related thereto, we haven’t, in fact, registered any new spectacular attacks. The dangers that we see on the Internet are usually threats that we are already familiar with, take the attacks related to blocking access to services or websites. Currently, however, we are dealing with an intensification of such activities. In my opinion, the only new threat that deserves a mention is broad misinformation, which targets the integrity of states. This phenomenon can be classified as something we have not experienced so much in the past. None of these threats are to be dismissed. Clearly, this is why the third-level alert CRP-CHARLIE has been in place for many weeks now – we should definitely increase our vigilance on the Internet.
What can a regular user do to increase their vigilance on the Internet? How can we defend ourselves from these types of attacks?
I always offer this basic piece of advice: We should always remain reasonable. This is also true in this situation – our everyday activity in cyberspace should always be thought-out and responsible. That is to say, we all, individual Internet users, have influence on the security of our country. If we carelessly click on suspicious links or open attachments sent to us by strangers, this can result in our device being exploited as one of the tools used to disable services critical for the functioning of the state. The Readers might be interested in the recommendations prepared by CERT Polska – this team of experts has posted useful information on its website for citizens and people responsible for keeping company IT systems safe.
Does our university have a team that monitors the safety of the Web?
The AGH UST has a central unit dealing with cybersecurity – the Independent Section for Cybersecurity Monitoring. Many other AGH UST units, such as faculties or institutes, also have designated people who are responsible for securing and protecting particular networks and servers from hackers.
The stereotypical hacker looks like a young genius trying to crack the toughest firewalls. However, isn’t it more often so that to acquire sensitive data, it’s easier to make use of social engineering?
Indeed, there is an image of a hacker being a person with incredible IT skills, who’s sitting with a black hood on their head in front of several monitors, on which they’re working simultaneously. Truth be told, there are individuals who are capable of attacking large IT systems, but very often these hackers are simply people who are not experts in cybersecurity. In their attacks, they use ready-made, intuitive tools that can be easily acquired or sometimes even bought with a manual. A hacker doesn’t have to be an IT specialist – sometimes, instead of good programming skills, plain sociotechnical skills suffice.
These people are probably assuming that the weakest link is the human.
Partially yes – humans are usually the weakest links, and by using manipulation techniques you can achieve better results than by hacking an IT infrastructure. On the other hand, attacking IT systems doesn’t require the perpetrator to have extensive knowledge. Let me use an analogous example: You don’t have to be a barista to make great coffee – it’s enough to press the right button on the coffee machine and there we have it – we made excellent coffee without knowing the ropes of making coffee.
Recent attacks on government websites were apparently not supported by extensive IT knowledge. Instead, spamming was used to overload the servers.
Exactly, the Distributed Denial of Service types of attacks are based on the strategy where we send sizeable amounts of queries which engage the computer assets of a given server, which renders it incapable of processing regular queries.
‘A hacker doesn’t have to be an IT specialist – sometimes, instead of good programming skills, plain sociotechnical skills suffice’, Professor Marcin Niemiec says; source: Dreamstime