To launch a cyber attack today you don't even need to know programming, says cyber security expert Marius Corîci. In a world where hackers sell their services, the expert from Cluj has an original proposal for educating the population.
Scene from Mr Robot, the film recommended by Marius Corîci for all Romanians. PHOTO: First video
“Adevărul” spoke with Marius Corîci, CEO and founder of the cyber security company HoundBytes, the founder of the first “training ground” for cyber security specialists in Romania, and with Andrei Niță, cyber security specialist, who has been active for more than a decade in the field, including at NATO, about the importance of being aware of the dangers to which we are exposed, in the context of cyber attacks on the servers of the Chamber of Deputies, respectively on the website of the National Cyber Security Directorate (DNSC).
Marius Corîci stated that the recent cyber attack on the Chamber of Deputies is very different from the one directed against the DNSC.
“The attack on DNSC was child's play, an attack that blocks your site for a while, so nothing spectacular, just that the traffic is low. Nothing spectacular, nothing dangerous. For half an hour the DNSC had the site blocked“, stated Corîci.
There is no connection between the two attacks
He believes the chances of the attacks being linked are very low. The one against the Parliament website was much more complex compared to DNSC's “child's play”.
On the other hand, the specialist explains, the attack against the Parliament website was not particularly sophisticated either.
“I don't think very advanced techniques were used. My bet is that it was a combination of the phishing part (phishing attacks come from scammers masquerading as trusted sources and can facilitate access to all kinds of confidential data – ed.) and exploiting well-known vulnerabilities“, Nița elaborated.
Following the Parliament attack, more data was downloaded, which shows that the hackers were not very sophisticated.
In Corîci's opinion, most likely, the hackers could not have done more, because, he says, if they had been in the place of the attacker, if they had managed to enter the system, they could have done much more harmful things, which would have blocked all Parliament activity.
“Asking for 0.8 bitcoins is laughable. Sounds like a third world country”
Another aspect commented on by the specialist was the requested amount.
“The fact that they only asked for 0.8 bitcoins is laughable. Asking 0.8 bitcoins (approx. 31,000 euros – n.ed) for an exfiltration of data (relatively trivial – identity documents, contracts, but nothing secret) from a parliament of a country sounds like an attack from a country from the third world. It's a lot for the people there, I live 10 years from them. I saw a request for 2 million euros in an attack on an accounting firm. They blocked their entire network. If they don't pay, they run out of data and make it public”said Corîci.
However, both experts claim that the fact that the Parliament's website was hacked is a serious incident.
Corîci's conclusion: “The bullet went past our ear at the Parliament, in the sense that it's good that it left with just that and a lesson learned. It's good that they didn't ask for 2-3.7 million euros and it's good that they only took some documents and not very important information”.
“It's a security incident that represents a serious attack with quite serious implications for the integrity of personal data, as well as for national security“, Nița also claimed.
Mariuc Corîci established the first “training ground” for cyber security in Romania
“Hackers have become businessmen”
The origin of the attacks is still not very clear, but Corîci emphasized that what is not very well understood in our country is the fact that hackers have become businessmen, offering their services for a fee.
“There are services such as Malware, Ransomware, Phishing, etc. Hackers rent their infrastructure and services to anyone who is willing to pay. You don't even need to know programming. That means it automatically increased the attack rate a lot. This is the greatest danger the world faces in this field“, explained the specialist.
Before, to carry out an attack you had to be a specialist, know how to program. “Now if you have money, you just have to pay, set parameters and target”he detailed.
Corîci believes that the attack on the Parliament was done with automated programs, considering that to attack an institution of this kind you need important resources.
“There are a lot of steps to take before you find a crack in the system. But here I think it was something done automatically because I think that in the Romanian Parliament there are some computers that are still running Windows 7 or I know what operating programs have expired and that don't even have security support anymore or, although they were found vulnerabilities, are no longer patched because the software is retired“.
Thus, most likely, it was a human error that allowed the system to be penetrated.
“We're in our pants”
Corîci made an x-ray of the cyber security of institutions in Romania:
“At the government level, I have great confidence in our specialist services. At the county level, things are already changing, and at the local level, woe is us. So imagine all the people of Cluj gathered in Piata Unirii with their pants hanging down. This is about the level at which Romania is on the cyber security side in terms of awareness”.
Thus, says the specialist, you form an army of cyber security experts for nothing, if an employee from the Parliament or from a public institution or from a company is not aware of the threat and clicks on an infected link… “Then good bye! In vain you have the door well guarded, if someone comes and opens the window”, he explained.
In 2013, he says, the issue of cyber security becoming a matter of national interest was raised in the Supreme Council of National Defense (CSAT), but no serious steps were taken in this direction.
The biggest problem is that Romania does not have a strategy at any level for awareness of the dangers related to cyber security, says Corîci.
“The DNSC is trying to do something, but I think that any program like this has to have some performance indicators: that is, you measure where you are, run the awareness program, measure again, see what's good and what you can improve and after that you repeat to see where you are. Only by measuring and monitoring can you see if what you are doing is working. Otherwise, we just do it to check off that we did it. It is not OK“, he explained.
Adrian Niță worked in cyber security at NATO. PHOTO: Personal archive
Mr. Robot, the most effective and inexpensive awareness program
Corîci also has an original proposal regarding citizens' awareness of the danger they are exposed to online. And because one of the biggest problems we have in Romania is the lack of funds, the expert found a solution, which is almost free.
“If I were a minister, from tomorrow I would start like this: on national television and on the big commercial television channels, I would broadcast, on Thursdays, from 8:00 p.m., the film series “Mr. Robot”says the specialist.
The next day, for an hour, whether you are a student, a student, an employee in a public institution or a company, for an hour everyone discusses what happened in the last episode.
Mr. Robot is an American TV series whose main character is a cyber security engineer and hacker who suffers from social phobia and clinical depression, played by Rami Malek. Alderson is recruited by an anarchist known as “Mr. Robot' to join a group of hacktivists. The group's goal is to destroy all debts by encrypting the financial data of the world's largest conglomerate, E Corp.
“The movie had the coolest cyber security consultants and people have a lot to learn from it“, said the specialist.
Corîci's conclusion is that human error is the weakest link in this cyber security chain and Romania is very bad in this regard.