Kaspersky Lab solutions will be used during the International Cyber Information Security Championship
Customers: Ministry of Digital Development, Communications and Mass Media of the Russian Federation (Ministry of Digital Development) Moscow; State and social structures Product: Kaspersky Anti Targeted Attack Platform (KATA)Second product: Kaspersky Endpoint Security Third product: Kaspersky Security Project date: 2019/10 - 2023/05
Project's budget: 364.55 million руб.
|
2023: Using Kaspersky Lab Solutions
Kaspersky Lab solutions will be used to counter cyber attacks during the International Cyber Championship on Information Security. This was announced on June 1, 2023 by Rostelecom-Solar (formerly Solar Security).
The organizers invited cybersecurity specialists from several dozen countries from different continents to the upcoming competitions. 40 teams will take part in the main stage of the international cyber championship.
To repel attacks simulated within the framework of the Cyber Championship, Kaspersky Lab provided participants with comprehensive protection tools and conducted training on working with complex incidents. We are talking primarily about a class security system SIEM for centralized collection, analysis and correlation of information security events. Kaspersky Unified Monitoring and Analysis Platform It includes the TI-platform Kaspersky CyberTrace, which is supplemented by various threads about data threats from Kaspersky Lab.
For 25 years we have been actively participating and supporting the development of the information security industry and the international information security community. It takes healthy competition and learning to move forward, so we create opportunities for the best minds in the industry to gain experience in countering and responding to cyber attacks. We are pleased to provide our technologies for such a competition and practice practical skills, "said Evgeny Kaspersky, CEO of Kaspersky Lab. |
Participants of the Cyber Championship of 2023 will work with a copy of the real typical infrastructure of the enterprise deployed on the Solar Cyber platform. The scenario was based on the cases of real attacks by cybercriminals, which almost all organizations in key industries have encountered over the past year. We are pleased that Kaspersky Lab has joined the organization of the competition and will provide support to the teams. Protecting the perimeter of Russian enterprises, we daily study the mechanics and tactics of intruders in "combat conditions" and are ready to share this expertise with our foreign partners. We hope that each of the participants will receive valuable knowledge and skills during the competition, "said Igor Lyapunov, General Director of RTK-Solar. |
2022
Testing by St. Petersburg institutions
The institutions St. Petersburg tested the capabilities of the National Cyber Police to train cyber defense skills. This was announced on December 8, 2022 by the press service of the vice-governor of St. Petersburg.
Representatives of departments and institutions of St. Petersburg and the Nizhny Novgorod region took part in cyber training. Activities were carried out to assess the effectiveness of cyber training as a tool to increase the cyber resistance of regional information systems. The results of the implemented projects carried out by RTK-Solar specialists will form the basis of new programs for training and training employees of regional institutions and departments in cyber defense skills at the National Cyber Police.
The St. Petersburg Information and Analytical Center, being under the jurisdiction of the Committee for Informatization and Communications of St. Petersburg, implements a large number of digitalization projects that cover all spheres of the city's life. The task of ensuring the security of information systems created and accompanied is of strategic importance for the city. Our specialists highly appreciated the level of infrastructure emulation on the cyber police and noted the practical demand for the knowledge gained. Such training should be carried out on a regular basis, said Vice-Governor of St. Petersburg Stanislav Kazarin.
|
To recreate the most realistic conditions on cyber exercises, experts from the National Cyber Police deployed a digital twin of a typical office infrastructure, which included an email service, web services, databases and a user segment. When developing a scenario for cyber training, the organizers took into account the current landscape of cyber threats characteristic of the public sector. So, according to the Solar JSOC Cyber Attack Countermeasures Center, in the third quarter of 2022, a clear trend was formed to move from typical incidents and mass scans to more complex point attacks.
To confront the difficult targeted attacks , it is necessary not only to have an incident response plan, but also to train it in practice. This approach helps to act clearly and harmoniously directly at the time of the attack, when literally every second counts. It is extremely difficult to conduct training on the real infrastructure, especially in the case of state IT resources that must function smoothly. On the cyberpoligon, we recreated the processes of organizations and modeled actual cyberattacks, which made it possible to make training as close as possible to "combat conditions" and safe, "said Yevgeny Akimov, director of the department of the National Cyberpoligon of RTK-Solar. |
During cyber exercises, information security specialists of institutions and departments of St. Petersburg and the Nizhny Novgorod region practiced practical skills in monitoring and responding to targeted computer attacks. Working in teams, participants jointly identified automated attack chains using a domestic information security event monitoring system. Experts have analyzed in detail the training scenario of attacks and vectors of intruders entering the organization's infrastructure.
According to the results of cyber exercises, the participants noted the usefulness of practical training in the conditions of cyber polygon, which is a digital copy of the infrastructure of a real enterprise. The teams demonstrated different levels of competence in responding to cyber attacks. Since the results were uneven, RTK-Solar experts came to the conclusion that it was necessary to introduce several training and training tracks for specialists with different levels of initial training in the field of cybersecurity. The implementation of this approach will help increase the level of security of regional IT resources and the readiness of cybersecurity services of institutions and departments for cyber attacks.
RTK-Solar and Diasoft have expanded the functionality of the banking segment of the National Cyber Poligon
The company RTK-Solar"" Russian and the developer-solutions IT"" Diasoft completed project the development of infrastructure banking segment of the National Cyber Police designed to train practical skills of protection against the cyber attacks financial sector organizations. This was announced on August 31, 2022 by Diasoft. More. here
International Cyber Emergency Prevention Training
In Russia, international cyber training was held to prevent an emergency as a result of hacker attacks. This was announced on June 20, 2022 by Rostelecom-Solar. Representatives of six countries took part in large-scale exercises: Russia, Belarus, Kazakhstan, Azerbaijan, Pakistan and Vietnam. The exercises were carried out jointly with the Ministry of Digital Development of the Russian Federation with the support of the Office of the Security Council of the Russian Federation.
The event was aimed at coordinating efforts to combat hackers at the world level and practically practicing information exchange between the participating countries about attacks carried out from the infrastructure of another state. To conduct international cyber exercises, specialists from the National Cyber Police deployed a digital twin of the infrastructure of the energy facility and developed automated attack scenarios that repeated the actions of real attackers recorded from the beginning of the special operation and aimed at various Russian organizations. Participants in cyber exercises in practice worked out interaction to counter highly professional hacker groups aimed at destabilizing the socio-economic situation by carrying out attacks that entail an emergency.
During the cyber exercises, the participants were divided into teams and had to jointly protect the segments of infrastructure allocated to them from a series of destructive cyber attacks, the purpose of which was to entail a large-scale blackout. According to the legend of the exercises, the hacker group carried out a series of coordinated attacks on a large electric power facility.
According to the conditions of the exercises, by the time the teams began to work, several significant incidents had already occurred, as a result of which the infrastructure of the energy facility was infected. harmful software
Attackers continued to conduct attacks for distribution computer virus in order to gain complete control over the attacked object. Participants in cyber exercises were required to investigate the incidents that occurred, clean the infrastructure from malicious activity and prevent re-infection, as well as restore the damaged. files Teams used a range of domestic tools cyber security Kaspersky Unified Monitoring and Analysis Platform (KUMA) to investigate attacks, including a centralized event collection and correlation system, an orchestration, automation INFORMATION SECURITY and incident response platform, R-Vision SOAR a threat intelligence platform R-Vision TIP , and others.
Participants in international cyber exercises worked out countering attacks on life support systems, the successful implementation of which in real life threatens with serious consequences for the attacked states. Therefore, it is very important to train together to identify them in the early stages and conduct a continuous dialogue at the world level. According to the results of the past cyber exercises, we managed to form a serious reserve in this direction, which will help the participating countries to act harmoniously in the event of similar threats in practice, - said Igor Lyapunov, General Director of RTK-Solar. |
Since cyber attacks were carried out on each of the infrastructure segments at different times, teams needed to share information about incident investigations. To coordinate the actions of the teams, a special technical unit worked - the Computer Incident Response Center. It was presented by experts from the National Coordination Center for Computer Incidents (NCCCI) and cybersecurity specialists from RTK-Solar. The center's team aggregated team reports, monitored the progress of the incident investigation and informed participants with a certain frequency about threats and recommended measures to counter cyber attacks. The response center was located at the St. Petersburg State University of Telecommunications named after Prof. M. A. Bonch-Bruevich, who acted as a partner in cyber training.
National Cyber Poligon Support Center Opened at Orenburg State University
On May 5, 2022, Rostelecom-Solar announced that the support center of the National Cyber Poligon had opened at Orenburg State University (OSU). This is a training platform where students and IT professionals train to repel realistic cyber attacks without endangering the infrastructure of organizations. Read more here.
The support center of the National Cyber Poligon began to work in PGUTI
At the Volga State University of Telecommunications and Informatics, the support center of the National Cyber Poligon began to work. The main goal of the project is to provide practical-oriented training for information security personnel. This was announced on March 4, 2022 by the Roste lecom-Solar company. Read more here.
St. Petersburg University of Telecommunications named after Professor M.A. Bonch-Bruevich launched a cyber police to train protection against cyber attacks
In mid-February 2022, the subordinate Ministry of Digital Development Russia St. Petersburg University of Telecommunications named after Professor M.A. Bonch-Bruevich launched a cyber police to train protection against. cyber attacks More. here
2021
Companies began to connect to the national cyber police in the Russian Federation to work out protection against cyber attacks
In mid-October 2021, commercial companies were able to connect to the national cyber police in order to train to repel hacker attacks.
The first such company, according to the Deputy Prime Minister of the Russian Federation, Dmitry Chernyshenko was the Competence Center " NTI Technologies for the Transportation of Electricity and Distributed Smart Power Systems" on the basis, Moscow Energy Institute (MPEI) whose cyber polygon is designed to conduct cyber exercises for organizations in the electric power industry. Its connection to the industrial segment of the national cyber police will create a single infrastructure that simulates the typical structure of organizations of the fuel and energy complex.
According to Chernyshenko, integration will significantly expand technological capabilities and allow conducting larger-scale exercises with the maximum realism of the processes under study. Combining attack scenarios and their reflection on a single site will form a list of threats that Russian enterprises may face. Such experience will be useful for strengthening the information security of individual companies and for expanding the general base of the national cyber police, he added.
In turn, the director of the NTI Competence Center on the basis of MPEI, Alexander Voloshin, said that "modern technologies and the comprehensive digitalization of enterprises in the energy industry, together with their undoubted advantages, pose new, comparable challenges and risks, the timely and adequate analysis of which will allow them to level or even completely avoid."
This requires the same modern and comparable in scale and complexity means of modeling and assessing the behavior of implemented digital solutions and systems for the industry as a whole, "he said.[1] |
Cross-industry corporate cyber training for TMK and Sinar Group
Rostelecom-Solar on October 12, 2021 announced that, together with the Corporate University, TMK2U organized large-scale cross-industry corporate exercises at the National Cyber Rostelecom-Solar Polygon for employees of the Pipe Metallurgical Company (TMK) and the Sinar Group. These are cyber exercises that cover the development of all key processes of information security services - from analyzing the security and building an integrated infrastructure security system to identifying and repelling hacker attacks.
The safety of industrial enterprises is a topic whose significance remains underestimated. Its complexity is associated with the need for very specific competencies from defenders, be it the internal information security department or service provider, the peculiarities of the functioning of technological segments and at the same time - the most unacceptable risks from a successful hacker attack. Therefore, we are very glad that TMK and the Sinar Group are so carefully working on the issues of cyber stability of the enterprise, using the maximum tools to verify and increase it, - said Igor Lyapunov, vice president of Rostelecom for information security. |
Cyber training is an excellent opportunity to objectively assess the level of their competencies and work out practical skills in responding to information security incidents, and the format of the competition brought an element of excitement to them. It is important that during the event, scenarios close to life were worked out, relevant specifically for industrial enterprises. This format is used for the first time in the metallurgical industry. The results of the exercises confirmed the high professionalism of our cybersecurity team, - said Dmitry Yakob, director of information technology at TMK. |
On the first day of cyber training, the teams were supposed to conduct the most complete inventory of the infrastructure specially created on the basis of the industrial segment of the cyber police. Then they had to search for vulnerabilities in it and configure event sources in the SIEM system. At this stage, the completeness and accuracy of the data from each team was evaluated.
On the second day, the teams resisted targeted attacks, and at this stage the speed of detecting the incident and responding to it became a key indicator. As a result of each attack, teams provided reports describing both the attacker's chain of steps and the measures necessary to avoid a repeat of the incident.
On the final day of cyber training, general results were summed up, as well as a detailed analysis of scenarios for training cyber attacks and team actions.
Power Industry Cyber Training
Under the auspices of the Ministry of Energy of Russia, cyber exercises were held at the National Cyber Police of Rostelecom, in which key players in the electric power industry, representatives of law enforcement agencies, regulators and government agencies took part. This was announced on June 25, 2021 by the Roste lecom-Solar company.
The goal of cyber training is to increase the practical readiness of organizations in the fuel and energy sector to repel complex distributed computer attacks on the entire industry, including the level of interaction and the speed of response.
It is important to understand that not all the challenges we face need to be fought. Some of them, on the contrary, push us to develop. The rapid development of digital technologies, including in the power, creates incentives and opportunities for the development of the energy sector, while simultaneously challenging Russia's energy security. And we need to create such conditions so that during the digital transformation of the fuel and energy complex industries, this challenge does not grow into a threat that can cause serious damage to the country's economy, "explained Anton Semeykin, director of the Economic Security Department at the fuel and energy complex. |
Cyber training included a practical and staff unit. The practical part was carried out at the National Cyber Rostelecom-Solar, created by Rostelecom on the basis of the resources of the Rostelecom-Solar subsidiary. Key companies of the electric power industry of Russia, including EuroSibEnergo JSC, Inter RAO PJSC, Rosseti PJSC, RusHydro PJSC, Grid Company JSC, SO UES JSC, Fortum PJSC, as well as representatives of other subjects of the critical information infrastructure of the energy industry.
System training to repel cyber attacks on CII subjects will significantly increase the cyber stability of the country as a whole, and we strive to contribute to this. Since the beginning of 2021, we have already conducted 25 cyber exercises, in which more than 300 information security specialists took part. This is also a clear confirmation of the market's need for such events and the need to create cyber polygon segments for other industries, "said Alexander Chechin, Deputy General Director of Rostelecom-Solar. |
According to the scenario of the exercises, in order to destabilize the socio-economic situation, the hacker group carried out a series of coordinated computer attacks on the energy supply infrastructure of the fictional region. The region's electricity grids were divided into seven districts, with a separate team responsible for protecting each. All attack scenarios were developed by Rostelecom-Solar experts specifically for these exercises and were based on real attack cases against companies in the electricity industry. The task of the teams was to identify attacks on the region's IT infrastructure and maintain the observability and manageability of the power grid areas in the area of responsibility.
In parallel, the teams worked as an industry coordination center, which included representatives of the NKCKI and the Ministry of Energy of Russia, as well as Rostelecom specialists who have the skills to respond to computer attacks, taking into account industry specifics. The Coordination Center analyzed information about incidents received from teams and informed participants about threats, as well as recommended measures to counter and eliminate incidents.
During the headquarters of the exercises, the participants considered the consequences of the attacks that the teams encountered, assessed the sufficiency of standard plans to eliminate the emergency in the context of a fan shutdown of the region's substations, and also developed priority measures to localize the consequences of cyber attacks and prevent them in the future.
Opening a program to find vulnerabilities in software and hardware (bug bounty)
On June 3, 2021, Rostelecom announced the opening of a large-scale program on the basis of the National Cyber Police to find vulnerabilities in software and hardware (bug bounty). Its purpose is to verify and increase the level of security of solutions used in public sector organizations, major commercial companies and at critical information infrastructure facilities in Russia. The program was launched as part of the implementation of the Federal Project "Information Security" of the National Program "Digital Economy of the Russian Federation."
The first participant in the program was one of the key Russian manufacturers of cryptographic information protection tools - the Security Code company. Vulnerability studies of software and hardware solutions at the National Cyber Police will be carried out on a regular basis in cooperation with Russian and foreign developers. By the end of 2021, Rostelecom plans to conclude at least 6 partnerships in this area.
As part of the bug bounty, researchers will test proposed solutions for resistance to different types of cyber attacks. All information collected based on the results of the programs will be transmitted to vendors to eliminate errors. Thus, the largest Russian developers will be able to check the security of their products in conditions as close as possible to the situation of real cyber attacks, and cybersecurity experts will be able to receive a reward for finding errors and vulnerabilities. This program will help in practice verify the security of solutions that are widely used in key sectors of the economy and thereby increase the country's cyber stability in the digital space.
"Within the framework of this initiative, we act as a partner of the state in the field of cybersecurity, helping in practice to check the level of security of those solutions that are used in the most significant organizations for the country. This program is a logical continuation of the course on import substitution: domestic solutions are gaining an increasing share of presence in the public sector, industry, at CII facilities, and we must be sure of their safety. At the same time, we are glad to welcome among the program participants and foreign vendors who are already receiving requests for participation, "said Igor Lyapunov, vice president of Rostelecom for information security. |
The first study starts in June 2021. Its object will be the solution "Continent AP" of the company "Security Code" - a means of cryptographic information protection, which provides secure access to the corporate network from remote personal computers and smartphones of employees. "Continent AP" is used to protect state information systems and objects of the critical information structure of Russia.
"The systems that protect the country's critical information infrastructure should fully cover all possible vulnerability risks, and the best way to ensure such complete protection is to constantly test information security systems. We welcome Rostelecom's project to identify possible risks and are pleased to provide our solutions for appropriate testing. Protecting the country's information security is a big responsibility, and we understand this very well, "said Andrey Golov, General Director of Security Code. |
During the first bug bounty program at the National Cyber Police, researchers will need to gain remote access to the Continent encryption hardware and software complex and look for vulnerabilities in the implementation of product functionality within three weeks. They will be verified by the expert group of Rostelecom-Solar, a subsidiary of Rostelecom. All information will be transferred to the vendor to improve the security of the solution.
Rostelecom opened the support center of the National Cyber Poligon on the basis of SibGUTI
Rostelecom has opened a support center for the National Cyber Polygon based on SibGUTI in Novosibirsk. This was announced on May 17, 2021 by Rostelecom-Solar. Read more here.
"Bank of Russia" will hold exercises at the "National Cyber Poligon"
The Bank of Russia will conduct exercises at the National Cyber Police. Rostelecom-Solar announced this on March 26, 2021. Read more here.
2020
Cyberpolygon Architecture
The national cyber police in the Russian Federation is being built on the basis of Kaspersky Lab software
On December 22, 2020, Rostelecom announced the conclusion of an agreement with Kaspersky Lab, under which the software of the Russian manufacturer of antivirus solutions will be used to create the infrastructure of the national cyber police.
We are talking about a platform that simulates the business processes of enterprises from key sectors of the economy, with the aim of practical training of cybersecurity specialists. Cyber polygon will receive several interconnected segments representing IT and industrial infrastructures. Kaspersky Lab B2B solutions such as Kaspersky Anti Targeted Attack Platform, Kaspersky Endpoint Security and Kaspersky Security for Internet gateways will be used to create segments of the first category.
Corporate solutions Kaspersky Industrial CyberSecurity for Networks, an industrial network traffic analyzer, and Kaspersky Industrial CyberSecurity for Nodes, a comprehensive solution for protecting workplaces and engineering stations in automated process control systems (APCS), will be introduced into the industrial infrastructure of the cyber police.
It is expected that the infrastructure for financial institutions will include banking and processing systems, industrial infrastructure - relay protection and automation systems, transient monitoring, dispatch control, etc. Participants in cyber exercises will face various types of attacks, the actions of internal and external violators.
Kaspersky Lab noted that the creation of a cyber police, which will work out various types of attacks, will be a significant contribution to the development of the cybersecurity industry. Within the framework of the project, it will also be possible to test reliable protective solutions, the company emphasized.
The Ministry of Digital Development extends the creation of a cyber police in Russia until 2024
In early December 2020, it became known about the decision of the Ministry of Digital Development to extend until 2024 the implementation of the project to create a cyber police in Russia. Initially, it was planned to be carried out by 2021, however, as the department said in the project with changes to the government decree, more time is needed, since it will be necessary to create infrastructure segments for conducting cyber exercises not only for the banking and energy industries, but also for telecommunications, transport, oil, etc.
As told To the businessman"" in the press service of the Ministry of Digital Development, in December 2020, the cyber police will be put into trial operation, and for 2021-2024. the sectoral and functional development of its infrastructure is outlined.
According to Mikhail Klimov, Development Director of the National Cyber Poligon direction of Rostelecom-Solar, two segments created for the credit and financial sector and the energy industry will be put into trial operation by the end of 2020.
The cyber police will consist of four support centers in the regions that will connect to the operator's infrastructure. The state subsidy for the project for 2019-2020 amounted to 364.55 million rubles, for 2021-2024 it is planned to allocate 600 million rubles.
Practical training of specialists information security in the field in the territory CIS lags behind foreign, and there is a personnel shortage in the field, the publication cites the opinion of the head of the group for the provision of services in the field cyber security KPMG in Russia and the CIS Ilya Shalenkov.
Denis Lipov, partner and head of Deloitte's cyber risk management practice, believes that cyber policing is useful for studying information security and modeling cyber threats that cause production equipment and IT systems to fail.[1]
Rostelecom conducted test exercises at a cyber police in Rostelecom
Specialists of Rostelecom-Solar, a company of the Rostelecom PJSC group, conducted test cyber exercises for students of the Far Eastern Federal University on the platform of the National Cyber Police. The event was attended by about 30 students of 2-6 courses in the directions "Information Security" and "Computer Security," Rostelecom reported on November 20, 2020. Read more here.
Opening of the cyber poligon stronghold at the Sirius University
Talent and Success Foundation Rostelecom and "" signed a cooperation agreement. The partners agreed construction on a reference center for the national cyber police for practical training of specialists in the field. information security This was announced on November 5, 2020 by the company. Rostelecom-Solar
Cyberpoligon is one of the information security projects implemented within the framework of the National Program Digital economy"" in 2020. It is carried out by Rostelecom with the involvement of expertise of employees of its subsidiary Rostelecom-Solar, national provider technologies and services. cyber security Cyber polygon reference centers are also created in and. To Moscow Vladivostok
The cyberground represents the virtual copy of infrastructure of the companies of various industries. It allows you to practice practical skills to quickly identify and prevent cyber attacks. Cyber polygon is ideal for conducting cyber exercises and stress tests of information systems, software. This is especially true for industries of strategic importance, such as electricity, transport, communications, and the military-industrial complex.
Ensuring security in cyberspace is important for each individual person and the national interests of the country as a whole. It is necessary to systematically and comprehensively train personnel who are competitive in this area. In Sirius"," we are forming an environment where we unite talented schoolchildren and students with industry companies in working on advanced equipment in order to jointly ensure the search for answers to the Big Challenges of Scientific and Technological Development, "said Russia Elena Shmeleva, head of the Talent and Success Foundation. |
The cyberpoligon stronghold at the Sirius University of Science and Technology will include specialized infrastructure and educational programs. This will allow developing talents and strengthening the practical training of students of specialized departments of Russian universities. Schoolchildren of specialized programs of the Sirius Educational Center will also be able to use the cyber polygon. It is planned that Rostelecom specialists will also participate in the educational process and act as mentors for the children.
Cyber Poligon is one of the key tools of the strategic task to increase the level of competencies of information security specialists in Russia. We are very glad to see that large organizations of the country in various fields of activity are involved in its creation. Cooperation with the Talent and Success Foundation and the Sirius Educational Center will create and distribute a training program for those who are just entering the profession. Thanks to the cyber training program, young information security specialists will receive what is usually most lacking at the start - practical experience in detecting and repelling cyber attacks, - said Igor Lyapunov, Rostelecom vice president for information security, general director of Rostelecom-Solar. |
Processing from RBK.money will become the main payment environment of the cyberpoligon "Rostelecom-Solar"
The open source solution, developed by the international fintech company RBK.money, will be used in the city's virtual model on Rostelecom's cyber police as the main payment system. This was announced on September 10, 2020 by Rostelecom-Solar. Processing will allow modeling the financial activities of the "city" with full-fledged integrations between banks, payment systems and merchants.
Cyber Poligon is one of the projects information security implemented within the framework of the National Program "" in Digital economy of Russia 2020. It is carried out by Rostelecom with the involvement of expertise of employees of its subsidiary Rostelecom-Solar, national provider technologies and services. cyber security
Cyber IT infrastructure transport power
The use of RBK.money processing will allow you to fully emulate the e-commerce sphere on the part of the payment industry ― ensure the receipt and execution of payments in virtual currency both from the end user-payer who buys goods or services in the online store, and from the payment system operator, which allows you to provide a cloud service for connecting online stores and any other service providers.
In addition to the payment system, we have specifically developed artificial vulnerabilities and scenarios, hacker attacks which information security specialists will have to detect and overcome during training on a cyber poligon, ― says RBK.money CEO. Denis Burlakov― Typical scenarios for attacks on the banking sector, such as stealing money from legal entities' accounts, introducing harmful software, encoders hacking the balance management system of legal entities, followed by the withdrawal of "drawn" money for maps attackers and other real attack vectors will allow cybersecurity specialists to conduct these attacks in real time and develop skills and means of protection against them. Our processing is a multifunctional distributed payment system for online transaction management, and we pay special attention to the security of financial transactions, and constantly involve IT representatives of the community in working together to develop secure payments in. Russia |
The platform is built on the basis of open source technologies and complies with the PCI DSS and STO BR data security standard. The architecture is based on a microservice approach and linear performance scaling capabilities. Processing contains payment protocol interfaces for host-to-host integrations with banks, payment systems and merchants, as well as user interfaces for payers and merchants. The system can work as a main processing, as well as a preprocessing or as a payment router between different processes at the same time.
The service developers used a distribution model in which all source codes and binary instances of processing microservices are fully open in open source, and are available to any market participant for free. In such a model, even a small fintech startup can deploy a payment platform and provide services to customers without spending significant financial and technical resources on buying a proprietary solution or developing its own.
For the national cyberpolygon, we have chosen a company with serious experience in the field of payment transactions - RBK.money has been operating in the financial market for over 17 years, serving organizations in 60 countries. Processing will become one of the important elements of the virtual banking infrastructure, on which participants in cyber training will be able to work out the skills of repelling specialized computer attacks relevant to financial organizations, "said Mikhail Klimov, Development Director of the National Cyber Field of Rostelecom-Solar. |
Partnership between Rostelecom and Diasoft with the aim of creating a banking segment of the cyberpoligon
The company Diasoft"," a Russian developer of solutions IT for the financial sector, entered into an agreement with "" represented Rostelecom by a subsidiary Rostelecom-Solar of "," a national one. provider cyber security The goal of the cooperation is to build a cyberpoligon banking segment that will provide banks with the opportunity to practice practical reflection skills. cyber attacks Diasoft announced this on September 3, 2020.
Cyber Poligon is one of the information security projects implemented within the framework of the National Program "Digital Economy of Russia" in 2020. The task of creating it is entrusted to Rostelecom, the project is being implemented with the involvement of expertise from its subsidiary Rostelecom-Solar. Cyber polygon includes a number of segments that repeat the typical infrastructure of organizations in various industries, including the credit and financial sector.
In order for the cyber training of the security services to be as close as possible to the real conditions, the virtual infrastructure of the cyber police must include the entire set of information systems of banks - ABS and related components. The corresponding solution of Diasoft, which is used by credit and financial institutions of Russia, was chosen as an automated banking system.
In 2019, about one in five attacks targeted banks, according to Solar JSOC's cyber threat monitoring and response center. The methods and tools of attackers are constantly being improved, and the penetration of hackers into the infrastructures of any financial and credit institution is a matter of time. Therefore, the detection of an attack in the early stages, as well as a quick and effective response to it, comes to the fore. Considering that even banks using external monitoring and response services to cyber attacks prefer to carry out technical response on their own, practical development of the actions of the internal information security service becomes a necessary element of protection, "said Mikhail Klimov, Development Director of the National Cyber Field of Rostelecom-Solar. |
According to Diasoft experts, in the process of automation of banking activities there are many points of interaction between different systems, which inevitably leads to the emergence of vulnerabilities. Therefore, the company enthusiastically met the initiative of Rostelecom aimed at improving the security of the financial sector in the country.
In addition to conducting cyber exercises, the virtual infrastructure of the cyber police will be used to conduct stress tests of Russian solutions used in complex projects to ensure the information security of banks.
In the future, three more support centers for cyber policing in the regions - in the Far East, in the Volga and Southern Federal Districts - will be connected to Rostelecom's digital platform, which will increase the level of protection of all key sectors of the country's economy.
2019
"Rostelecom" was chosen by the executor of the project to create a cyberpolygon
In December 2019, Rostelecom won a competition to create a cyber police for training and training information security specialists. For the implementation of this project, the state operator will receive about 364.55 million rubles from the budget of the Russian Federation, TASS reports with reference to the protocol of the competition commission. The document is posted on the website of the Ministry of Communications.
As follows from the published documentation, the maximum amount of subsidies provided for each year of the event is: 314.55 million rubles for 2019 and 50 million rubles for 2020. The source of financing is a subsidy from the federal budget, own and/or raised funds of the winner of the competitive selection.
The Ministry of Digital Development, Communications and Mass Media will provide to Rostelecom a subsidy for realization of the next events:
- the creation of a cyber police implemented, including using cloud technologies, to train and train specialists and experts of various fields, managers in the field of information security and information technologies in modern security practices;
- creation of independent centers for technical testing of software and hardware, including information security tools, allowing companies to access analytical information and the results of independent testing of solutions offered on the market.
As explained by Rostelecom President Mikhail Oseevsky on the sidelines of the National Industrial Forum in Moscow, we are talking about creating not a physical facility, but about developing a program that simulates the main potential threats.
Today, information security issues are flowing from the field of financial services and media, they are beginning to increasingly immerse themselves in the topic of ensuring the information security of industry and major technological processes. These are much more complex decisions, and the risks that exist there are completely different. Therefore, the government rightly decided to create such a layout that would imitate some types of enterprises, he said.[2] |
Creating two cyberpolygons for information security training
In October 2019 Russia Dmitry Medvedev , the Prime Minister signed a decree on the rule on the provision of subsidies from the federal budget for the creation of cyber polygons.
As reported in a document published on the legal information portal, the cyber police is an infrastructure for practicing the practical skills of specialists, experts of various profiles, leaders in the field of information security and information technologies, as well as for testing software and hardware by modeling computer attacks and practicing reactions to them.
The Ministry of Telecom and Mass Communications will choose the recipient of subsidies at the The winner will have to create two cyber polygons, including using cloud technologies:
- one - at least for two information technology infrastructures emulating corporate networks of banking system organizations in Russia;
- the second is for the industrial infrastructure of the energy sector.
Also, the project performer will need to create more than four training and practical centers for technical testing of software and hardware in partnership with universities.
To take part in the competition, companies must be registered in Russia, with a foreign ownership share of less than 50%. Other requirements also included:
- having its own computing infrastructure for the creation and operation of a cyber police;
- experience in providing information security monitoring services;
- experience of interaction with organizations of higher professional education in the field of training in information security.[3]
In early September 2019, Rostelecom, the Ministry of Telecom and Mass Communications, the Ministry for the Development of the Russian Far East and the Far Eastern Federal University (FEFU) signed an agreement within the framework of the VEF-2019 aimed at creating the Far Eastern Cyber Poligon Center. It will be aimed at developing talents and practical training in the field of information security in the Far East.
Notes
- ↑ New participants will be transferred to the cyber police. Rostelecom project is overgrown with industries
- ↑ Rostelecom will receive 364 million rubles to create a cyber information security game
- ↑ Decree of the Government of the Russian Federation of 12.10.2019 No. 1320 On the Approval of the Rules for the Provision of Subsidies from the Federal Budget for the Creation of a Cyber Police for the Training and Training of Specialists and Experts of Various Profiles, Managers in the Field of Information Security and Information Technologies in Modern Security Practices