Rostech to spend $13.4m on cyber security
Rostech will spend 800 million rubles ($13.4 million) on cyber security of its defense enterprises before the end of the year. Compared with 2016, the corporation’s anti-hacking budget has increased by 16%. In particular, the money will go to the protection of Russian Helicopters.
Cooperation with FSB
Rostech allocated 800 million rubles for the cyber protection of its defense enterprises in 2017. This was reported to RBC by the state corporation’s press service. The money was intended, in particular, for connection of Russian Helicopters Holding to a single ‘anti-hacker system’ (Corporate Center for Detection, Prevention and Elimination of Computer Attacks, developed by Rostec), as well as “for the provision of state corporation companies with means of information protection,” Rostech explained.
In 2017, such holding enterprises as Ruselectronics (production of electronic and microwave equipment), High Precision Systems (production of weapons, military and special equipment), Tecmash (production of ammunition) and United Engine Corporation (production of gas turbine engines) have already been connected to the system. It is planned to connect up to 100 more enterprises until 2018.
Experts working within the framework of the anti-hacker system track the anomalies in the work of defense enterprises’ computers and inform their management about this, cut crackers off from important information, referring their coordinates to the Federal Security Service (FSB). The center was created in autumn 2016 on the basis of RT-Inform (100% of the company's shares belong to Rostec); it interacts with the State System for Detection, Prevention and Elimination of the Consequences of Computer Attacks (also known as GosSOPKA).
What is GosSOPKA?
The State System for Detection, Prevention and Elimination of the Consequences of Computer Attacks has been developed by the FSB on the instructions of Vladimir Putin since 2013. The implementation and operation of the system is not yet complete – it will be an extensive network of computer incidents centers that will collect and analyze information on cyberattacks, provide prompt response to attacks, and eliminate their consequences. According to the draft law On the Security of the Critical Information Infrastructure, adopted by the State Duma in the first reading, GosSOPKA will protect government agencies, nuclear and hydroelectric power stations, networks of telecommunications operators and financial institutions, and other critical infrastructure facilities against cyberattacks.
In 2016, Rostech spent more than 690 million rubles ($11.6 million) on providing information security of its defense enterprises with the help of the new system.
The state corporation plans to complete the main stage of connections to the cybersecurity system by 2020, Rostech noted without specifying the amount of planned costs for cybersecurity in 2018-2020, as “these amounts are formed by enterprises within the budgets of companies that have not been approved.” According to the corporation representatives, “the costs of ensuring information security will grow every year.” “Such trend exists both in the country and in the market as a whole,” Rostech said.
As noted by Director General of RT-Inform Kamil Gazizov, the greatest danger for the state corporation is industrial espionage. “It is problematic to recognize and quickly prevent such interventions. An offender can stay in the system for a long time, reading the necessary information, while preventing himself from being noticed,” the expert said.
Another threat is the suspension of production due to cyberattacks. This means a failure of terms, including those of state defense orders, default of obligations, and financial losses, Gazizov listed.
Financial fraud – i.e. attempts to withdraw money from company accounts – is another type of hacker attack, which is most often encountered by Rostech.
Up to 2016, only antiviruses, cryptographic protection, and firewalling means were installed on the computers of Rostech’s defense enterprises. The Corporate Center for Detection, Prevention and Elimination of Computer Attacks became an “additional level of protection,” Gazizov explained.
In 2017, specialists of the center were able to identify more than 200 computer attacks, RBC’s interlocutor said.
As noted by Cisco Security Information Expert Aleksey Lukatsky, each enterprise can deal with the detection of threats independently. But it's expensive; you need to keep a large staff of programmers, he explained. “Effective anti-hacking work requires the conclusion of many contracts with monitoring centers. The Corporate Center allows you to coordinate all these activities and save resources,” the expert concluded.
Internet defense in other companies
Foreign and Russian companies began to pay special attention to information security after the events of autumn 2010, Lukatsky noted. Back then, Stuxnet infected Iran's nuclear facilities. The control systems of Siemens were attacked. “Now, there are own monitoring centers for hacker attacks in almost all large corporations, including Russian ones. For example, the Central Bank has FinCERT, the Russian Railways have several such centers. One of them is NIIAS cybersecurity center. Just like the Corporate Center for Detection, Prevention and Elimination of Computer Attacks, they cooperate actively with the FSB,” Lukatsky said.
800 million rubles a year spent on the information security of a state corporation is a relatively small amount, Head of Zecurtion analytical center Vladimir Ulyanov believes. “On average, the Russian Railways spends about 20 billion a year on IT, of which is 10% of the budget (about 2 billion rubles ~ $33.6 million) is allocated to information security. The Central Bank spends about the same,” the expert noted. On average, all companies allocate about 10% on cyber security, the expert explained. Rostech has confirmed to RBC that from 7 to 10% of the budget is spent on IT security.
Ulyanov adds that corporations spending on IT security depends on the current situation. “In crisis, the expenses on non-core businesses are cut first, and IT is among them. If IT budget is reduced, information security is automatically reduced as well,” the head of Zecurtion concluded.