Information gangsterism
I think everyone knows that information technology has penetrated our lives seriously and we need to think for a long time. Almost every small company has an accounting computer, and in almost every medium there is a permanent Internet, and protection is very often almost zero. The usual hacking of the site, espionage for competitors, using as a zombie you will not surprise anyone (and for ordinary companies this is not very critical). But now a crisis has occurred and many experts are out of work. And there may appear (if not already appeared) a completely new danger for such firms.
Under the cut my personal thoughts
Perhaps now it’s worth a little to examine the specifics of servicing computers in Russia, in small and medium-sized companies (especially those with Soviet authorities, and computers for their black box). Most directors of such firms do not hire system administrators, citing the fact that in order to protect 1–16 computers it makes no sense to pay a certain amount of money (“Pyotr Vasilyevich’s nephew will install everything for us, I saw his computer”). Hence, most often installed systems with default settings, installing unnecessary and sometimes dangerous programs (oh, what any secretary can install for herself from boredom can only guess), not installing updates on time, etc. etc. All this leads to the fact that the security policy is either in an embryonic state ("Do not tell the password to other people's uncles"), or is absent as a class.
Now let's move on to the topic - it would seem that in such a situation the cracker has nothing to look for in this company. They don’t have a website, they don’t store credit card numbers on a computer (if they use them), and the probability of finding potential competitors who can sell this company’s information is approaching zero. And this may give rise to the new phenomenon of “information gangsterism” (my personal name, do not hit hard :)). Now we will examine in more detail all aspects of this phenomenon.
Firstly, there is the usual hacking of the system, and in this case everything goes much easier - experienced firms rarely sit in such companies using social engineering methods that have been examined more than once (via ICQ or via e-mail, under the guise of a price list or resolution of the tax office), hold a trojan on the victim’s computer. True, in this case, the trojan should perform slightly non-standard backup functions. I’ll explain that this program searches the disk for certain extensions (* .doc and * .xls for MSOffice and / or 1C database, for example), then send it to the cracker (you can really create compression modules in the Trojan before that, again for example). And after all, delete files on the victim computer, and delete through some of the algorithms of complete erasure when it is impossible to recover files.
Well, after all this, without taking too long to stop the first shock, call this company and it is proposed to restore the information for a not very high price. Under Russian laws and the relative care of the cracker, it will be very difficult for him to “sew” the case, since it is very difficult to provide voluntary assistance to the company to prove that he did not find an image of a document disk somewhere in file-sharing networks. It should also be noted that the loss of documents (with client databases or bookkeeping the day before the tax reports are submitted and ... continue the list yourself) is usually a very unpleasant thing and if there is no way to restore them from any backups, you will have to pay money. Also, if criminal circles take this path, then we can expect a repeat of the 90x racket, only in the information field.
PS: All of the above is paranoid delirium.
PPS: How does the Habrasociety think this is real, and not in isolated cases, but put on stream?
Under the cut my personal thoughts
Perhaps now it’s worth a little to examine the specifics of servicing computers in Russia, in small and medium-sized companies (especially those with Soviet authorities, and computers for their black box). Most directors of such firms do not hire system administrators, citing the fact that in order to protect 1–16 computers it makes no sense to pay a certain amount of money (“Pyotr Vasilyevich’s nephew will install everything for us, I saw his computer”). Hence, most often installed systems with default settings, installing unnecessary and sometimes dangerous programs (oh, what any secretary can install for herself from boredom can only guess), not installing updates on time, etc. etc. All this leads to the fact that the security policy is either in an embryonic state ("Do not tell the password to other people's uncles"), or is absent as a class.
Now let's move on to the topic - it would seem that in such a situation the cracker has nothing to look for in this company. They don’t have a website, they don’t store credit card numbers on a computer (if they use them), and the probability of finding potential competitors who can sell this company’s information is approaching zero. And this may give rise to the new phenomenon of “information gangsterism” (my personal name, do not hit hard :)). Now we will examine in more detail all aspects of this phenomenon.
Firstly, there is the usual hacking of the system, and in this case everything goes much easier - experienced firms rarely sit in such companies using social engineering methods that have been examined more than once (via ICQ or via e-mail, under the guise of a price list or resolution of the tax office), hold a trojan on the victim’s computer. True, in this case, the trojan should perform slightly non-standard backup functions. I’ll explain that this program searches the disk for certain extensions (* .doc and * .xls for MSOffice and / or 1C database, for example), then send it to the cracker (you can really create compression modules in the Trojan before that, again for example). And after all, delete files on the victim computer, and delete through some of the algorithms of complete erasure when it is impossible to recover files.
Well, after all this, without taking too long to stop the first shock, call this company and it is proposed to restore the information for a not very high price. Under Russian laws and the relative care of the cracker, it will be very difficult for him to “sew” the case, since it is very difficult to provide voluntary assistance to the company to prove that he did not find an image of a document disk somewhere in file-sharing networks. It should also be noted that the loss of documents (with client databases or bookkeeping the day before the tax reports are submitted and ... continue the list yourself) is usually a very unpleasant thing and if there is no way to restore them from any backups, you will have to pay money. Also, if criminal circles take this path, then we can expect a repeat of the 90x racket, only in the information field.
PS: All of the above is paranoid delirium.
PPS: How does the Habrasociety think this is real, and not in isolated cases, but put on stream?