Digits Against All? How to Be Ready Not Only for Cyber Threats
Valdai Discussion Club Conference Hall, Bolshaya Tatarskaya 42, Moscow, Russia
List of speakers

For the general public, the technical aspects of cyber threats are completely opaque. A sense of alarm has spread throughout society, connected with the possibility of a cyberwar starting, and the allegedly destructive digital consequences. Now this topic has reached the forefront of Russia's foreign and domestic policy, particularly in connection with the “sovereign Internet” project. What does this threat represent and is it really serious? A panel of experts discussed this on March 26, 2019 at the Valdai Discussion Club.

Konstantin Parshin, Vice President and Executive Director of the IT Cluster at the Skolkovo Foundation, drew attention to the fact that fear is a normal human reaction to the current high rate of technological development, since our ideas about the world around us simply haven’t kept pace.

“Our fears are not exactly exaggerated, but they’re highly unbalanced,” he said. So far we are only worrying about what may happen. Therefore, there is a need for education: society must become accustomed to the fact that it is in active control of its own personal security.” There are a lot of dangers connected with the “digital environment”, mostly non-political, private-sector challenges, such as property losses due to hackers' attacks; despite that fact, it is necessary to understand and accept the benefits that digitalisation brings. Today, in order to achieve “security” in the cyber-sphere, people often make a sacrifice in terms of privacy, allowing cameras to be set up everywhere and collect their personal data. “We hope that the preconceived notions and stereotypes about cyber-security will be outweighed by knowledge about the benefits of new network services,” Parshin said.

Ilya Sachkov, Founder and General Director of Group-IB, agreed with the idea that more education is needed. Today, the information security sector is surrounded by all sorts of speculations - companies are credited with something that does not exist, and it becomes similar to pseudoscience. Let’s take, for example, the “sovereign Internet” project underway in Russia. Currently, according to Sachkov, it is impracticable, because the country almost lacks its own technology, there’s no consumer demand, and it would be uncompetitive on the international market. “A Sovereign Internet is a good idea, but in order to build it,  you need the right components as a foundation; you need to make good processors and establish an export market for Russian technology, in order to allow it to obtain a share of the international market,” he explained. Without this, there will be a lot of errors in the Russian software, which in absence of consumers will not be able to be tracked and corrected in time. If hackers do not attack Russian systems, it is because there’s no need for them to take an interest in them.

During the discussion, Konstantin Parshin also drew attention to the fact that the hasty tightening of legislation may lead to a slowdown in the development of digital technology - as has happened, for example, in Europe (unlike China). At the same time, “the state should be extremely prudent in all its manifestations, wise and cautious in search of a balance, so that cyber-criminals do not go unpunished - for this you need to define clearly what constitutes a crime - but please do not scare the general public”.

Vladimir Mamykin, Director of information security at Microsoft Russia, objected to what Parshin said, claiming that the European Union’s General Data Protection Regulation (GDPR) and similar laws in the United States had no effect on the development of technology. On the contrary, they allowed for the regulation of the chaos that reigned in that area. “Local protection is the correct thing to do, but there is no difference from the outside, where you don’t know everyone,” Mamykin said.

The main way of implementing cyber-security, according to the expert, is quite simple - everything needs to be checked. “Any software in any country uses modules that were developed in other countries. Therefore, you need to check everything. And one more thing - only public-private partnership is effective, because no country in the world has a mechanism that would prohibit one private company from selling something to another,” Mamykin said. According to him, you need to use all technology, regardless of where it’s developed and implemented. As far as Russian technological development, the speaker also drew attention to the lack of statistics on its vulnerabilities, which would make it uncompetitive and hinder development.

Ilya Sachkov also pointed to the problem of cyber-weapons and their legitimation. About a month ago, the United States announced that they’d conducted a cyber-attack against Prigozhin’s so-called “troll factory”, exploiting a vulnerability in the Windows operating system. However, according to the expert, there’s inherent danger in doing something like this: if the manufacturer does not know about this vulnerability, millions of criminals around the world will be able to take advantage of it with the same degree of success. “If they can get cyber weapons, which pass through the Internet’s open channels, this will lead mankind to a technogenic disaster. Nobody thinks that nuclear weapons and cyber weapons are the same thing, but then again, nobody can control cyber-weaponry. And it can greatly influence the face of our planet,” Sachkov said.

Photo Gallery: An Era of Digital Threats: What Should We Prepare For? Expert Discussion
On March 26, the Valdai Discussion Club hosted an expert discussion titled “An Era of Digital Threats: What Should We Prepare For?”
Photo