Three ‘hackers‘ who work in large Spanish multinational companies explain how they operate their departments of cybersecurity
In 2016 Spain suffered 115,000 of cyber attacks. So far in 2017 these assaults already amount to 70,000, according to the Center for Response to Security Incidents and Industry (CERTSI). With an average of almost 400 incidents suffered every day in computer and telematics equipment in our country and with threats at the global level, such as those that have course-like viruses NotPetya or Wannacry in the last few months, it is not surprising that the departments of cybersecurity of large enterprises to be always alert, prepared to fight to the hackers.
Just 15 kilometres from the Centre of Data processing Banck Santander has in the Middle Cudeyo, Cantabria -a bunker which cost 240 million euros, gives service to 100 million customers, and is able to perform 10,000 transactions per second-the typical lad with a pint of computer, laptop full of stickers included, gives a talk at the International University Menéndez Pelayo on artificial intelligence and security.
Only that is not the typical boy-looking computer, but Alfonso Muñoz, an engineer and cybersecurity expert, leader of Research at the BBVA Innovation for Security, and a reference in Spain in the field of cryptography, the art of writing in key or enigmatic fashion so that the information can only be read by someone who knows how to decipher it.
In the cantabrian capital, apparently without hidden messages, the ‘hacker‘ of BBVA, explained that his bank developed «proprietary technology» to solve the problems of security faced by one of the major Spanish companies, those quoted on the Ibex-35.
Muñoz claims that there are «four scenarios» that make it easier for the ‘crackers‘ -those ‘hackers’ that slip into computer systems for illegal purposes – the power to break the security of an enterprise: failures in the software, faulty configuration, and human error (simply enter an email and click on a link), and the so-called 0-Days: attacks against an application or system that relies on the knowledge of some vulnerabilities that are unknown to both the user and for the manufacturer of the product.Some of them will settle matters «with just programming well», stresses the expert.
«If you try to solve those four problems, I’m not going to say that your networks are perfect, but they are going to have a degree of security important.Then, big companies, happens in Call-where he also worked Muñoz-passes in BBVA, what we do is build our own solutions defensive and do a cycle of test and validation the most sophisticated possible for the software to not have bugs, and networks are well designed,» says the advocate, which also indicates that staff who can be dedicated to different departments that are in charge in any way in the cybersecurity of a large company of the Ibex can be of «thousands» of workers, in the vast majority of «engineers and mathematicians»,the latter «increasingly».
Simulation of real-world attacks
Responsible for cybersecurity, CISO (stands for Chief Information Security Officer), global Telephone, Alejandro Ramos, says to THE WORLD that «the main problem» who are the big multinational companies of Spanish in the face of cybersergurity «is that the opponents always try to go a step ahead, as they invest a lot of time and money to find new methods of attack.»
«They need only one hole to compromise the security, while on the other side there is that locate and cover them all,» affects, so that in addition to studying «the attacks that are occurring and will occur» to «prepare the technological barriers of the more robust», these safety departments simulate «real-world attacks to test the effectiveness of the protections».
Beyond the simulation, as detailed by the CISO of the telecommunications business Spanish, which is a step below the popular ‘hacker‘ Chema Alonso, chief security officer of the company, «every day we receive anonymous attacks that try to identify vulnerabilities in our systems and networks. They, generally, generate fans or ‘hackers learners’ testing tools’.
Asked by hypothetical attacks of criminal organizations or foreign governments, Ramos responds that the first «they are focusing on other sectors where the benefit is tangible, as it happens in banking», and the second, «although critical, are actually rare».
The security officer of Telefónica, which previously spent five years at ING Spain and Portugal, highlights the fact that the teleco account with a «large team», employees in addition to the internal security of the company is dedicated to providing those same services to other companies.
«There’s use of its own software -specified Ramos – and also by specialist manufacturers. At Telefónica we have developed many products and tools that add layers of protection. For example, we use ‘Anchors’ to have dual-factor identification, or ‘Tacyt’ to monitor fraudulent applications that are in the market of mobile«. The company of the Ibex also has «other tools to close and investigate cases» when they detect security incidents as ‘Sandas’, according to details of the ‘hacker‘.
The danger, in the pocket
The engineer Roman Medina-Heigl is one of the ‘hackers‘ more veterans of our country and one of the managers of the security of some of the large Spanish energy companies of the Ibex, who prefers not to be quoted.Medina-Heigl, which indicates that the security software you own tend to use more technology companies, or specific sectors such as banking, shows that in this type of corporate giants «you need to manage with head devices and technology such as firewalls, intrusion detection systems, or platforms antivirus corporate, to have information that allows us to be not too far back from the attackers, and have an operational intelligence».
The latter is necessary to «differentiate the grain from the chaff, because when you process millions of security events it is necessary to distinguish what is or is not an attack and know how to prioritize correctly.» All of this is framed within the «plan director of security«, which defines the security strategy in the medium-long term according to the ombudsman, known in the world as RoMaNSoFt.
«There are other very specific functions -continues the ‘hacker‘ of the energy – as the digital forensics and analysis (analyze a team in search of evidence that allow to give answer to research) or the ‘ethical hacking‘, which consists of attacking your own systems in order to identify vulnerabilities, and thus be able to solve them before they find the attacker’s real.»
«Attacks practically everything»
With regard to the main lines of research that follow these ‘hackers’ that uphold the cybersecurity of companies in the Ibex, Medina-Heigl warning that «attacks practically everything», incuidos «components of airplanes, cars and nuclear power plants».
«But perhaps what is less sensational is the more important. As for example the new mining techniques that allow skipping steps mitigatorias security in common operating systems –Windows, Android and IOS. How many mobile phones and tablets with Android are there in the world?», warns the security officer of the energy, which directs the look also to other hazards which do not fit in the pocket or in a backpack.
«One of the weak points existing in security terms, and that affects many large companies are industrial control systems (ICS), especially those employees in critical infrastructure. The problem is that these are systems that were built mostly without thinking in the security and are not easily updatable, which makes them especially vulnerable,» says Medina-Heigl, who believes that «traditionally it had been assumed that the normally be isolated or protected by strong physical security measures were already safe.»«This could be more or less true when there was no Wi-fi or USB, or, in short, when not just connecting many of these systems to the internet,» he says.
In conclusion, these guardian angels of large Spanish companies will continue to study how to protect them in a world that is changing at a frenetic pace. In this sense, all point, with greater or lesser concern to the attacks from artificial intelligence, a world that is taking its first steps, but that in in a future more or less close, these experts must know how to defend yourself. «At the moment we are safe,» concludes Medina-Heigl.