As cyber attacks increase, so does the arsenal of counter-attacks, such as “radar” capable of detecting attacks in real time or detecting vulnerabilities in computer systems.
Swisscom, Sunrise and Salt, along with hundreds of other operators around the world, were affected by the hack by iBasis, a US-based company.
Revealed this week by Le Temps, the victims of this cyber attack were not reported in broad daylight. Radar detects it, or a computer program developed by Hacknotes, an American cybersecurity company, that searches for clues and scans the network and Darknet.
There are more and more “radars” like this. “They are used, for example, to detect attacks or to detect vulnerabilities, to repair an attack, or to try to avoid it,” explains Eduardo Solana, a lecturer at the Center for the University of Computer Science at the University of Geneva. 7:30 p.m.
These cards, which are abundant on the Internet, are designed to detect attacks in real time, using information found by computer security companies. “It’s often a surveillance window that allows some attacks to be seen, but many incidents are apparently passing under their radar,” the doctor at UNIGE underlined.
Identify severe vulnerabilities
Dreamlab, which specializes in cybersecurity in Bern, claims to have developed the first Swiss radar in 2010. We are learning about the extent of these interactions and the vulnerabilities of these services exposed on the Internet, “said Nicholas Mayankord.
The radar constantly scans 20 million IP addresses in Switzerland. And the findings are enormous. More than 113,000 serious and known vulnerabilities have been identified by their computer program. This is three times more than in 2019. But according to him, despite the gradual return to normalcy, the weakness of the systems has not diminished.
“Serious vulnerabilities are when a criminal can hack a server. Also known is that a known vulnerability has been released. So you can easily find out on the internet how it works. You can download a tool to exploit the vulnerability. So it’s very serious,” said Nicholas Mayankord.
Each victim is seen as a call to action by an offender. What does this data do? “We created this system with the aim of minimizing all attack areas and eliminating all vulnerabilities, giving each one a view of the extent of their risk,” Bernice Director replied.
But the company, which operates in fifteen countries, had to learn to handle the cult of the Swiss will. “In most countries, people have thanked us. But in Switzerland, companies have sent us threats through their lawyers to stop measuring their IP address, as Google does elsewhere.” There is a problem with infrastructure and awareness. About this issue in Switzerland, ”laments Nicholas Mayankord.
However, legally, this radar respects data security. This system works just like the person walking down the street counting the door and windows in the house. “We don’t open them, without making a breakthrough intrusion, we see vulnerability,” he says.
Defined by the individual sphere
For now, this radar only sees security flaws. Can detect attacks in real time and monitor network flows. However, it can only be accessed by the government or a company operating on the network.
When questioned, the Federal Department of Defense assures that “attacks involving network traffic monitoring are not systematically and unambiguously detected because they do not comply with current legal requirements for data protection.”
According to Nicolas Mayencourt, each country can track its digital location like an air radar.
Eduardo Solana, who fights to call these surveillance systems “radar”, thinks that these technologies have found their place in the information technology security strategy of a company, a state or an individual. But according to him, we need to show humility in the complex face of cyberspace.
“Attacks are becoming more and more professional. Our enemy is no longer a young man looking for pride in a garage. It’s a company that makes hundreds of thousands of dollars with tools like ransomware,” the UNIGE expert emphasizes.
To overcome this, he says, artificial intelligence will improve the efficiency of radars in cyberspace surveillance.