Do I need to glue the camera on my laptop? Is your smartphone eavesdropping on you? How to protect yourself from personal data leakage? An employee of the cybersecurity department answers the pressing questions of our time and talks about the work.
How to become a "white hacker", fines and IT feminism
How did you get into this job?
I studied at the university in one of the specialties related to the complex information security in the organization. They taught us how to protect the organization as a whole, from documentation - policy, regulations, and so on, to the technical component - video cameras, access control and management systems. There were several courses in cryptography, a computer security course - this is exactly the area that interested me.
Around the equator of studying at the university, looking for a part-time job, I ended up in a very good company, where I worked in parallel with my studies and for many years after.
What is your specialization?
I cannot name a specific one, I am one of the specialists in the study of various kinds of cyber attacks. We study their mechanisms and functionality and figure out how to prevent them.
Promotional video:
So you are a white hacker?
I was never called a white hacker, black or gray. I like the gradation "cybersecurity specialist" - "cybercriminal" more. I'm on the bright side of the force, that's enough.
Do you work remotely or go to the office?
Many information security specialists work in large well-known organizations, almost all of them work in the office. Including me. There is no routine as such, I arrive at ten and work until seven. Someone comes at one o'clock and leaves at nine or ten o'clock in the evening. The main thing is the result. You can always work from home - everyone is connected with a laptop.
Our offices are quite comfortable with many pleasant buns, such as coffee machines, vending machines and other attributes of a modern office.
Are the devices paid?
Of course they are paid. There are also kitchens - in self-respecting organizations, this is all by default.
Are there night shifts?
Most companies have a shift schedule. I have not been working on shifts for a long time, but I started with a shift schedule. Then I switched to the area that interests me.
Are there girls in the profession?
There are a lot of girls in cybersecurity, including in Russia. There are world-renowned specialists who are the best or some of the best in certain areas.
Is this the industry where feminism won out?
No, in this area the main thing is knowledge. I worked with several female analysts, they were very cool specialists. In this regard, everything is open in IT. In the same way, female programmers are not surprising to anyone now. Again, the main thing is knowledge and skills, not gender.
Are there any KPI norms? If there is no work, then you are working well?
There is always work, and there is always something to do. As far as I know, many companies have certain metrics for shift workers. Those who are in free float may not have such indicators, because in some situations, the study of one cyberattack can take weeks or months.
For what can they be fired or fined?
For everything the same as in any other company. Among the features - companies engaged in the protection of information will not hire a person with a tarnished reputation in our area, as well as those who have committed crimes under Articles 272, 273 and 274 of the Criminal Code of the Russian Federation: illegal access to computer information; creation, use and distribution of malicious computer programs; violation of the rules for the operation of storage facilities, processing or transmission of computer information and information and telecommunication networks.
This is immediately a black mark. Our world is narrow - it is unlikely that a person will be taken anywhere.
Corporate events, salary and career growth
How are you with corporate parties?
I worked for a long time in one large company, it was very fun and comfortable there. We often attended various specialized conferences, there were always many opportunities for self-development. And the team at that time was very friendly.
Of course, they did not come to the corporate parties of System of a Down, but Bi-2, Mumiy Troll, Spleen and other Russian rock stars performed with us. Bi-2, for example, turned out to be quite simple guys - after the concert Leva came out to us with the words: "Guys, give me a lighter." We smoked with him, it was fun. We, like many other companies, have two global corporate parties - New Year and the company's birthday. We walk once every six months.
But this is not only with us - any other organization like the same Google is doing well in terms of corporate events, working conditions and various goodies. They know how to keep an employee.
Is there a professional holiday?
It seems to be there, but I don’t remember anyone celebrating it. There is no such thing as on the day of the Airborne Forces or on the day of the border guard. The company's birthday is celebrated on a much larger scale than the day of an IT specialist.
How much does a cybersecurity professional earn?
A good specialist makes good money. It all depends on experience and scope, on your uniqueness. In Moscow, you can get 200,000 rubles. Maximum - well, a few hundred. At the top manager level. This is, of course, above the national average.
About ten years ago, on probation, I received 20,000 rubles. I had a place to live, I never paid for anything, and for me it was oh *** what kind of money. Now the interns have a little more - the crisis, inflation - but, unfortunately, I don't know for sure.
I earn from 150,000 rubles. But I work - no one will pay anything for nothing. Everyone is adequate, everyone counts money and does business.
There are independent experts. They do what they are interested in, work from home and can collaborate with anyone.
To what extent are such specialists in demand?
There is always a shortage of personnel. I have not one or two of these in my team. The team can be geographically fragmented, each working with a specific task. There are about ten people in the room. There is no competition - we are all doing one thing.
There is a special department that processes applications.
Applications from organizations?
Yes. Large companies have departments that deal, for example, with purely industrial safety. Now, after all, everything is gradually being digitized - factories, industrial enterprises. Their idea of protection may be outdated - that's why all the process control systems have to be protected.
A key moment that changed the entire industry for years to come was the discovery of the Stuxnet worm in 2010. It was created to prevent the development of the Iranian nuclear program. Nine years later, Stuxnet is still remembered today.
Cyberattacks today can cost a lot of money, which is why professional cybercriminals are engaged in it. Well, or special cyber units of states.
How much does a cybersecurity professional earn?
A good specialist makes good money. It all depends on experience and scope, on your uniqueness. In Moscow, you can get 200,000 rubles. Maximum - well, a few hundred. At the top manager level. This is, of course, above the national average.
About ten years ago, on probation, I received 20,000 rubles. I had a place to live, I never paid for anything, and for me it was oh *** what kind of money. Now the interns have a little more - the crisis, inflation - but, unfortunately, I don't know for sure.
I earn from 150,000 rubles. But I work - no one will pay anything for nothing. Everyone is adequate, everyone counts money and does business.
There are independent experts. They do what they are interested in, work from home and can collaborate with anyone.
To what extent are such specialists in demand?
There is always a shortage of personnel. I have not one or two of these in my team. The team can be geographically fragmented, each working with a specific task. There are about ten people in the room. There is no competition - we are all doing one thing.
There is a special department that processes applications.
Applications from organizations?
Yes. Large companies have departments that deal, for example, with purely industrial safety. Now, after all, everything is gradually being digitized - factories, industrial enterprises. Their idea of protection may be outdated - that's why all the process control systems have to be protected.
A key moment that changed the entire industry for years to come was the discovery of the Stuxnet worm in 2010. It was created to prevent the development of the Iranian nuclear program. Nine years later, Stuxnet is still remembered today.
Cyberattacks today can cost a lot of money, which is why professional cybercriminals are engaged in it. Well, or special cyber units of states.
What about career growth?
If you work well, you grow well. Someone wants to deal with only one direction and have horizontal growth, while someone grows up. Several years ago I switched to a related field related to consulting - it turned out diagonal growth.
Do I need an antivirus and why glue the camera on a laptop
Is there a use for an antivirus?
Sure.
What's the best one?
There are several highly respected companies testing security products: AV-Comparatives, AV-TEST, and Virus Bulletin. They show more or less truthful results.
All my family and I have Kaspersky Internet Security. The sound of a pig, by the way, when a virus is detected, has not been used for a long time:)
Is Mac safer than PC?
There are also many viruses and antiviruses for Mac. And when the Yabloko people say that they are doing well, they are not doing well. This carelessness then bears fruit for cybercriminals.
It is more difficult with iPhones - it is difficult to develop malware for them. In fact, it is extremely difficult to run some code from outside the App Store. There are exit routes, but there are no massive attacks on end users. But in reality - if they want to hack something, they will hack anything.
The goal of any information security system is not only to prevent attacks, but also to make hacking as difficult and expensive as possible for cybercriminals.
What about the android?
The android must also be installed with security software. There is an opinion that android is the most unprotected. In 2014, when several hundred thousand malicious programs already existed under it, their representatives were talking some nonsense that there are no malicious programs, there are only potentially dangerous ones. IOS is safer from mobile operating systems.
Rumor has it that some large corporations based in America can wiretap your phone without your knowledge through apps. But today there is no direct evidence of this, and at the same time there are many facts that play against this theory.
What if the phone is off?
Probably not. Rumors, again, go, but these are rumors. If paranoia rolls up, you can turn it off. But then you still have to turn it on.
And glue the camera on the laptop?
It is advisable to glue the camera. There are many malicious programs that can secretly transmit video and audio data to hackers.
How do I secure my data?
Putting a comprehensive security system, not sitting under the admin account - this immediately removes many problems. Do not use public Wi-Fi networks - there is no password, all traffic is transmitted in clear text. Or else use a VPN in this case. Come up with strong passwords for each service, or use a password manager.
That is, you should not throw money in a cafe?
Online banks themselves encrypt traffic, but there are ways to attack in this case too. Therefore, if you are connected to public Wi-Fi, immediately turn on the VPN. The traffic is encrypted, the probability of compromising it is very low.
What should be the password?
The password must be at least 8 characters long, of course, uppercase and lowercase letters, numbers, special characters. You can come up with a mnemonic rule to make passwords for each resource, but at the same time so that they are all different. You need to practice well, remember and change it every three months.
It is imperative to use two-factor authentication. And it is extremely important not to use text messages as a second factor (at least for critical resources).
Today, SMS is still widely used for two-factor authentication, and at the same time, there are different ways to get the contents of the SMS cherished for a cybercriminal. Therefore, most experts strongly recommend using hardware tokens or two-factor authentication applications.
Are viruses written for Linux?
There is an opinion that Linux is "Elusive Joe". But in fact, it is also possible to attack this system.
There are no unbreakable systems. The unbreakable system is a steel cube in the most heavily guarded military bunker, which houses a computer completely covered in cement. Only then is the computer safe. And that's not a fact.
All safety rules are written in blood, they have not changed globally - either now or ten years ago. They can adapt to new technologies, but the essence remains the same overall.
On interaction with control "K", computation by IP and Putin's phone
What do you think about the law restricting the Internet?
Install VPN or Tor.
Is Telegram the Most Reliable Messenger?
Intelligence agencies are naturally interested in gaining access. There are other messengers that are more secure than Telegram. The most important point is what kind of encryption is used: end-to-end, or messages are encrypted only during transmission to the messenger's servers and are already stored unencrypted there. In today's realities, it is best to use messengers with end-to-end encryption, when only you and the person with whom you are communicating have the key. This is, for example, Signal. I am wary of WhatsApp, despite the fact that they also use this type of encryption by default, since today it belongs to Facebook.
In general, everything can be hacked, the main questions are the goal of hacking and the resources of the attacker.
Do the police or intelligence agencies ask you for help?
This is a regular topic. Many companies involved in cybersecurity may receive an official request for expertise from Department K, and everyone does it. Cybercrime is the same criminal offense. It's a routine. Now the practice of collecting the evidence base has already been developed - what and how to look for, how to prove the guilt of a particular person.
How can you prove a person's guilt? There are no fingerprints on the hard drive, right?
No, but most often Masks of Shaw comes to the suspect and seizes a laptop, cell phones, smartphones, SIM-cards, flash drives and other equipment, and hand them over to us for technical research.
How dangerous is it to put pirated software at home?
Pirated software never needs to be installed. It used to be a problem with access to the software, but now the main programs are preinstalled on laptops. They are unlikely to come to you because of Photoshop, but it is easy to get infected with something.
Is it possible to calculate by IP?
When you go online, your ISP will give you an address. That is, it knows your physical address and binds an IP to it. But I doubt that the provider will give it to some left Vasya. If you are using a proxy, it is even more difficult. The provider can provide all the data to the special services, but a jealous wife will not look for a husband through MTS.
Can Russian hackers really influence the US presidential election?
Everything is theoretically possible.
Russia is constantly bombarded with accusations of all the worst cyber (and not only) sins. And no one really showed any real evidence. And at the same time, everyone knows that the same Facebook massively leaked personal information and metadata from Cambridge Analytica.
Many countries today realize the need to ensure the cybersecurity of the state in general and critical infrastructure in particular. Therefore, in many countries there are units that are involved in protecting against cyber attacks.
Most likely, no one will ever say for sure whether Russian-speaking hackers influenced the elections or not. But the fact is that Russian-speaking programmers and security specialists are serious guys and some of the best in the world, if not the best. And you can find them not only in Russia, but also in Silicon Valley, and in Europe, and in other countries.
Do you have professional slang?
Many technological words are tracing words from English. Sortsy - source code, virye - viruses, malware - the general name of malware.
What about superstition?
There is professional paranoia; many people experience it.
Big Brother is watching us?
Anonymity doesn't exist. If they want, they will find it.
They say Putin has no phone
And why should he? He's a smart man. Our services are guys with a head, they understand everything. There is a special unit of the FSO, which is responsible for providing government communications. How and what works there - only they know. But for some reason I am 100% sure that everything is done very reliably there.
Smartphones and tweets at this level are pampering.
Putin is still a Chekist, and there are no former Chekists.
Author: Jerzy Simbin