De la autoafirmación a la amenaza a la seguridad nacional
La experiencia ucraniana y extranjera contra los ciberataques
DOI:
https://doi.org/10.21830/19006586.905Palabras clave:
ciberdelincuencia, ciberespionaje, ciberterrorismo, grupos de hackers, infraestructuras críticas, malwareResumen
Este trabajo tiene como objetivo estudiar las principales etapas de la evolución de los ciberataques en cuanto a su peligrosidad, desde los primeros ciberataques gamberros hasta las ciberguerras modernas. Los autores utilizan métodos empíricos de investigación cualitativa y cuantitativa para evaluar las etapas del desarrollo de los ciberataques, teniendo en cuenta su incremento, su diversidad y la creación del malware empleado. El artículo permite comprender mejor las causas, las condiciones y las consecuencias de los nuevos tipos de ciberataques. El artículo concluye señalando las tres etapas de la evolución de los ciberataques y extrae los principales rasgos característicos del estado actual del ciberentorno.
Descargas
Referencias bibliográficas
Antoniuk, L., Britchenko, I., Polishchuk, Y., Rudyk, N., Sybirianska, Y., & Machashchik, P. (2018). Code of ethics for SMEs: Substantiating the necessity and willingness to implement in Ukraine. Problems and Perspectives in Management, 16(3), 150-162. https://doi.org/10.21511/ppm.16(3).2018.12
Bakhur, V. (2017, June 28). ESET: the source of the Petya.C outbreak was the compromised M.E.Doc. C-News. https://safe.cnews.ru/news/line/2017-06-28_eset_istochnikom_epidemii_shifratora_petyac_stalo
BBC News. (2021, March 6). Chinese Hackers Hacked Microsoft's Email Service. White House says Thousands of Organizations Remain at risk. https://www.bbc.com/russian/news-56309038
Bing, C., & Kelly, S. (2021, May 27). Cyber attack shuts down U.S. fuel pipeline ‘jugular,’ Biden briefed. Reuters. https://www.reuters.com/technology/colonial-pipeline-halts-all-pipeline-operations-after-cybersecurity-attack-2021-05-08/
Channel 24. (2017, July 5). The police explained why the Petya.A virus was spread through M.E.Doc. 24tv. https://24tv.ua/ru/v_policii_objasnili_pochemu_virus_petyaa_rasprostranili_imenno_cherez_medoc_n837954
Chiu, A. (2017, June 27). New ransomware variant "Nyetya" compromises systems worldwide. Cisco Talos Intelligence. https://blog.talosintelligence.com/2017/06/worldwide-ransomware-variant.html
Cimpanu, C. (2020, December 18). NSA warns of federated login abuse for local-to-cloud attacks. ZDNet. https://www.zdnet.com/article/nsa-warns-of-federated-login-abuse-for-local-to-cloud-attacks/
Cyberattack in Ukraine. Chronicle is completed. (2017, June 29). Ligue.Business. http://biz.liga.net/all/it/novosti/3696331-v-ukraine-proiskhodit-globalnaya-kiberataka.htm
Cyberpolice: Infection with Petya is due to M.E.Doc. Electronic Document Management System. (2017, June 27). Gordonua.com. http://gordonua.com/ukr/news/localnews/-kiberpolitsija-zarazhennja-virusom-petya-stalosja-cherez-sistemu-elektronnogo-dokumentoobigu-m-e-doc-194997.html
Denyer, S. (2021, February 16). North Korea tried to steal Pfizer Coronavirus Vaccine Information, South says. Washington Post. https://www.washingtonpost.com/world/asia_pacific/north-korea-pfizer-coronavirus-vaccine-hack/2021/02/16/c09ec7fc-702e-11eb-8651-6d3091eac63f_story.html
Eaton, C., & Volz, D. (2021, May 19). Colonial Pipeline CEO tells why he paid hackers a $4.4 million ransom. The Wall Street Journal. https://www.wsj.com/articles/colonial-pipeline-ceo-tells-why-he-paid-hackers-a-4-4-million-ransom-11621435636
ESET. (2017, June 28). “Petya” Ransomware: What we know now. ESET North America. https://www.eset.com/us/about/newsroom/corporate-blog/petya-ransomware-what-we-know-now/
Everything that you Wanted to know about NotPetya but were Afraid to ask. (2017, June 28). Positive Technologies. https://www.ptsecurity.com/ru-ru/about/news/283092/
Gallagher, R., & Donaldson, K. (2020, December 14). U.K. Government, NATO join U.S. in monitoring risk from hack. BNN Bloomberg. https://ampvideo.bnnbloomberg.ca/u-k-government-nato-join-u-s-in-monitoring-risk-from-hack-1.1536398
Goodin, D. (2020, December 17). SolarWinds hack that breached gov networks poses a “grave risk” to the nation. arsTECHNICA. https://arstechnica.com/information-technology/2020/12/feds-warn-that-solarwinds-hackers-likely-used-other-ways-to-breach-networks/
Griffin, A. (2017, June 27). Huge 'Petya' cyber attack spreading across the world in potential repeat of 'Wannacry' hack. Independent. https://www.independent.co.uk/life-style/gadgets-and-tech/news/hack-cyber-attack-ukraine-russia-wannacry-petya-security-internet-broken-computer-not-working-a7810626.html
Henley, J., & Solon, O. (2017, June 27). ‘Petya’ ransomware attack strikes companies across Europe and US. The Guardian. https://www.theguardian.com/world/2017/jun/27/petya-ransomware-attack-strikes-companies-across-europe
Hold, R. (2010, October 11). The virus that attacked Iran's nuclear facilities marked the beginning of the era of cyber warfare. Is the world on the brink of an IT military revolution? Stuxnet: War 2.0. https://habr.com/ru/post/105964/
Holovko, V. (2017). Cyberattacks: Stuxnet Saboteur Virus in Nuclear Power Program of Iran. Science and Technology, 128(2), 33-41. https://naukatehnika.com/kiberataki-virus-diversant-stuxnet-v-yadernoj-energeticheskoj-programme-irana-chast1.html
Hubenko, D. (2016). After the cyberattack on "Prykarpattiaoblenergo," the US Revises the Protection of Energy Grids. Deutsche Welle. https://p.dw.com/p/1HZXJ
Inshyn, M., Khutoryan, N., Cherneha, R., Bontlab, V., & Tkachenko, D. (2021). Correlation of labor and civil contracts related to the performance of work: Preventing the substitution of concepts. Employee Responsibilities and Rights Journal, 33(4), 265-279. https://doi.org/10.1007/s10672-021-09373-3
Interfax Ukraine. (2016, February 12). The Ministry of Energy Told the Details of the Cyberattack of the Russian Federation. InfoResist. https://inforesist.org/v-minenergo-rasskazali-podrobnosti-kiberataki-rf/
Ivanov, A., & Mamedov, O. (2017, June 28). ExPetr/Petya/NotPetya is a Wiper, Not Ransomware. Securelist by Kaspersky. https://securelist.com/expetrpetyanotpetya-is-a-wiper-not-ransomware/78902/
Kapustynska, K. (2017, June 1). SBU summed up the searches in Wnet: The Provider Cooperated with the Russian Special Services. Ukraine Segodnya. https://ukraine.segodnya.ua/ukraine/sbu-podytozhila-obyski-v-wnet-provayder-sotrudnichal-s-rossiyskimi-specsluzhbami-1026305.html
Khlapkovskyi, V. (2016, February 18). Hack an entire country. Stuxnet virus was part of the US Plan to attack Iran. rus.DELVI.lv. https://rus.delfi.lv/techlife/detali/vzlomat-celuyu-stranu-virus-stuxnet-okazalsya-chastyu-plana-ssha-po-kibernapadeniyu-na-iran.d?id=47076733
Kozlovskyi, S., Butyrskyi, A., Poliakov, B., Bobkova, A., Lavrov, R., & Ivanyuta, N. (2019). Management and comprehensive assessment of the probability of bankruptcy of Ukrainian enterprises based on the methods of fuzzy sets theory. Problems and Perspectives in Management, 17(3), 370-381. https://doi.org/10.21511/ppm.17(3).2019.30
Krebs, B. (2020, December 18). VMware Flaw a Vector in Solarwinds Breach? Krebs on Security. https://krebsonsecurity.com/2020/12/vmware-flaw-a-vector-in-solarwinds-breach/
Levchenko, I., & Britchenko, I. (2021). Estimation of state financial support for non-priority territorial units using the example of bridge construction. Eastern-European Journal of Enterprise Technologies, 1, 26-34. https://doi.org/10.15587/1729-4061.2021.225524
Mallin, A., & Barr, L. (2021, June 7). DOJ Seizes millions in ransom paid by Colonial Pipeline. ABCnews. https://abcnews.go.com/Politics/doj-seizes-millions-ransom-paid-colonial-pipeline/story?id=78135821
Medium.com. (2017, June 29). M.E.Doc. Update Servers were Hosted by WNet. Internetua. http://internetua.com/serveri-obnovlenii-M-E-Doc-okazalis-na-hostinge-WNet
Menn, J. (2020, December 17). Microsoft Says it Found Malicious Software in its Systems. Reuters. https://www.reuters.com/article/uk-usa-cyber-breach-idUKKBN28R3B7
Microsoft Defender Security Research Team. (2017, June 27). New Ransomware, old Techniques: Petya adds worm capabilities. Microsoft Security. https://blogs.technet.microsoft.com/mmpc/2017/06/27/new-ransomware-old-techniques-petya-adds-worm-capabilities/
National Bank of Ukraine. (2017, 27 June). NBU warned banks and other financial sector participants about external hacker attack. https://bank.gov.ua/ua/news/all/nbu-poperediv-banki-ta-inshih-uchasnikiv-finansovogo-sektoru-pro-zovnishnyu-hakersku-ataku
Nesterenko, S. (2017). The secret of the Petya A virus has been revealed: it is a cyber weapon. Code analysis. Personal website of Sergii NESTERENKO. https://sergnesterenko.com.ua/ru/tajna-virusa-petya-raskryta-eto-kiberoruzhie-analiz-koda/
Novikovas, A., Novikoviene, L., Shapoval, R., & Solntseva, K. (2017). The peculiarities of motivation and organization of civil defence service in Lithuania and Ukraine. Journal of Security and Sustainability Issues, 7(2), 369-380. https://doi.org/10.9770/jssi.2017.7.2(16)
NTV [@ntv.ru]. (2017, June 27) Powerful attack: A Clone of the WannaCry Virus Spread on Rosneft's Servers [video]. NTV. https://www.ntv.ru/novosti/1827659/
Nuklearlord (2012a, December 1). Cyberwar – Stuxnet, Duqu, Flame, Gauss, and all, all, all... [Online forum post] The Habr. https://habrahabr.ru/post/160973/
Nuklearlord. (2012b, November 17). Again, about Stuxnet [Online forum post]. The Habr. https://habrahabr.ru/post/159053/
Parfylo, O.A. (2016). Current Issues of Forensic and Expert Examination of Malicious Software Devices Within the Framework of the Fight Against Cyberterrorism. Forensic Bulletin, 1(25), 78-84. http://irbis-nbuv.gov.ua/cgi-bin/irbis_nbuv/cgiirbis_64.exe?C21COM=2&I21DBN=UJRN&P21DBN=UJRN&IMAGE_FILE_DOWNLOAD=1&Image_file_name=PDF/krvis_2016_1_15.pdf
Perez, E. (2016, February 12). U.S. official blames Russia for power grid attack in Ukraine. CNN politics. https://edition.cnn.com/2016/02/11/politics/ukraine-power-grid-attack-russia-us/index.html
Russia was attacked by the same computer virus as Ukraine. (2017, June 27). iPress.ua. https://ipress.ua/news/rosiyu_atakuvav_takyy_zhe_kompyuternyy_virus_yak_i_ukrainu_216370.html
SBU Press Service. (2015, 28 December). Security Service of Ukraine prevented an attempt by Russian Special Services to disable energy facilities in Ukraine. Economical Truth. https://www.epravda.com.ua/news/2015/12/28/574276/
Security Service of Ukraine. (2017). SBU Exposed the Ukrainian Internet Provider on Illegal Traffic Routing to Crimea in the Interests of Russian Special Services. https://www.sbu.gov.ua/ru/news/134/category/78/view/3451#.zxQtepPG.dpbs
Stogniy, K. (2017, June 30). Files cannot be retrieved after a Petya virus attack – experts. Nnovosti.info. https://nnovosti.info/news/vidnoviti_fajli_pislja_ataki_virusu_petya_nemozhlivo_eksperti-18483.html
Stuxnet and Iran: The Mystery of the A26 module. (2010, December 30). Atomic Energy. https://www.atomic-energy.ru/articles/2015/05/06/17237
Stuxnet Virus Delivers Devastating Blow to Iran’s Nuclear Program. (2010, December 16). SecurityLab.ru. http://www.securitylab.ru/news/402905.php
Suderman, A., & Tucker, E. (2021, May 8). Major US pipeline halts operations after ransomware attack. AP News. https://apnews.com/article/ga-state-wire-business-c6ef4314af911fb58b8445d2b121e82d
Suiche, M. (2017, June 28). Petya.2017 is a wiper not a ransomware. Comae Technologies. https://medium.com/comae/petya-2017-is-a-wiper-not-a-ransomware-9ea1d8961d3b
The First Article about Viruses in Russian. (1988, July 26). SecurityLab.ru. http://www.securitylab.ru/informer/240714.php
Von Neumann, J. (1966). Theory of self-reproducing automata. Completed by Burks, A. W. (Ed.). Urbana and London: University of Illinois Press.
Woods, B., & Weckler, A. (2017, June 27). Global cyber attack hits IT systems in Ireland and the UK. Independent.ie. https://www.independent.ie/business/technology/global-cyber-attack-hits-it-systems-in-ireland-and-the-uk-35871179.html
Yefymenko, V. (2007). Information security management: Viruses and countermeasures. Saint Petersburg: National Open University “INTUIT.”
Zakharov, D. (2017, June 27). Banks and companies that suffered from the cyberattack: A list. ZN.UA. https://zn.ua/ukr/UKRAINE/banki-ta-kompaniyi-scho-postrazhdali-vid-kiberataki-perelik-246826_.html
Zobnin, Ye. (2015). Infectious penguins. The history of program virus writing for *nix systems in numbers. https://xakep.ru/2015/10/20/nix-viruses-history/
Descargas
Publicado
Cómo citar
Número
Sección
Estadísticas de artículo | |
---|---|
Vistas de resúmenes | |
Vistas de PDF | |
Descargas de PDF | |
Vistas de HTML | |
Otras vistas |