"Analysis of information coming from GosSOPKA (government system of identification, warning and elimination of effects of cyberattacks against Russia’s IT resources) indicates that most attacks are aimed at stealing information. First and foremost the attackers focus on Russia’s technologies in the defense and nuclear industries, energy and missile building, as well as information from public administration systems," Murashov said.
On average, one in three attacks the center reveals targets banking and financial organizations (38%), 35% of attacks are against state bodies, 7% are against educational and defense industry facilities, 4% are against space and rocket industry and 3% are against healthcare.
Murashov pointed out that the United States remains the main source of threat, as confirmed by data from the following companies: Webster (the US), Ruixing (China), Comodo Security Solutions (the US) and NTT Security (Japan). He said cyberattacks are carried out by means of various methods of spreading malware, for instance, through e-mails and phishing and captured resources in the Internet.
According to statistics shown in a slide at the briefing, in 2018, 63% to 71% of attacks through web-resources were made from the US territory, 5%-10% from China and a tiny 3% from Russia. Phishing attacks came from the United States in 36% of cases, 25% of the attacks were from Cyprus and 5% from Russia. The United States is number one in terms of all types of attacks (27%), China comes in second (10%), the Netherlands and France - third (4% each) and Germany - fourth (3%).
The National Coordination Center for Computer Incidents was created in September 2018 on the order of the director of the Federal Security Service (FSB) following a presidential decree to establish a governmental system for the identification, warning and elimination of the effects of cyberattacks against Russia’s IT resources (GosSOPKA).