Do you acknowledge the fact that the main cyberterrorist in our country is state special service who has a by default access to providers and encryption systems? — B Samedi.

This question is a professional PR of cyberterrorists. Cyberterrorism earns tens of billions of US dollars and naturally it tries to expand its business. As a rule there should be an appropriate advertising campaign for the successful development of business. So good PR and marketing specialists are hired and an issue appears whether there are information protection systems or there are none. Anyway it is possible to destroy them this way or that so it is just a waste of money. The idea that there is no necessity to protect information is knocked into people?s heads. Evidently, cat burglars could make an advertisement stating there it?s useless purchasing locks for the doors because picklocks are available and it?s easy to open locks with their help. Cyber terrorism uses all means of advertising to press a person?s conscience, to spread fear and uncertainty in people who use computers. Cyber terrorists often exaggerate their achievements. Having performed a massive psychological attack in the mass media they offer their own means for information protection like a panacea against all misfortunes. On the other hand, cyber terrorism is rapidly developing its criminal production of special means for non-authorized access to information. They gain much profit selling them. If it goes on the same way cyberterrorism will compete with the National Security Agency of the United States in the nearest future in respect to its technical capabilities. On the web site of our company we gave examples of non-authorized eavesdropping of GSM phones of thousands of people: heads of states, prominent political leaders, heads of banks and corporations, cultural workers and actors, directors of small and average business, plain men. Criminals sucks in all information like vacuum cleaners, everything is sold or preserved for the time being...

Do you think it?s obligatory for big companies and organizations working presently in the market of goods and services (especially informational) to use complex systems for early prevention and definition of attacks (IDS)? What positive and negative aspects can you single out? — Alexander Dagovsky, IT specialist, Moscow.

In reply to your question I can say that formerly these systems were called firewalls, then — intrusion detection systems. Now they are called systems for early prevention and definition of attacks. These systems may be software or firmware. Choosing information protection means, especially for large enterprises, it is first of all necessary to perform a complex research on the possible threats and enemy attacks. Certain information protection systems may be purchased only after the comprehensive analysis together with the company security service.

Won?t the possible intensification of control in IT sphere be another attempt to strictly control the «FreeNet»? Such attempts have already been made in other countries. Shall we be the next? Сommunication centers play a significant role in the formation of democratic institutions nowadays in Russia. What are the guarantees for plain citizens and on-line community that communication centers will be announced «territory of terrorism» for the sake of political and economic groups?- Alexey Petrov, Kamchatka.

The only guarantee against the abuse of the state is the development of a civil society. I suppose, developing democratic principles the government should improve the protection system including public networks from any violations. The government should help people so that they could freely express their opinion and are not anxious it will be used against them.

What about «back doors» for FAPSI/FSB in your systems? — Ter.

It is also a PR cyber terrorist method. I can inform you that the most prominent cryptographers in the world thoroughly studied Ancort company crypto algorithms in respect to «back doors», «bugs» and «louses». The official analysis of the crypto algorithms lasted for many months and showed no «parasites» were detected there. Cryptographers from Sweden — the Royal Technical University — including Prof. Johan Hastad, performed the analysis. Professor Hastad is one of the world authorities in the field of cryptography. The cryptographers from the special state telecommunication service of South Africa also performed the analysis. The research was held officially and after it appropriate conclusions were given. It was stated it was practically impossible to break Ancort algorithms using modern super computers within the time equal to the Earth?s existence. Ancort company equipped state and commercial organizations in many countries. Our products were thoroughly examined for many months in each country where our cryptographic equipment was purchased for state and commercial organizations. These countries have been using cryptographic equipment for many years already and there were no complaints in respect to their cryptographic part. Ancort equipped many state and commercial organizations in Russia as well. Ancort exists for 16 years and we haven?t heard about a single fact of cryptographic decryption or discrediting of our equipment, systems or algorithms. More than 70000 units of various equipment were manufactured these years.

Hello. Are we speaking about the legal protection of the commercial secret or is it purely an application, let?s say, a technical aspect of the problem? How can the provisions of Article 183 of the Criminal Code of the Russian Federation be used in this respect? Is the development of this norm enough to sufficiently protect the commercial secrets of business men? Or do you suggest any other means to optimize the latter in respect to the legal protection? Thank you. — Alibek  K.

We develop protection systems used in the frame of the existing legislation and licensed with state documents. The suggestions to amend the existing legislation require serious preparation, analysis and consultations with experts in this problem and lawyers.

We have been hearing about your telephone for the third year already but it is impossible to purchase it. Where is it sold? There is an impression you only advertise it. So how will you manage to reimburse 10.000.000$ invested in it with a sales policy like this?- Vladimir Ignatov, RAO GAZPROM.

At the end of 2006 our company and our partner MegaFon received state licenses permitting the sales of the crypto snartphone in Russia. Presently joint organizational measures are being worked out to start the sales. The crypto smartphone is well adapted for the operation in the protected cellular GSM-900\1800 networks MegaFon organized. We have been performing a marketing research of protected GSM consumers for three years and found out that there?s a big need for cryptographically protected GSM in Russia. The reason is, the organized crime started to use more modern information interception systems to organize murders upon request, illegal occupation of enterprises, hostages, for blackmail, etc. Non-authorized GSM interception gives criminals a fantastic profit. I am sure people?s conscience has lately seriously changed. People want to speak freely on their mobiles without a fear for their lives and security.

Corruption, criminalization of power and power in criminality mean the necessity to use special technical means you are manufacturing to protect information. But doesn?t it also mean it is worth applying to any Western non-certified manufacturer but not to a domestic one since this power performs obligatory certification of all crypto means? — Sergei Chernov.

We know that such means are certified in many Western countries. Using Western crypto means you are taking a risk to be controlled by special services of these countries, but most obviously you are taking a risk to be influenced by foreign organized crime.

How can cyber terrorism affect my business? My firm is of average size and manufactures construction materials in Siberia. — Allexander Andreyev, Tomsk.

Unfortunately we cannot mention in press our concrete clients because we sign an agreement on confidentiality with them. We can make one example public. A small private firm which built houses in the suburbs found an interesting order from construction companies of several Arabic countries for the delivery of wooden ware. Construction is rapidly developing in Arabic countries and wood is a big deficit there. The business man found new directions for the cooperation with Arabs, established the production of required materials and soon made his company very profitable. One of the significant province officials saw the business developed successfully. So acting on behalf of a private company that belonged to his wife he suggested the business man selling the control packet of shares of the company at rather a low cost. In return he promised to render the business man assistance in receiving privileged licenses and much more. Obviously the authority wanted to buy the profitable business. The business man rejected such an exorbitant offer with indignation. At the authority?s petition a false criminal case was fabricated. The interception of the business man?s mobile phone was organized. In a while all of a sudden the tax inspection came to his office and studied how the business man optimized the taxes and whether the customs duties were paid correctly. Soon the business man met a representative from the company who wanted to buy his company?s shares. The materials on the business man?s intercepted mobile phone conversations were presented to him. They explained to him that if he didn?t sell the control packet of shares of his company the court and the deprivation of property is in store for him for money laundry and default of tax payment. The business man doubted the authenticity of some conversations because some phrases there were surely falsified. But who can make a satisfactory speech authenticity analysis in Russia to be presented to court? At the best it is possible to receive a conclusion from an expert organization stating that the speech was possibly falsified. In reply to your question I can advise you to discuss business with your partners over cryptographically protected communication lines, especially when you discuss financial issues, and the ways to transfer and receive cash. Remember that the criminal business of mobile phone interception in Russia is one of the most profitable businesses. The profit gained from it is in the third place in the criminal community after illegal sales of arms and drugs. Its profit is nearly one billion dollars.

Respected Anatoly Victorovich, what is your definition for cyber terrorism? — Mikhail Sidov, Vladivostok.

The definition for cyber terrorism is given in many publications. As far as I know there is no exact definition for it. But the main principle of cyber terrorism is the deliberate attack on information systems to destabilize its operation. It is difficult to give the definition for cyber terrorism because it is complicated to define who organizer of the crime. That is why similar definitions appear such as cyber crime. According to the opinion of UN experts cyber crime may be executed using computer systems and networks. I suppose there are two types of cyber terrorism.

The first type is an active type. Its methods are specified in technical literature. Computer viruses, logical bombs, «Trojan horses» and many others are among them.

The second type is passive cyber terrorism. What is its essence? A passive terrorist realizes the consequences of the active cyber terrorism perfectly well. But due to political, economic and technical reasons he does not make any attempts to prevent or stop it. A passive cyber terrorist is sometimes much stronger than an active one in respect to his destructive force. All the manifestations of cyber terrorism may grow into informational war, probably a more dangerous war than a nuclear war. First of all it will be aimed at changing a person?s conscience and mind. It wasn?t to no purpose that the President of Russia Putin called cyber terrorism the main threat of the ХХI century.

A well-known lawyer Alexander Gofstein was detained in Spain for the reason of intercepted phone conversations. It was declared at the press-conference held by the famous lawyers Reznik and Padva that the judge treated Alexander Gofstein?s conversations incorrectly and gave a warrant for the arrest basing on it. Can you comment this event? — Ilya Sedov, Saint-Petersburg.

I cannot comment the actions of the Spanish judge because the information that appeared in press on this case was too scarce to make objective conclusions. But this incident may lead us to interesting speculations if we consider this problem in respect to the specialists who professionally executed their duties. For example, you come to a well-known professor for an operation. Everything is fine but the instruments the patient will be cut with are rusty. The result is apparent no matter how perfect the doctor is — the death of the patient. In the contemporary world it is not only the professionalism of the doctor that provides the success but also the quality of the medical equipment he uses. It is clear as far as medicine is concerned. But to my opinion we are still in the mediaeval era judging by the technical equipment of lawyers, especially the protection of their information. It is apparent to everyone and it is stated in the law that confidentiality of conversations including phone conversations between lawyers and clients should be adhered to. Often mainly that provides the success of the case. What are the technical means a lawyer provides it with? Most often a lawyer suggests meeting a client personally. But what can be done if a client needs urgent legal help or if a client is in such a nervous state that he can speak anything on the phone that his rivals may use against him. Most of the lawyers are not ready for that. Some legal cases are lost because the opponent has more modern means to intercept required information to undertake appropriate measures. Especially it is true with complicated and intricate criminal cases or cases where high cost property is involved. Obviously while executing complicated cases like these a lawyer should offer his client as a must to rent required information protection systems to keep secret all negotiations to provide success in the criminal case. On the other hand a client can suggest a lawyer his own information protection means he trusts. It is especially important in crisis situations when each pronounced word may be used against the settler, and a personal meeting is impossible.

Russia is a recognized world leader in the field of information protection, cryptography, in particular. Then why such serious informational crisises connected with the theft of information occur, for example, a well-known case with false aviso, the theft of many data bases, murders at order after the interception of mobile conversations of victims, ruining of enterprises etc? — Vladimir Minayev, Moscow.

As far as I know, this paradox has not been studied by anyone and most obviously it was kept secret on purpose. According to the in formation of the American Strategic institute the volume of sales of cryptographic equipment in the world may reach more than USD50.000.000.000. The share growth of foreign firms dealing with problems of information security has been one of the highest in the recent years. The export volume of Russian cryptographic equipment abroad is minimum though the most modern protected communication and control systems are introduced everywhere in the world so that the growing demand for the Russian cryptographic equipment could be expected. Why does it happen? I know from my working experience in Ancort company that we have lost foreign orders for the amount of hundreds of millions of US dollars due to various bureaucratic bans on the export of cryptographic products. Maybe other Russian companies working in this sphere are losing their clients. Naturally, the market does not remain empty and foreign competitors conquer it with pleasure. It is very profitable for someone to push Russia out from the world market of this most effective industry capable to bring very more profit than from the sales of Russian arms. Naturally such an attitude to the problem of information protection tells on the domestic market as well. Thus the initiation of the paradox mentioned above — a contradiction between the technical potential and the volumes of sales of the Russian cryptographic equipment in the world markets — arouses a thought that cyber terrorism willfully holds back the development and manufacturing of information protection systems in Russia, including the legislation, to execute boundless and, most important, uncontrolled management of the state in future.

The largest scandal happened this year in France, Courchevel where a well-known businessman Prokhorov was involved. His mobile phone conversations were eavesdropped for a long time. Why do Russian businessmen take a bunch of guards with them, use armored cars and private plains for the security during journeys but they cannot protect their phone conversations? — Svetlana Kholodova, Moscow.

This is an interesting fact: American special services obtain a great amount of information important for them analyzing open information sources. The richer a man or the more famous he is the more information about him and on the persons he communicates with costs. This information may be sold at a big cost to interested persons or organizations.

The cost of this information quickly grows depending on the number of communicating people and their significance. At a certain stage the use of this information may bring huge profits and that is when such situations occur. Besides the profit may be not only financial but also political. Everything is based on a simple principle. A person may not always define the cost of his personal information. He would say: «I have nothing to hide.» With a thoughtless attitude like this towards the value of information he owns someone else would know perfectly well how to earn very much. In a number of cases wealth may cause some essential inconvenience, besides the advantages it has. One has to be always watched by his guards. It is prohibited to go alone where you wish. The circle of acquaintances should be limited, etc. I think the limitation for a VIP person to communicate over a standard mobile phone is not the largest limitation from the long list.

The head of security service of our company insists we should hold all confidential negotiations only in a specially equipped room for negotiations. How expedient is this solution? — Nikita, Murmansk.

I know businessmen who negotiate in a personal plain while flying to England. I call such a principle «a bunker» principle. This «bunker» principle causes the loss of speed of the state or company management during crisis situations when time is of key importance. The new informational century distinguishes new principles of business or company management. The success often depends on the speed of taking a decision observing a high level of confidentiality. Naturally no one rejects the advantages of protected negotiation rooms. But their advantages in combination with reliable cryptographically protected communication lines providing protection and quick transfer of data, voice and picture ensure appropriate flexibility and efficiency when serious economical and financial decisions are taken. Here is an interesting fact. We know from press and books that spies mainly use reliable ciphers to transfer information and they practically never meet couriers in person.

Maybe the problem of protecting business against cyber terrorism is of current importance in Moscow where business is super profitable and capital turnover is big. But what is the demand for your technologies in the regions? To what extent is business in the regions, where profits cannot be compared to those in Moscow, interesting for your company? — Vasily Petrovich.

The policy of our company is aimed at the cooperation with average, small and private business. That is why we are interested in the work with all the regions in Russia. We know that presently big industrial centers are being established in the regions like Siberia and Far East. Businessmen invest much in business. We have executed a marketing research of the consumption markets for our products. Approximately 70% of our potential clients are in the regions. The call us asking questions mainly from other regions but not from Moscow.

Is there a guarantee that some criminal structures won?t use your equipment against law-abiding citizens and companies? — Irina Lisina.

I think cryptographic equipment serves the aims of protection, but not attack. Criminal structures cannot use it against law-abiding citizens and companies.

What are the technical potential of special services in the sphere of cellular phone interception? Is it possible to track a person?s movements catching his mobile phone signal? — Semion Markovich Kruglov.

As for the technical potential of special services I suggest asking them. As for tracking the dislocation there are different charged services provided by cellular operators, you can apply to them to specify these possibilities. The service of tracking the dislocation has been existing in the world for a long time already and one of the cellular operators has already introduced this service in Russia.

Good afternoon! How is it possible to protect the content of negotiations to the maximum when they are held in «a fortuitous place». — Pavel.

There is a wide spectrum of appropriate equipment. There are acoustic suppressors creating interference, there are electronic microphone suppressors, radio suppressors, including intellectual GSM and CDMA network suppressors. The detectors of recording and transmission equipment also belong to this type of equipment.

Can a plain man understand that his phone conversations are eavesdropped? — Oleg Kiryanov.

Most often a person cannot understand it because modern interception systems are very effective. They are so effective that it is not possible to detect them without special equipment. There are indirect features that appear if the equipment is used improperly. Besides as a rule criminals do not possess highly technological equipment. That is why it is sometimes impossible to detect the interception. I shall name some indirect features: the battery is quickly discharged, radio pick-ups, strange calls when you see outgoing calls you haven? made or in the incoming calls you see the phone numbers that haven?t called you. There may be strange SMS messages. Voices of strangers may appear during the conversation, a sign that the GSM encryption is cancelled may appear on the display. There may be some other features.

Who has a right to intercept phone conversations without a notification of a subscriber? Under what lawful acts these actions may be executed? Who is the first to be eavesdropped? Authorities? According to what laws a journalist can be intercepted? -Authors of the question: Alexander, Nizhniy Novgorod, Irina, journalist, Kirov.

According to the present legislation only the subjects of operational-research organizations such as the Ministry of Interior, FSB, State Control, and others have the right to intercept phones. They can intercept phones only according to the court warrant. As for illegal interception by means of criminal System of operational-research activities state authorities are the objects for interception in the first place.

As for journalists, I think, they are working in the risk zone but unfortunately the editors do not equip the personnel engaged in journalist investigations with information protection means.

Anatoly Victorovoch, can a small enterprise without a personal security service effectively withstand competitors against the theft of commercial information nowadays? How can it do it if it can?- Georgy Lanko, Helsinki.

The security policy should be worked out. A small enterprise should realize the value of its information. The cost of losses in case of the possible theft should be defined according to the value of information. After that the organizational and technical activities to protect information are worked out. I suppose very often if the information protection means are correctly chosen an enterprise can withstand appropriate competitors and threats.

Beeline has an official service providing a possibility to find out the account balance of any subscriber. Isn?t it giving away a subscriber?s personal information and the intrusion into his private life? Are there legal arguments to call the company to account for it? Shall a company bear legal responsibility when a subscriber becomes an object fraud, for example in the frame of another service — «a mobile transfer» — when a subscriber can transfer money from his phone to another? It should be mentioned that no security measures are provided, for example the confirmation of the subcriber?s intention to transfer money. Is it possible to accuse the company in aid in this case? — Beeline subscriber, Cheboksary.

I suggest you should apply for the explanation to the legal department of «Vimpelcom» (Beeline) or to independent lawyers who can give you detailed explanation and recommendations on this subject.

Besides my business I want to protect the mobile phone conversations of the members of my family. Is it possible to create a closed group consisting of my family members so that no one intercepts us? — Irina? Moscow.

Yes. The technical capabilities of Ancort crypto smartphone make it possible for a family to create a group for confidential conversations between them.

Anatoly Victorovich, is there a minimal amount you start to work with your clients with? — Sergey, Ivanovo.

The exact amount is defined during the work with each concrete client. Our company often gives technical consultations on information security free of charge.

I have a small business, but the environment is very competitive and often there is a necessity to protect information. But I cannot spend much on the protection at once. Can small business count on your services? Do you have anything like subscriber service? — Alexey Nikolayevich, Moscow.

Obviously, you mean outsourcing — rendering our services to provide information security of your company. This service is not widely represented in Russia, but we are ready to discuss this matter. I think it will be a very perspective trend in future while small and average business is developing.

To what extent are your products competitive compared to Western analogues? And how can its price be compared with them? — Vyacheslav Vladimirovich, Saint-Petersburg.

We won several tenders among serious Western rivals. Our equipment is often superior to theirs by many technical parameters. The government organizations of several countries certified our cryptographic algorithms, our algorithms are acknowledged to be unbreakable. But for all that our cryptographic products are cheaper compared to the leading Western manufacturers.

Why, Russia has failed in practically all programs on the development of its own microprocessors and operation systems. So what should be done now not to depend on Bills Gates and the like when they are judging plain teachers. Besides his fault is doubtful. — Pavel.

Many people in the world do not want Russia to be a powerful technological state. It is advantageous for them that Russia is a raw material appendix depending on oil supply like a drug addict depends on drugs. The huge scientific and technical potential was systematically destroyed to give Western technologies the advantages. Unique developments were and are exported from Russia for free, then ready made products are imported in Russia. Presently the policy to support science intensive technologies should be fundamentally changed. The technological niches where Russia has a leading position should be defined, intensively developed and financed. The state should support highly technological companies not only their production on the territory of Russia but also when they enter foreign markets. The development of small and average business should be focused upon; at present they accumulate substantial scientific and technical personnel and developments. A state program for the favorable taxation and crediting of such technological companies should be worked out and the export of their products should be stimulated.

© Informational Agency REGNUM