
People and computers sat recently with Eugene Kaspersky, the head of Kaspersky lab, for an interesting and long, tell-all conversation. For our reader’s convenience, we are publishing this interview in two parts – in the first one Mr. Kaspersky shares his thoughts about new security threats, talks about the history compared to the present and even relates to the exciting world of cyber threats in the world of the Internet of Things.
Can you please elaborate about the new security threats?
“The most dangerous looming cyber threat today is the possibility of the use of sophisticated malware in order to physically damage critical infrastructure. Such an attack may be a result of a full-blown cyber war between nations or a terrorist attack. We live in a world where everything, from nuclear power stations and chemical plants to banking and telecommunications, is computerized, and therefore potentially vulnerable to cyber attacks.
“This is not a brand new threat – it has been known about for some years, particularly after the discovery of Stuxnet – the first known cyber weapon to be deployed to physically damage industrial systems. But this is the sort of cyber attack that can potentially be extremely devastating and even deadly.
“However, the threat from cyber weapons remains only a potential one as yet, but the widespread use of cyber-espionage has already become a very big issue for the whole of the world. Spying on the web is massive and is growing fast. There are two problems here: first, it destroys the trust between governments and fosters global paranoia at the time when we need global cooperation to tackle the huge problems the world is facing, including cybercrime and the threat of cyber terrorism. Second, sophisticated cyber-espionage tools are just a step away from cyber weapons. In fact, the border may be sometimes blurred. If malware can invade a system to steal critically important data, it most probably can wipe it out too – causing massive damage as well. There is also the problem that you can’t really trust data that was stored in a compromised system. What if a targeted attack was used to amend it? What if some critical process is dependent on numbers in a database that has been hacked?
“On an ordinary user level, the growing tide of mobile malware is a big problem. People so far are mostly not concerned with the protection of their tablets or Smartphones. But mobile malware has already become a lucrative business for cybercriminals, and it’s growing very fast.
“Just to illustrate how dependent we are on computer systems, last year a tunnel in Haifa was shut down after a security camera malfunction. I cannot say if it was a sabotage attack, or just a computer glitch, but it was yet another demonstration of how our lives are dependent on IT systems.”
What is the difference between past threats and recent/future ones?
“In the beginning malware – the first computer viruses – was designed by researchers to explore the limitations of software systems. Scientific curiosity was the key driver for them. The next big group of virus writers was made up of hooligans. Young geeks were creating malware to raise havoc and have fun. When hundreds of millions of people started using the Internet and when various online services emerged, professional cybercriminals came in. Their motivation is simple – they want to steal money.
The whole cybercrime ecosystem is now diverse and well developed. It’s like the classic supply chain in proper business: one gang creates malware, another gang buys it and infects users, a third one buys a ready bot-net and uses it for its own purposes. The gangs themselves are also organized as proper businesses; they even have different departments, HR and marketing, they have discounts for loyal partners and even customer support. Cybercrime today is global and very profitable. The latest addition to the threat landscape has come from security services or from professional groups of hackers working on behalf of governments, or whoever pays. They are designing and deploying sophisticated cyber-espionage systems. There are probably hundreds of such attacks happening every year and they are causing immense damage, not only to their victims, but also by poisoning trust at the international level. Most probably governments are developing cyber weapons as well that can be used to attack computer systems running various physical objects. The result of this is that cyber threats are getting more and more sophisticated, and we’re very afraid that weapons-grade malware will get into the hands of organized crime. Or cyber terrorists, god forbid.”
In your opinion, is cyber the continuation of information security, a marketing term, or a new and wide dimension of threats?
“Cyber is a useful catch-all term to describe anything related to computers, networked technologies, virtual reality and similar things. In this sense, the emergence of the cyber domain – the Internet, computerized industrial systems, etc., etc. has created massive benefits and opportunities for the whole of humanity, but all this comes with a price to pay, which is this whole new dimension of cyberthreats of course. Today there is wide awareness that Windows-based computer systems require protection. But it wasn’t like that all the time. This awareness arose as a result of major cyber attacks, such as the Chernobyl virus, which caused massive damage, ILOVEYOU and Slammer worm epidemics, etc., etc. But the problem is that other systems – including the ones that operate massive industrial machines and all sorts of networked devices in the IoT – are vulnerable as well. And we need to change our mindset and understand that security concerns should be a priority in designing and running them.”
Does the internet of things widens the threats, and how’s so?
“Oh yes, it does. Any networked device has a computer run by an operating system, and most probably the software has vulnerabilities. We are coming to a situation when there soon will be tens of billions of various networked devices in the world, from cars to fridges and toasters, which have an Internet connection and that can be hacked. Of course, most cybercriminals would be interested only in targets that can bring them relatively easy profits. But if a device is not well protected, it can be hacked by a low-qualified criminal for profit or just for fun. If you own a smart house that has an e-lock or a security system packed with vulnerabilities, it would be a blessing for burglars. With the IoT, the range of cyber threats is expanding like a supernova. Technically there’s pretty much no difference between a hack of a laptop or washing machine or whatever. So a massive cyber attack on IoT devices is just a matter of time and economic feasibility.”
What do you think of on the state of the security market, especially about some of the latest Large acquisitions that were made?
“I don’t really like commenting on what’s happening with our competitors. I wish the best luck to all of them; after all, we are together in the boat of protecting the world from cyber threats, and I think that competition in the industry is fostering innovation and progress. But our business is to be at the top of the game, and that is exactly what we are doing.”
For Part 2 of the interview, please click here.