Home Business IT Security Cyber espionage destroying trust, says Kaspersky

Cyber espionage destroying trust, says Kaspersky Featured
Get all your tech news delivered to your mail box five days a week
iTWire UPDATE - it's FREE!


Cybercrime is under control, says security guru Eugene Kaspersky, but cyber espionage is on the rise and poses a serious threat to international relations.

Eugene Kaspersky always draws a crowd. The Russian security entrepreneur was in fine form at Canberra’s National Press Club yesterday, expansively expounding his views on cyber crime and cyber espionage, and ways to combat them.

Cyber crime remains serious and has damaged the world economy, he said, but it is largely under control. It will never disappear, but the technology to combat it is now good enough that it will get no worse and will probably become less of a problem.

One reason for this, says Kaspersky, is that international cooperation to combat cyber crime is improving. “It’s an international problem, and it needs and international solution.” He said a major step forward will be Interpol’s new cyber crime division, which will be established in Singapore next year – with him as a consultant.

Of much greater concern to Kaspersky is cyber espionage. “There are so many of these now. Cyberspace was not designed with very good security. The technology involved in cyber espionage is much more sophisticated than that use in cyber crime.

“Cyber criminals usually look for random victims, but cyber spies have specific targets. They know you, and they know your computer systems, and they often have very large budgets, sometimes in the tens of millions of dollars. They can keep attacking until they get through.

“There is no such thing as 100% security. Everything can be broken, it’s ultimately just a question of how much money you can throw at it. The trick is to make the hack more expensive than the return.”

Kaspersky says that cyber espionage is extremely dangerous, for a number of reasons. It damages trust between nations, which leads to serious international problems. “That could ultimately lead to separate national Internet zones or, different networks for governments, large enterprises and consumers, which would mean less investment in the consumer Internet. But we probably don’t have enough software engineers for that to happen.”

Cyber espionage is serious, says Kaspersky, but an even bigger threat is from targeted attacks on critical infrastructure. “Fortunately there are not too many such attacks, but their frequency is increasing and they can cause major problems.”

He gave as examples the 2007 cyber attack on Estonia, which virtually brought the country to a standstill, and the 2010 Stuxnet attack on Iran’s nuclear facilities, which originated from Israel and the US. That malware attack caused serious problems to Iran, but Kaspersky said it was so virulent that it spread to some US industrial installations.

“This sort of malware has no borders. People around the world use the same hardware, the same software, the same comms gear. Attacks can spread to unintended places and cause serious collateral damage.”

One of the most serious such attacks, said Kaspersky, was against Saudi Aramco, Saudi Arabia’s national oil company, in 2012, which essentially shut down the company for two weeks. There have also been attacks in Brazil, Georgia, South Korea and other countries.

“They are even more expensive to guard against than cyber espionage attacks, and they can have extremely damaging consequences. It is hard to protect against them, because in many cases the systems were designed many years ago.

"I heard some US power companies are now looking for people who can program in PDP-11 assembler language, because that’s what some of their critical systems are written in.”

Kaspersky said he is paranoid – “I’m a security professional, it’s my job to be paranoid” – but ultimately optimistic. In a long Q&A session with the full house in the Press Club, he spoke about many of the issues to come out of Ed Snowden’s revelation about governments spying on their citizens.

“It’s back to trust, but ultimately it won’t matter. There will be no space for Ed Snowdens in the next generation, because they accept this stuff. They put everything online and they don’t care about privacy. I’m not saying that’s a good or bad thing – I’m not a judge – but that’s the way we’re headed.

“It will be a very different word in twenty years.”

ITWIRE SERIES - REVENUE-CRITICAL APPS UNDERPERFORMING?

Avoid War Room Scenarios and improve handling of critical application problems:

• Track all transactions, end-to-end, all the time and know what your users experience 24/7

• View code level details with context and repair problems quickly

• Fix problems in minutes before they wreak havoc

• Optimize your most important applications, Java, .NET, PHP, C/C++ and many more

Start your free trial today!

CLICK FOR FREE TRIAL!

ITWIRE SERIES - IS YOUR BACKUP STRATEGY COSTING YOU CLIENTS?

Where are your clients backing up to right now?

Is your DR strategy as advanced as the rest of your service portfolio?

What areas of your business could be improved if you outsourced your backups to a trusted source?

Read the industry whitepaper and discover where to turn to for managed backup

FIND OUT MORE!

Graeme Philipson

Graeme Philipson is senior associate editor at iTWire and editor of sister publication CommsWire. He is also founder and Research Director of Connection Research, a market research and analysis firm specialising in the convergence of sustainable, digital and environmental technologies. He has been in the high tech industry for more than 30 years, most of that time as a market researcher, analyst and journalist. He was founding editor of MIS magazine, and is a former editor of Computerworld Australia. He was a research director for Gartner Asia Pacific and research manager for the Yankee Group Australia. He was a long time IT columnist in The Age and The Sydney Morning Herald, and is a recipient of the Kester Award for lifetime achievement in IT journalism.

Connect