Eugene Kaspersky always draws a crowd. The Russian security entrepreneur was in fine form at Canberra’s National Press Club yesterday, expansively expounding his views on cyber crime and cyber espionage, and ways to combat them.
Cyber crime remains serious and has damaged the world economy, he said, but it is largely under control. It will never disappear, but the technology to combat it is now good enough that it will get no worse and will probably become less of a problem.
One reason for this, says Kaspersky, is that international cooperation to combat cyber crime is improving. “It’s an international problem, and it needs and international solution.” He said a major step forward will be Interpol’s new cyber crime division, which will be established in Singapore next year – with him as a consultant.
Of much greater concern to Kaspersky is cyber espionage. “There are so many of these now. Cyberspace was not designed with very good security. The technology involved in cyber espionage is much more sophisticated than that use in cyber crime.
“Cyber criminals usually look for random victims, but cyber spies have specific targets. They know you, and they know your computer systems, and they often have very large budgets, sometimes in the tens of millions of dollars. They can keep attacking until they get through.
“There is no such thing as 100% security. Everything can be broken, it’s ultimately just a question of how much money you can throw at it. The trick is to make the hack more expensive than the return.”
Kaspersky says that cyber espionage is extremely dangerous, for a number of reasons. It damages trust between nations, which leads to serious international problems. “That could ultimately lead to separate national Internet zones or, different networks for governments, large enterprises and consumers, which would mean less investment in the consumer Internet. But we probably don’t have enough software engineers for that to happen.”
Cyber espionage is serious, says Kaspersky, but an even bigger threat is from targeted attacks on critical infrastructure. “Fortunately there are not too many such attacks, but their frequency is increasing and they can cause major problems.”
He gave as examples the 2007 cyber attack on Estonia, which virtually brought the country to a standstill, and the 2010 Stuxnet attack on Iran’s nuclear facilities, which originated from Israel and the US. That malware attack caused serious problems to Iran, but Kaspersky said it was so virulent that it spread to some US industrial installations.
“This sort of malware has no borders. People around the world use the same hardware, the same software, the same comms gear. Attacks can spread to unintended places and cause serious collateral damage.”
One of the most serious such attacks, said Kaspersky, was against Saudi Aramco, Saudi Arabia’s national oil company, in 2012, which essentially shut down the company for two weeks. There have also been attacks in Brazil, Georgia, South Korea and other countries.
“They are even more expensive to guard against than cyber espionage attacks, and they can have extremely damaging consequences. It is hard to protect against them, because in many cases the systems were designed many years ago.
"I heard some US power companies are now looking for people who can program in PDP-11 assembler language, because that’s what some of their critical systems are written in.”
Kaspersky said he is paranoid – “I’m a security professional, it’s my job to be paranoid” – but ultimately optimistic. In a long Q&A session with the full house in the Press Club, he spoke about many of the issues to come out of Ed Snowden’s revelation about governments spying on their citizens.
“It’s back to trust, but ultimately it won’t matter. There will be no space for Ed Snowdens in the next generation, because they accept this stuff. They put everything online and they don’t care about privacy. I’m not saying that’s a good or bad thing – I’m not a judge – but that’s the way we’re headed.
“It will be a very different word in twenty years.”