“The very good news is that Australia has world-class connectivity to the Internet. The very bad news is that it opens Australia up to the poisoned cyber environment that is the Internet,” he said in a thick Russian accent.
Kaspersky was there to speak about the threat landscape in Australia and in particular of the issues faced by critical infrastructure. He warned audiences, “Cyber crime costs the world $600+ billion per year, which is almost 40% of Australia’s GDP.”
“There is good news and very bad news. Cyber criminals are well funded, organised and looking to grow profit from a $600 billion industry. We can’t go back and disconnect everything from the Internet. The good news is that there are equally people, governments, and companies willing to try and make the connected world a safe place. We have a lot of work to do and we will prevail.”
|
“The new style of hacker is looking to compromise iOS, macOS, Android and Linux, but it is hard to find Mac or iOS engineers to turn to the dark side – Windows, there are plenty of old engineers. The fast growth of Linux threats today is more about Internet of Things and smart devices,” he said.
He was concerned that the increasing iOS and macOS attention seemed to be perpetrated by “state-sponsored” attacks, “to get secrets from their iPhones.” He later commented in a press conference that every operating system has flaws and there is inordinate attention being paid to the Apple camp.
“I have some good news and some very bad news. Now with the industrial revolution 4.0, we have advanced artificial intelligence (AI) and machine learning (ML) to sift through the 600,000 unique attacks we see daily and identify about 300,000 new variations most days. The very bad news is that the bad guys have the same, if not better, AI and ML working out how to get around our defences,” he said.
“I have some good news and some very bad news. Australia has its own cyber security division – good. But Russian cyber criminals are very good due to our heavy educational emphasis on engineering. The Chinese, Koreans (both North and South), other Asian nations, India, the US, parts of Europe are very good cyber criminals too. Many 'states' have cyber weapons and many have military cyber divisions ready to bring down enemy infrastructure,” he said.
“The bad news for Australia is that it is far behind other nations. The good news is that you can, and are quickly learning, from the best like Israel and Singapore. The problem with security is that humans are simply not designed to care until it happens to them. The media needs to repeat the message that it is everyone’s responsibility to think about cyber security and protect their assets,” he said.
Kaspersky made comments about critical infrastructure which are paraphrased below.
He started by saying that there were more smart devices (IoT) than smart humans and more and more attacks would focus on IoT as we enter the Industrial Revolution 4.0 where the machines take on even greater roles. “There is a zoo of different devices, many vulnerabilities, and not many businesses recognise that anything with an IP address (whether directly connected or off-line) is a target,” he said.
- Modern electric power grids are crucial elements of global technological infrastructure that are heavily relied on. At the same time, they are complex networks, with integrated automation and control functions. However, most of the software they use is likely to have vulnerabilities, and they are connected to the Internet making them a possible attack target.
He cited the 2015 power blackouts in the Ukraine. The cyber attack was a sabotage attack. Not only did it take down the power, but it wiped data, deleted SCADA (supervisory control and data acquisition) controller software and made it hard to restore. If it was not for the fact that Ukraine has older manual control systems with SCADA bolted on, it could not have recovered. He commented that no electricity is equal to no civilisation.
But the use of SCADA also opened the way for cyber criminals to make money. He cited an instance of increasing the volume of petrol in storage tanks by hacking the SCADA controllers to increase the temperature slightly – petrol volume expands when it is hotter.
- Transport is vulnerable. Autonomous cars are particularly vulnerable if a cyber criminal has physical access – it is possible to “own the car” and drive it [referring to the fly-by-wire technology used in modern cars where there is physically no steering shaft or connection to critical things like brakes).
He joked that in times gone by pilots used to comment that in a Boeing aircraft pilots were more useful than computers whereas in an Airbus computers controlled everything and the converse was true. It is possible to hack ships, trains, planes and more.
- Telecoms provides the IP backbone used to connect every device. There have been successful attacks on that backbone paralysing the areas involved.
- Financial services are a target where is it possible to damage, if not take down banks, insurance and more.
- Health is already a target for patient records but also potentially for ransomware. It is one of the most vulnerable as it uses lots of legacy equipment.
- Governments are moving to a digital model and are increasingly vulnerable to surveillance, hacking, sabotage and disruption.
Cyber criminals are in it for the money. Cyber terrorists are in it for sabotage and disruption.
He did not have an answer to all these issues except to say, “The days when cyber security was about protecting computers and mobile devices are long gone. We need to protect everything digital now and in the near future. On both the individual and mass level – including critical and national security. As long as there is a physical element to your business and high volumes of data, there is a prime target where cyber criminal activity can occur.”