Security Market Segment LS
Wednesday, 24 May 2017 10:06

Eugene Kaspersky – I have some good news and some bad news (CeBIT keynote) Featured

By

Eugene Kaspersky, founder of the anti-virus/malware/cyber security company of the same name started his keynote speech at CeBIT with the old “good and bad news” gambit.

“The very good news is that Australia has world-class connectivity to the Internet. The very bad news is that it opens Australia up to the poisoned cyber environment that is the Internet,” he said in a thick Russian accent.

Kaspersky was there to speak about the threat landscape in Australia and in particular of the issues faced by critical infrastructure. He warned audiences, “Cyber crime costs the world $600+ billion per year, which is almost 40% of Australia’s GDP.”

“There is good news and very bad news. Cyber criminals are well funded, organised and looking to grow profit from a $600 billion industry. We can’t go back and disconnect everything from the Internet. The good news is that there are equally people, governments, and companies willing to try and make the connected world a safe place. We have a lot of work to do and we will prevail.”

Windows (all versions) still has the biggest threat payload with 473 million threats/variations, with Android at 23 million, macOS at 53,000, Linux at 33,000, and iOS at 600. “Windows threats are largely from old style hackers who use unpatched vulnerabilities perhaps a decade old, there is not much innovation there, they go after low-hanging fruit,” he said referring to its 90%-plus share of the desktop market.

“The new style of hacker is looking to compromise iOS, macOS, Android and Linux, but it is hard to find Mac or iOS engineers to turn to the dark side – Windows, there are plenty of old engineers. The fast growth of Linux threats today is more about Internet of Things and smart devices,” he said.

He was concerned that the increasing iOS and macOS attention seemed to be perpetrated by “state-sponsored” attacks, “to get secrets from their iPhones.” He later commented in a press conference that every operating system has flaws and there is inordinate attention being paid to the Apple camp.

“I have some good news and some very bad news. Now with the industrial revolution 4.0, we have advanced artificial intelligence (AI) and machine learning (ML) to sift through the 600,000 unique attacks we see daily and identify about 300,000 new variations most days. The very bad news is that the bad guys have the same, if not better, AI and ML working out how to get around our defences,” he said.

“I have some good news and some very bad news. Australia has its own cyber security division – good. But Russian cyber criminals are very good due to our heavy educational emphasis on engineering. The Chinese, Koreans (both North and South), other Asian nations, India, the US, parts of Europe are very good cyber criminals too. Many 'states' have cyber weapons and many have military cyber divisions ready to bring down enemy infrastructure,” he said.

“The bad news for Australia is that it is far behind other nations. The good news is that you can, and are quickly learning, from the best like Israel and Singapore. The problem with security is that humans are simply not designed to care until it happens to them. The media needs to repeat the message that it is everyone’s responsibility to think about cyber security and protect their assets,” he said.

Kaspersky made comments about critical infrastructure which are paraphrased below.

He started by saying that there were more smart devices (IoT) than smart humans and more and more attacks would focus on IoT as we enter the Industrial Revolution 4.0 where the machines take on even greater roles. “There is a zoo of different devices, many vulnerabilities, and not many businesses recognise that anything with an IP address (whether directly connected or off-line) is a target,” he said.

  1. Modern electric power grids are crucial elements of global technological infrastructure that are heavily relied on. At the same time, they are complex networks, with integrated automation and control functions. However, most of the software they use is likely to have vulnerabilities, and they are connected to the Internet making them a possible attack target.

He cited the 2015 power blackouts in the Ukraine. The cyber attack was a sabotage attack. Not only did it take down the power, but it wiped data, deleted SCADA (supervisory control and data acquisition) controller software and made it hard to restore. If it was not for the fact that Ukraine has older manual control systems with SCADA bolted on, it could not have recovered. He commented that no electricity is equal to no civilisation.

But the use of SCADA also opened the way for cyber criminals to make money. He cited an instance of increasing the volume of petrol in storage tanks by hacking the SCADA controllers to increase the temperature slightly – petrol volume expands when it is hotter.

  1. Transport is vulnerable. Autonomous cars are particularly vulnerable if a cyber criminal has physical access – it is possible to “own the car” and drive it [referring to the fly-by-wire technology used in modern cars where there is physically no steering shaft or connection to critical things like brakes).

He joked that in times gone by pilots used to comment that in a Boeing aircraft pilots were more useful than computers whereas in an Airbus computers controlled everything and the converse was true. It is possible to hack ships, trains, planes and more.

  1. Telecoms provides the IP backbone used to connect every device. There have been successful attacks on that backbone paralysing the areas involved.
  1. Financial services are a target where is it possible to damage, if not take down banks, insurance and more.
  1. Health is already a target for patient records but also potentially for ransomware. It is one of the most vulnerable as it uses lots of legacy equipment.
  1. Governments are moving to a digital model and are increasingly vulnerable to surveillance, hacking, sabotage and disruption.

Cyber criminals are in it for the money. Cyber terrorists are in it for sabotage and disruption.

He did not have an answer to all these issues except to say, “The days when cyber security was about protecting computers and mobile devices are long gone. We need to protect everything digital now and in the near future. On both the individual and mass level – including critical and national security. As long as there is a physical element to your business and high volumes of data, there is a prime target where cyber criminal activity can occur.”

kASPERSKY cEbit 

Read 4738 times

Please join our community here and become a VIP.

Subscribe to ITWIRE UPDATE Newsletter here
JOIN our iTWireTV our YouTube Community here
BACK TO LATEST NEWS here




ELASTICON SYDNEY 2024 LATEST ADVANCEMENTS IN GENERATIVE AI

On 20 February, keynote addresses from NAB, Canva, AWS, and Google Cloud, among others, will feature at ElasticON Sydney 2024.

This event will explore the latest advancements in generative AI

The one-day conference, hosted by leading search analytics company Elastic, will include networking drinks, hands-on labs, technical sessions and a stellar line-up of keynote speakers from finance, technology, and government e=sectors.

ElasticON Sydney 2024 promises to be an enriching experience with a comprehensive exploration of the latest developments in security, observability, generative AI and their real world applications

Don't miss out on this opportunity to network and find answers for what's next from your industry peers and leaders


Register for ElasticON Sydney 2024

REGISTER HERE!

PROMOTE YOUR WEBINAR ON ITWIRE

It's all about Webinars.

Marketing budgets are now focused on Webinars combined with Lead Generation.

If you wish to promote a Webinar we recommend at least a 3 to 4 week campaign prior to your event.

The iTWire campaign will include extensive adverts on our News Site itwire.com and prominent Newsletter promotion https://itwire.com/itwire-update.html and Promotional News & Editorial. Plus a video interview of the key speaker on iTWire TV https://www.youtube.com/c/iTWireTV/videos which will be used in Promotional Posts on the iTWire Home Page.

Now we are coming out of Lockdown iTWire will be focussed to assisting with your webinars and campaigns and assistance via part payments and extended terms, a Webinar Business Booster Pack and other supportive programs. We can also create your adverts and written content plus coordinate your video interview.

We look forward to discussing your campaign goals with you. Please click the button below.

MORE INFO HERE!

BACK TO HOME PAGE
Ray Shaw

joomla stats

Ray Shaw ray@im.com.au  has a passion for IT ever since building his first computer in 1980. He is a qualified journalist, hosted a consumer IT based radio program on ABC radio for 10 years, has developed world leading software for the events industry and is smart enough to no longer own a retail computer store!

Share News tips for the iTWire Journalists? Your tip will be anonymous

Subscribe to Newsletter

*  Enter the security code shown:

WEBINARS & EVENTS

CYBERSECURITY

PEOPLE MOVES

GUEST ARTICLES

Guest Opinion

ITWIRETV & INTERVIEWS

RESEARCH & CASE STUDIES

Channel News

Comments