Eugene Kaspersky: 10 Big Threats Changing Security

Can Security Vendors 'Save The World?'

Eugene Kaspersky said he's been on a mission "to save the world." The growing sophistication of malware and complexity of attack techniques is putting that goal much further from reach than ever before, Kaspersky said. The Kaspersky Lab CEO joined hundreds of partners at the North American Partner Summit in Punta Cana, Dominican Republic, earlier this month.

In his presentation, Kaspersky talked about the growing seriousness of cyberespionage and the specter of cyberwarfare. Malware writers are selling their services, he said, creating a whole new cadre of cybermercenaries to create attacks. Malware designed to cause widespread damage is increasingly becoming a threat, he said. Kaspersky identified the 10 biggest threats impacting cybersecurity.

Traditional Criminals Turn Cyber

Kaspersky said his team is seeing signs that traditional criminal gangs are increasingly turning to cybercrime to smuggle goods and services past law enforcement. He pointed to reports of Latin American drug cartels increasingly using technology to get ahead of law enforcement. Reports point to kidnapping software engineers as proof of a potential problem.

Mobile Malware Just Getting Started

At least 90 percent of all mobile malware is targeted at users of Google Android devices. For now, much of the malware appears to be mainly SMS Trojans and mobile apps that act as spyware, overstepping user privacy. Kaspersky predicted a rise in more sinister threats. Already, security researchers have detected mobile banking malware and malware designed to eavesdrop on victims' calls, he said.

Hacktivist Threat Growing More Dangerous

Most cybercriminals are out to steal your money, but hacktivists are politically motivated and "they want to kill your business," Kaspersky said. The Kaspersky Lab CEO pointed to the 2007 attacks in Estonia, which brought Internet commerce to a standstill, as proof of the dangers posed by hacktivists.

Cyberespionage Could Hinder Technology Innovation

Nation-state sponsored cyberespionage attacks may result in fragmentation of the Internet, Kaspersky said. The activity, combined with the NSA surveillance program leaks, is prompting some countries to consider measures to control Internet commerce, including developing a new, more secure Internet, Kaspersky said. The growing potential of government regulation -- and the potential for communication disruption -- could result in a slowdown in innovative products and services, Kaspersky said.

Beware Of The Mask

Security researchers at Kaspersky Lab have uncovered a sophisticated attack tool that has been in use by a cyberespionage ring since 2007. The Mask toolkit creates malware that can evade detection and is currently believed to be one of the most advanced threats ever discovered. In addition to extremely sophisticated malware, Mac and Linux versions exist.

The Mask, named for the Spanish word "careto" or "mask," which was found in the codebase, has targeted government offices, energy and oil industry companies, research institutions and private equity firms. The number of victims is not known but the extent is believed to be massive, with more than 380 victims in at least 31 countries, including the U.S. The attack spreads via spearphishing email messages. Once a victim's system is infected, the malware steals all data on the system and remains undercover.

Growing Cyberweapon Dangers

Cyberarms created and maintained by military powers have the potential to root out critical infrastructure and cause widespread damage, Kaspersky said. Cybertools such as Stuxnet can take out industrial control systems maintaining sensitive processes, he said. "I'm afraid this is the worst innovation of this century because we now depend on [information technology]," Kaspersky said. "IT is everywhere."

No System Is Immune To Attack

Even Unix systems have been proven to be at risk to threats. The Blaster worm infected Windows computers, but it used a vulnerability that existed in both Unix and Windows. The Northeast blackout of 2003 impacted 10 million people in Ontario and 45 million people in eight U.S. states. Kaspersky said many factors caused the blackout. The "worm was partially responsible for the blackout," Kaspersky said.

Industrial Control Systems Awry

Industrial control systems are used to control a variety of functions, from traffic lights to prison cells, Kaspersky said. He pointed to a Washington Post report in 2013 of 500 cell doors simultaneously opening inside Montgomery County Correctional Facility in Boyds, Md., as what could happen in future potential threats. Cell-door locks also disengaged before being reset.
"It's possible to employ engineers to make these weapons," Kaspersky said. "It is possible to buy Russians, Romanians and Chinese."

Cyberattacks Turn Into Cyberterrorism

Sooner or later, cyberattacks will be classified as terrorist attacks, Kaspersky said. An attack on businesses in South Korea destroyed the data on thousands of PCs. Recently, an incident in Moscow shut down speed cameras so police could collect no penalties, Kaspersky said. Attacks against systems that appear to be minor can grow to attacks against nuclear power plants, he said. Officials in Japan acknowledged that a nuclear power plant had systems infected by malware. Investigators later determined it was financially motivated malware, and not terrorism, Kaspersky said.

The United States Is Most At Risk

"The most vulnerable nation in the world is the United States," Kaspersky said. "Europe is much better protected."
Kaspersky said the U.S. was the first nation to build systems that support the Internet and the first to develop technology innovations to extend it throughout the country. Other nations followed and since those systems are more modern, some security mechanisms have been built in to protect countries from potential problems, Kaspersky said. The Kaspersky Lab CEO has long been advocating for redundant systems and offline backup of critical data.