‘Very bad incident’ awaits critical infrastructure
11 March 2015 | 0
Cyberterror attacks against power grids, water supply systems, chemical plants and other critical infrastructure loom as a threat that could become harsh reality before slow-moving agencies act to secure them better, says the head of Kaspersky Lab.
Organisations that run these facilities using supervisory control and data acquisition (SCADA) gear are still gathering data about threats and are not close to implementing new defences to counter them, said Eugene Kaspersky, founder and CEO of the company.
“I’m afraid some very bad incidents will occur” before they spring for improvements, he says. Organisations with critical infrastructure to protect are even slower to move on security infrastructure upgrades than corporate enterprises, which are pretty slow, he said.
After determining the threats these organisations still need to discuss the risks and develop strategies for dealing with them. “The good news: Not a lot of attacks like this are happening,” Kaspersky said.
Threat against critical infrastructure is increasing and at the same time potential adversaries are learning techniques from the exposure of sophisticated state-sponsored cyberattacks
Kaspersky Labs is celebrating its 10th year with offices in North America, and Kaspersky was speaking at a lunch with reporters held to celebrate that anniversary.
He said Kaspersky engineers are contributing to work toward a secure operating system for the control systems environment.
And the company has created a cybersecurity board game that it brings around to conferences and customer sites that simulates a power company under cyberattack. Teams play Kaspersky Industrial Protection Simulation to protect their infrastructure, but it’s a tough game. “Not many of them are able to survive,” Kaspersky said.
The threat against critical infrastructure is increasing and at the same time potential adversaries are learning techniques from the exposure of sophisticated state-sponsored cyberattacks, he said.
Conventional criminals like drug smugglers are already hiring software engineers to write malware that helps them carry out their illegal activities through computer networks because it is simpler, safer and less expensive. It’s easier to infect the computer system of a port and create a record that certain cargo has already been inspected than it is to sneak it by inspectors, he said.
The next step is for cyber terrorists to follow suit and employ very professional software engineers to carry out attacks. “I don’t predict any scenario that is greater than cyber terrorism,” Kaspersky said.
To better battle attackers requires better cooperation between various security services within countries but also internationally, he said. “Services need to talk to each other,” he said. Laws that mandate reporting cyber activities are needed and users and security professionals in corporate settings need to be educated about how to recognise attack attempts. Kaspersky said it’s important to decrease the window of opportunity for criminals by making detection and remediation happen so fast they have little time to do damage even if they do compromise networks.
State-sponsored attacks are becoming more widespread, he said. The number of different languages within attack code is increasing, with English, Chinese and Russian the most common, but also French, Spanish and just recently Arabic in code for an advanced persistent threat.
Tim Greene, IDG News Service