International cooperation and advanced technology are the key requirements to survive the age of cyber warfare, Eugene Kaspersky, chief executive and co-founder of Kaspersky Lab, said on Tuesday.
“In the long run, cyber warfare is where all parties lose: attackers, victims and even uninvolved observers. Unlike traditional weapons, tools used in cyber warfare are very easy to clone and reprogram by adversaries,” Kaspersky said in his keynote speech at ITU Telecom World 2012 conference in Dubai.
Cyber attacks pose the greatest danger to countries and their populations should they target the key information infrastructure that controls and manages critically important installations, like power stations, reservoirs, electricity grids, pipelines, transportation and telecommunications networks, he said.
“The most important move to survive in this environment is the development and deployment of a new, advanced security paradigm for the most critical infrastructure,” he said.
Highlighting the dangers of the cyber arms race, he showcased Kaspersky Lab’s approach to protecting vulnerable industrial systems. Kaspersky described the essential measures to protect industrial control systems. A new, secure unit to obtain trusted workflow information is the first step towards an efficient protection against cyber warfare.
“In response to such challenges, Kaspersky Lab is working on a secure operating system, which will serve as the trusted node for industrial control systems.
“We can’t let cyber warfare stall human progress, as it threatens not only governments and businesses, but regular people as well,” he said.
“Our first priority is to make sure that cyber threats will not affect critical infrastructure. This goal has to be understood and embraced by all involved parties, on an international level.”
Kaspersky said cyber warfare is a universal threat with no respect to borders. Its impact on the most critical industrial systems can be disastrous. Therefore, proper protection of vulnerable industrial systems is the top priority.
He observed that traditional malware already has notable side effects on critical infrastructure.
He pointed out that causes of events like the 2003 blackout in the US and Canada were results of both a software failure and an inability to monitor the real state of energy systems
“Furthermore, the ongoing escalation of the cyber arms race increases this problem. Stuxnet and Duqu were uncovered in 2010 and 2011. Gauss and Flame were unveiled in 2012 as well as the targeted miniFlame tool.
The founder of the world’s leading IT security company said it was the Stuxnet worm that became the first cyber weapon whose deployment became well known to the general public. “Intentional or not, the people behind Stuxnet opened a Pandora’s box — showing the world how effective an attack on an industrial facility can be. It’s easy for just about anyone to comprehend the potentially devastating effects of a possible future attack on installations in the energy, industrial, financial or other spheres.”
“In the past, states resorted to diplomatic, economic and military means to uphold their geo-political interests; now, instead of warplanes, rockets, tanks and battleships they can deploy specialised malware to achieve their ends. If successfully deployed, cyber weapons not only produce the desired effect but do so at a fraction of the cost and with a minimum of noise — ideally, anonymously,” he said.