Everyone in the industry is eager to hear what he has to say. For a man who has made secrecy his art, he rarely divulges genuine information about what is really happening under the surface of the cyberwars we are increasingly hearing about on the news. There are occasions, however, where he will utter a few sentences that set off controversy.
For 15 years, he has led his company, that now is a market leader with global reach. It is currently active in nearly 200 countries, providing security for over 300 million Internet users. He is considered an expert in his field. The company he owns has scored a number of considerable, important successes in snuffing out viruses, Trojan horses, and other digital parasites. His multinational team of specialists is now looking for an Israeli crew that can bolster Kaspersky Labs’ formidable international cachet.
“In cyberwarfare, you need generals,” Kaspersky told Israel Hayom in an exclusive interview. “A long time ago, I was one of the best. Today, I am not so young. The young people think faster,” he said.
Last year, Kaspersky warned of an onslaught of increasingly fierce cyberattacks, and this year it is getting worse, he says. “Every public or commercial organization is attacked hundreds of times every day, and some of these organizations are not even aware that they are being attacked,” he said. “There is a tremendous global shortage of digital security engineers. Just a short crash course could spare an organization serious damage while raising awareness among the workers.”
Kaspersky said that it is imperative for government and privately owned entities to cooperate on this front.
Israel Hayom: Are we currently in the throes of an international cyberwar?
“This is a worldwide phenomenon. The targets are usually governments, government agencies, embassies, political organizations, and even scientific organizations. The last attack that we uncovered involving the NeTraveller virus was aimed at all of these targets. Still, we have yet to see a real war. A war is a daily struggle.”
How many large-scale cyberattacks have taken place to this day?
“You can count them on one hand, but the pace of attacks is growing. Today there are various kinds of cyberattacks, and criminal organizations are entering this field and offering their services to governments and commercial companies. They have their own forums, their own social networks, and they run their own parallel world. Unfortunately, many countries suffer from these cyberwars.”
You are supposed to help the good guys stop the bad guys. If so, why did you reveal the Stuxnet [The Stuxnet computer worm of 2010, which destroyed several Iranian nuclear centrifuges, was revealed as a joint U.S.-Israeli cyberweapon aimed at specific Iranian nuclear facilities]?
“That virus spun out of control. Although it was intended to stop the progress of Iran’s nuclear program, it also damaged 100,000 computers all over Europe. There was a need to stop it. Cyberwars act like boomerangs. In the real world, when you launch a missile, it hones in on a target and then it is completely destroyed. A virtual missile, however, is not destroyed. The attacking side could intercept it, change a few lines of code, and send it back to whoever launched it in the first place. So it would be advisable for governments not to enter cyberwars because in a boomerang war there are no winners.”
The Stuxnet worm, which allegedly attacked the Natanz plant by altering the frequency at which motors connected to gas centrifuges that separate uranium isotopes turn, formed part of a wave of digital attacks on the country in 2009 and 2010.
The Stuxnet virus sabotaged Iranian centrifuges and in some cases caused them to spin out of control – Photo: Press TV screen grab
Where do most of the attacks originate?
“It’s hard to pinpoint one specific culprit. You could see fingerprints of a number of difference sources in English, Spanish, Portuguese, Russia, the Chinese. Today there are more than 10,000 groups and individuals who wage cyberwar around the world. Still, it is safe to say that behind every cyberoffensive are states and governments. It is hard to gauge where the attacks come from because the language they ‘speak’ could be for camouflage purposes. Without pointing a finger at anyone, many of the attacks are encoded in Chinese. That does not mean we can definitively state that they originate with the Chinese government, but there are not many other possibilities.”
The motive: Money
Kaspersky argues that there are currently three kinds of cyberattacks: criminal; industrial espionage, like Stuxnet, which was a virus designed to spy; and injurious attacks that are solely designed to cause damage and not gather information. Interpol has established a special unit whose task is to counter these attacks. A number of local police departments have also adopted a similar approach.
Espionage is particularly problematic. There is cyberactivity initiated by governments, while criminals operate at the behest of governments, Kaspersky asserts.
There are also cyber criminals who sell the information to governments who express interest. The most dangerous type of cyberwarfare is that which threatens vital infrastructure like water, electricity, oil supplies, and telecommunications systems.
“What really scares me is possible attacks on critical infrastructure,” Kaspersky says. “It’s only a matter of time before we see a ‘cyber Armageddon'”
What happens in this kind of cyberwar?
“One attack [in South Korea] caused the shut-down of 40,000 computers, and companies were unable to operate. An attack on the Saudi ARAMCO company paralyzed it for two weeks. An attack on telecommunications systems in Estonia in 2007 caused an Internet blackout in the entire country. There are not many such attacks, but they are very dangerous and they are happening at an increasing frequency.”
One impression that has been created is that data security companies like yours have profited from these attacks. Perhaps you are stirring up a sense of panic when there really isn’t a problem at all?
“If you go to a hospital and ask doctors whether they are happy that an epidemic broke out, they’ll tell you, ‘No.’ This is my job, but I am not happy that there is more work to do. It is easy to predict what the future will look like because we see how sensitive the world is and how the bad guys are growing more sophisticated.”
What are the motives of cyber criminals?
“Money. They set out on espionage missions because they know someone will buy the information they possess. All the information is on the Web, and it is possible to copy it and steal it. There are many espionage attacks because the price of information is at a premium. Attacks on infrastructure are motived mainly by political considerations.”
The secretive Flame espionage worm is thought to be related to the Stuxnet super virus – Photo: EFP
Does Israel have reason to worry about an Iranian cyberoffensive?
“Most of the attacks ‘speak’ Chinese. There is a lot of Portuguese, Russian, and English. We do not see a lot of attacks from Iran. It is pretty negligible. Israel is no different from other countries because it is a victim like all the others. But due to the political situation in Israel it is one of the more preferred victims in the region. As a state, it will have to face big challenges in defending itself from cyberattacks.”
What about personal information belonging to each and every one of us? Now we hear the American administration is monitoring people’s phones and Internet accounts.
“For years we have been aware of the administration’s demand to receive information. There are reports that Sweden is monitoring traffic from Russia. I am sure that a lot of countries do the same thing. The PRISM project in the U.S. is nothing new. This has been the reality for quite some time. If you use a credit card, if you use the Internet, there is information about you out there. Some say that it is an invasion of privacy, but there is no other option in cyberspace unless you start conducting your affairs in Chinese. In that case there will be less people tracking you because not many people know Chinese.”
So what do you recommend that we do in order to feel safer from cyber criminals?
“If private customers do not pay attention to the issue of security, cyber criminals will be happy to penetrate their computers and turn into the terrorists of the future. Business entities are on the front lines and they need to fend off professional attacks. It is a question of educating employees. As for the critical infrastructures, there needs to be tighter regulation that sets guidelines governing protected computer systems. Today, everyone builds a system as they see fit. In telecommunications and other critical infrastructures, there needs to be greater supervision. Governments need to decide to undertake more international cooperation against sabotage attempts on the Web.”
View original Israel Hayom publication at: http://www.israelhayom.com/site/newsletter_article.php?id=9983