AusCERT 2012: Kaspersky says cyber-attacks could “take us back to the pre-electric era”

Eugene Kaspersky has reiterated his long-standing support for Internet IDs, and called for all SCADA systems to be redesigned around a secure operating system, to protect critical infrastructure from cyber-attack.

SCADA is so vulnerable, Kaspersky told the AusCERT audience: “It’s not possible to protect. Stuxnet told us that modern systems are not protected at all. SCADA could be very easy victims – the result of an attack could be like Stuxnet but everywhere.”

He said his company’s research suggests that malware costs the world economy $US100 billion each year, and noted other vendors estimates of the total trillion-dollar cybercrime industry mean that, “because of cybercrime, we have the equivalent of two or three Japanese tsunamis a year” of economic damage.

People “need to understand the danger of cyber-weapons and of cyber-war to ruin national infrastructure. Transportation, power-grids, power plants … it would take us back to the pre-electric era.”

“The only way to protect critical infrastructure – is to redesign SCADA systems based on a secure operating system. It is possible to do, but it requires a redesign of all the software for industrial systems.”

However, Kaspersky said, the only possible way to achieve such a radical redesign of the SCADA world would be with government support. He noted increased government awareness of Internet issues: “Governments have to be leaders … they have to make this world more regulated, more secure. The good news is that finally they recognize that cybercrime is a very serious issue.”

However, at the same time Kaspersky lamented the heavy-handedness of laws such as those being implemented in the UK.

Likewise, Kaspersky said, the increased participation of government in cyberwarfare leads him to believe that escalation is almost inevitable – and, he said, the similarities of different systems around the world means that a cyber-conflict between two countries could result in critical infrastructure attacks in unreleated countries.

“It’s our responsibility to design this world in a more secure way for our children,” was Kaspersky’s conclusion.

#auscert2012

Follow @CSO_Australia and sign up to the CSO Australia newsletter.

Join the CSO newsletter!

Error: Please check your email address.

More about CERT AustraliaKasperskyKasperskyTransportation

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Richard Chirgwin

Latest Videos

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

  • 150x50

    IDG Live Webinar:The right collaboration strategy will help your business take flight

    Speakers - Mike Harris, Engineering Services Manager, Jetstar - Christopher Johnson, IT Director APAC, 20th Century Fox - Brent Maxwell, Director of Information Systems, THE ICONIC - IDG MC/Moderator Anthony Caruana

    Play Video

More videos

Blog Posts

Market Place