Kaspersky: ‘A very bad incident' awaits critical infrastructure

Cyber attacks against power grids, water supply systems, chemical plants and other critical infrastructure loom as a threat that could become harsh reality before slow-moving agencies act to secure them better, says the head of Kaspersky Lab.

Cyber-terrorism attacks against power grids, water supply systems, chemical plants and other critical infrastructure loom as a threat that could become harsh reality before slow-moving agencies act to secure them better, says the head of Kaspersky Lab.

Organizations that run these facilities using supervisory control and data acquisition (SCADA) gear are still gathering data about threats and aren't close to implementing new defenses to counter them, says Eugene Kaspersky, founder and CEO of the company.

"I'm afraid some very bad incidents will occur" before they spring for improvements, he says. Organizations with critical infrastructure to protect are even slower to move on security infrastructure upgrades than corporate enterprises, which are pretty slow, he says.

After determining the threats these organizations still need to discuss the risks and develop strategies for dealing with them. "The good news: Not a lot of attacks like this are happening," Kaspersky says.

Kaspersky Labs is celebrating its 10th year with offices in North America, and Kaspersky was speaking at a lunch with reporters held to celebrate that anniversary.

He says Kaspersky engineers are contributing to work toward a secure operating system for the control systems environment.

And the company has created a cyber security board game that it brings around to conferences and customer sites that simulates a power company under cyber attack. Teams play Kaspersky Industrial Protection Simulation to protect their infrastructure, but it's a tough game. "Not many of them are able to survive," Kaspersky says.

The threat against critical infrastructure is getting greater and at the same time potential adversaries are learning techniques from the exposure of sophisticated state-sponsored cyber attacks, he says.

Conventional criminals like drug smugglers are already hiring software engineers to write malware that helps them carry out their illegal activities through computer networks because it is simpler, safer and less expensive. It's easier to infect the computer system of a port and create a record that certain cargo has already been inspected than it is to sneak it by inspectors, he says.

The next step is for cyber terrorists to follow suit and employ very professional software engineers to carry out attacks. "I don't predict any scenario that is greater than cyber terrorism," Kaspersky says.

To better battle attackers requires better cooperation between various security services within countries but also internationally, he says. "Services need to talk to each other," he says. Laws that mandate reporting cyber activities are needed and users and security professionals in corporate settings need to be educated about how to recognize attack attempts. Kaspersky says it's important to decrease the window of opportunity for criminals by making detection and remediation happen so fast they have little time to do damage even if they do compromise networks.

State-sponsored attacks are becoming more widespread, he says. The number of different languages within attack code is increasing, with English, Chinese and Russian the most common, but also French, Spanish and just recently Arabic in code for an advanced persistent threat.

Join the CSO newsletter!

Error: Please check your email address.

Tags kaspersky labssecuritykaspersky lab

More about Kaspersky

Show Comments

Featured Whitepapers

Editor's Recommendations

Solution Centres

Stories by Tim Greene

Latest Videos

  • 150x50

    CSO Webinar: Will your data protection strategy be enough when disaster strikes?

    Speakers: - Paul O’Connor, Engagement leader - Performance Audit Group, Victorian Auditor-General’s Office (VAGO) - Nigel Phair, Managing Director, Centre for Internet Safety - Joshua Stenhouse, Technical Evangelist, Zerto - Anthony Caruana, CSO MC & Moderator

    Play Video

  • 150x50

    CSO Webinar: The Human Factor - Your people are your biggest security weakness

    ​Speakers: David Lacey, Researcher and former CISO Royal Mail David Turner - Global Risk Management Expert Mark Guntrip - Group Manager, Email Protection, Proofpoint

    Play Video

  • 150x50

    CSO Webinar: Current ransomware defences are failing – but machine learning can drive a more proactive solution

    Speakers • Ty Miller, Director, Threat Intelligence • Mark Gregory, Leader, Network Engineering Research Group, RMIT • Jeff Lanza, Retired FBI Agent (USA) • Andy Solterbeck, VP Asia Pacific, Cylance • David Braue, CSO MC/Moderator What to expect: ​Hear from industry experts on the local and global ransomware threat landscape. Explore a new approach to dealing with ransomware using machine-learning techniques and by thinking about the problem in a fundamentally different way. Apply techniques for gathering insight into ransomware behaviour and find out what elements must go into a truly effective ransomware defence. Get a first-hand look at how ransomware actually works in practice, and how machine-learning techniques can pick up on its activities long before your employees do.

    Play Video

  • 150x50

    CSO Webinar: Get real about metadata to avoid a false sense of security

    Speakers: • Anthony Caruana – CSO MC and moderator • Ian Farquhar, Worldwide Virtual Security Team Lead, Gigamon • John Lindsay, Former CTO, iiNet • Skeeve Stevens, Futurist, Future Sumo • David Vaile - Vice chair of APF, Co-Convenor of the Cyberspace Law And Policy Community, UNSW Law Faculty This webinar covers: - A 101 on metadata - what it is and how to use it - Insight into a typical attack, what happens and what we would find when looking into the metadata - How to collect metadata, use this to detect attacks and get greater insight into how you can use this to protect your organisation - Learn how much raw data and metadata to retain and how long for - Get a reality check on how you're using your metadata and if this is enough to secure your organisation

    Play Video

  • 150x50

    CSO Webinar: How banking trojans work and how you can stop them

    CSO Webinar: How banking trojans work and how you can stop them Featuring: • John Baird, Director of Global Technology Production, Deutsche Bank • Samantha Macleod, GM Cyber Security, ME Bank • Sherrod DeGrippo, Director of Emerging Threats, Proofpoint (USA)

    Play Video

More videos

Blog Posts

Market Place