- Dec 30, 2012
- 4,809
Cyber security expert Eugene Kaspersky has warned of an impending wave of attacks on critical infrastructure, as the deluge of connected devices provides hackers with more opportunities to wreak physical damage.
Mr Kaspersky, who was in Australia for the AusCERT security conference, said businesses and governments had to be wary of the evolving security landscape, as the ‘‘internet of threats’’ proliferates.
With his global security firm Kaspersky tackling more than 300,000 malicious attacks per day, Mr Kaspersky warns that critical infrastructure, like transportation and telecommunications, is very much on the radar of hackers.
“Last year there was a cyber attack on a German steel mill; their industrial network was attacked,” Mr Kaspersky said. “The result was an emergency shutdown and mass physical damage because of that. There was also a plane crash last year that killed six due to a software configuration issue. These attacks are designed not just to steal your data, not just to steal your bank account information, but to kill. This is the worst-case scenario.”
His comments were echoed by F-Secure’s chief research officer Mikko Hypponen, who said extremist groups were quickly becoming a physical and cyberspace threat. ISIS had established “arguably the best cyber offensive capability of any extremist movement out there,” he said at the AusCERT conference.
“We still haven’t seen real physical damage being done by any extremist group… but these guys are the first ones that actually have some existing hackers who have joined them and moved in from the West,” Mr Hypponen said.
Mr Kaspersky, who has just signed a contract to protect the Department of Prime Minister and Cabinet and its 2500 employees across Australia, said he co-operated with other security companies like F-Secure to “help each other to see the different pieces of the puzzle”.
He said attributing an attack to a particular state or group of people was extremely difficult, but he could often see what language the attackers use, with most coming from Chinese-speaking countries. Last week’s attack on the US Office of Personnel Management, which saw the records of about four million government staff compromised, was suspected to be the work of China-based hackers.
With corporations and governments spending millions on protecting sensitive information, Mr Kaspersky said that there was no silver bullet solution.
“Unfortunately there is no such thing as 100 per cent security,” he said. “If the attackers are professional enough, and have enough of a budget, I think almost every system can be hacked.”
When it comes to the issue of how agencies can combat cybercrime without trampling on civil liberties, Mr Kaspersky thinks the debate will be “endless’’.
Source
