Notes, comment and buzz from Eugene Kaspersky – Official Blog

November 18, 2011
  • 0
  • 0
  • 0

It’s the End of the Net as We Know It.

Hi everybody!

Time to tell you about a bunch of really exciting events I’ve been to over the past few weeks. It’s been a fairly crazy mini-tour covering Geneva, Dublin and London non-stop. Two or three days in each city and each time talking to some very interesting people on all sorts of hot topics.

It all started with the United Nation’s International Telecommunication Unit (ITU) meetings in Switzerland. The organization is showing great progress towards developing a common approach to fighting cybercrime on an international level. However, I’m afraid I can’t tell you any further details. It was a very hush-hush private meeting behind closed doors where we discussed some issues I can’t share with you at the moment. Nevertheless – stay tuned and soon I’ll be able to uncover some details…

Next up was Dublin and the F.ounders 2011 conference, which we’ve already mentioned here.

Last stop – the London Conference on Cyberspace. This was quite something – in fact, it unexpectedly turned out to be this year’s best event I was involved in!

The conference, organized by the British Foreign Office, took place on November 1-2 in the Borough of Westminster. I would like to thank the British Foreign Secretary and First Secretary of State William Hague for his personal invitation to me to take part in the event. I must say it was a surprise to find myself as the only “boss” from the IT security industry to address the audience. But then on the other hand I think the Foreign Office made the right choice – big-wigs from competitors would only have given the audience the same old BBB (Boring Business Blah blah blah) and spoiled the event!

Eugene Kaspersky at the London Conference on Cyberspace

The British government did a really great job organizing and promoting the conference, and this is from someone who’s attended hundreds of similar events. Among the speakers were some real heavyweights: British Prime Minister David Cameron, US Vice President Joe Biden, and of course the abovementioned British Foreign Secretary William Hague. James Brokenshire, the British Minister for Crime and Security, was very kind in acting as moderator during my speech. Later I had a private meeting with him discussing pertinent issues regarding cybersecurity. I also had meetings with Ed Vaizey, the UK Minister for Culture, Communications and Creative Industries; Stephen Pattison, the Chief Executive of the International Chamber of Commerce in the UK, and a many other top-ranking officials and businessmen. All meetings were interesting, insightful and enjoyable.

The London Conference on Cyberspace

The conference was attended by a couple of hundred VIPs from 40 countries. That’s not all that many for an authoritative infosec gathering, but this one was invitation-only and it wasn’t that easy getting invited. On the flipside the conference was broadcast live over the Internet and widely covered in social media. It was amazing – in just two days I got as many new Twitter followers that I normally get in a fortnight! Thanks everyone!

Plus there was a ton of media attention. I can’t remember so many interviews in just two days. And not just any old interviews, but INTERVIEWS! See for yourself: live talk on Sky News and BBC World; mentions in Forbes, The Financial Times, The Sunday Times, Spiegel, Deutsche Welle and some 50 other high-profile printed and online media. Oh yeah – we had a real blast!

Eugene on BBC

Now, let’s get to the point.

Frankly speaking I thought the conference was going to be just another humdrum phrase-mongering session. Believe me, this is what most infosec events are like. However, things turned to just the opposite. I mean this was the first time I’d ever heard top government officials directly supporting my long-held firm belief that we urgently need some game rules for cyberspace.

And that’s why all the bigwigs got together in London: it seems a lot of the people at the top have finally got their heads round the idea that today’s Internet is on a Highway to Hell, and is a breeding ground for malware and growing cybercrime. Of course, the Net should stay more or less as it is, but we should realize that it has changed to become more than a hangout for meeting people. It directly affects our lives through its use by all kinds of vital services like airports, hospitals, banks, the police, military… you name it!

It comes down to this: the critical global infrastructure depends on the Internet! This is not some kids’ game anymore. A seemingly harmless prank can lead to disastrous consequences. One day we might experience electricity outages, or banks, hospitals or airports stopping functioning – all because of some random malware, or worse – because of a targeted terrorist attack or cyberwar.

The question is not “will it happen?” but “when will it happen?”. Just think of the north-eastern US Blackout in 2003, the Spanair flight 5022 crash in 2008, the infected military drone ground control centers, or the South Korean Internet shortage caused by the Slammer worm outbreak… History contains a lot of examples where malware had really disastrous effects.

With so many aspects of our lives now depending on the Internet I think things will get even worse – especially if we add to the last list the cyber-attack on Estonia and the Stuxnet worm. We are about to experience something even worse – cyber warfare and cyber terrorism. Some governments have already announced they are forming dedicated cyber defense units. I’m pretty sure many others have done the same, but on the quiet. Meanwhile the Pentagon without a moment’s hesitation has equaled a cyber-attack to an act of war and has granted the US military the authority to respond to hacking with physical force. And unfortunately many Hollywood blockbusters (like Die Hard 4) might very possibly become reality – I don’t see it being too much of a stretch of the imagination. Ok, I think I’ve made my point by now.

So, in the face of all the doom and gloom, what are we to do in response? How can we save ourselves from the Internet getting out of control? Are we doomed and gloomed?

These questions, thankfully, were top of the agenda at the London conference. What I liked most of all were the serious intentions, and the problem’s acknowledgement at the highest level – the top international level. There are no borders on the Internet – so those fighting its negative aspects need to also lose borders – at least in this particular fight. Indeed, we can only save the Net (and ourselves too) by joining forces and going beyond national borders and interests. Yes, I mean i-Interpol.

A correct perception of the problem and full understanding of the possible ways of solving it is the way to go and that was what London was all about. David Cameron, Joe Biden, William Hague and many others almost verbatim repeated my long-held idea that without game rules the Internet has no future since it would become way too hazardous for life on the planet. And aye, I did get a kick – or rather, ego boost – by all the top-ranking officials sharing my original thoughts about the future of the Internet :-)

Internet regulation is a moot point and very divisive when it comes to discussing the idea.

Ever since I first outlined my general ideas about Internet regulations I’ve been attacked by all sorts of supposed upholders of net freedom and anonymity. But hold on. We haven’t had the luxury of possession of such things for years already. Internet regulations can’t be said to target freedom and anonymity – because no one has them. Online activity is logged at the Internet service provider level, and is available for both real-time and post-factum investigations. Governments officially declare traffic is snooped upon (and we can only speculate about the number of governments that snoop on traffic unofficially). Just look at online advertising – they know the websites we visit, what search keywords we use, our social preferences, you name it! Net freedom and anonymity are delusions! And the upset and banging-on that accompany their so-called demise are no more than populist rituals based on a lack of understanding of what’s really going on.

So we have public opinion largely believing the populist slogans about age-old freedoms coming under attack. Thus, those who are meant to take care of our security (the authorities) prefer to sweep this topic under the carpet. As a result, by some queer twist of responsibility-taking, instead of protecting our right to freedom we actually sacrifice it! We sacrifice the right to safe Internet surfing and to not get infected by some nasty piece of malware at every step. And of course we also sacrifice the right to high-quality (malware-free) services from banks, companies, hospitals, police, etc.

Could regulations defeat cybercrime once and for all? Certainly not. But the idea is to complicate the cybercriminals’ lot, nip amateur cyber-hooliganism in the bud, and catch the cyber-recidivists. Also to introduce an effective identification system protecting users’ identities, a cyber-law enforcement framework, and a supra-state organization capable of implementing the regulations. Hacking and stealing will stay forever – we’ll just have to live with that. However, hacking and stealing will become much less widespread if regulations come in, reserved to a small, hardened elite – like the bank robbers in Heat, only cyber-robbers. The rest of today’s cybercrime crowd will get the message: no more games, harsh punishment follows the crime. And farewell to amateur hackers’ romanticism!

But, let’s get back to the conference. Let me say it again: I liked it a lot. It was a clear signal that things are finally starting to move in the right direction. I saw there both political will and understanding at the top international level. That’s very positive. It now seems to be dawning on those that count – at the top – that the security industry and governments should start to actively fight cybercrime together.

Still, the issue that keeps me awake at night and which can level our efforts in bringing peace-of-mind to the Internet is the threat of cyber warfare and cyber terrorism. We must try our utmost – together – to prevent both.

Should the Internet become a military-free zone? Should we regulate the usage of cyber weapons the same way we regulate nuclear power with international treaties and organizations? Well, that’s another topic I’ll cover in my next post. Stay tuned!…

You can see more photos fro the London Conference on Cyberspace on my Flickr account.

comments 0 Leave a note
Trackbacks 14

Net voine! | Nota Bene

CEO de Kaspersky: “La actividad militar está convirtiendo a Internet en un gran campo minado” | OhMyGeek!

Cyber-Thriller, ver. 2011 | Nota Bene

The Big Euro Freeze & The Munich Security Conference. | Nota Bene

Woodpecker Summit 2012. | Nota Bene

Cassandra Complex… Not for Much Longer. | Nota Bene

The Flame That Changed the World. | Nota Bene

Worse than Cheese: Scary Scenarios Causing Nightmares Now – the Five Main Issues of IT Security. | Nota Bene

Appel à l’action : Internet devrait devenir une zone sans armée. | Nota Bene

Richiamo all’azione – Internet potrebbe diventare una zona franca militare | Nota Bene

Cenários assustadores que dão pesadelos – os 5 principais problemas da segurança TI | Nota Bene

The Flame: a “chama” que mudou o mundo | Nota Bene

Apelo: a Internet devia ser uma zona desmilitarizada | Nota Bene

Casos e Historias de Miedo que Causan Pesadillas – las Cinco Cuestiones Principales de la Seguridad IT | Nota Bene

Leave a note
March 27, 2015

A quick guide to Utah arches.

Why this national park is called the Arches is a rhetorical question. But if you haven’t been following this mini-on-the-road series from Utah, then read this. Yes, you want huge natural rock arches – you need to come here. There’s just so much awesome archness here. Wikipedia says there are as many as 2000 here, […]

March 25, 2015

U tire of Utah’s canyons? Not possible!

The red rocks of Utah – a simply captivating sight; from the outside, that is, which is what we checked out yesterday. Today it was time we had a look at all this from the inside. So off we headed to the Arches National Park‘s Fiery Furnace rocky massif. This is what we saw…

March 24, 2015

The Utah Saints: Crimson columns and massive mushrooms.

Since the previous day my brain had been variously boggling and boiling. This was eased a little by steam being emitted from said boggling and boiling brain out via my camera, but that alleviation process then went too far, leading poor brain into a state of half dehydration. The diagnosis sounds like this: I’ve (finally) […]

March 20, 2015

A practical guide to making up a sensation.

There are many ways to make up something sensationalist in the media. One of the practical ways is to speculate and create conspiracy theories. Unfortunately, there’s a demand for such stories and they have a very good chance of making a splash. So how can a global company with Russian roots play a part in […]

March 19, 2015

Bonny Bonneville. Salty Utah.

Still in the US toing and froing between cities, we decided to make a quick stop in a town I’d never heard of: Wendover, Utah State. The town houses the nearest airport to the famous Bonneville Salt Flats. A saliently saline splendid spot!

March 18, 2015

Massachusetts snow woe, and a US-AV decade of champions.

I’ve been in the USA countless times. Usually it’s just for short stays with a few different places to visit, but there’s normally plenty of interesting tales to tell afterwards. Not this time! This time it was business, business, and again business. In this post, alas, there’ll be nothing too riveting for you, dear reader […]