One morning last week I bounded up onto a stage to make a speech, and the first thing I told everyone was literally: “How happy I am to see you all here!” But of course I was, since I – like most everyone else – am just soooo tired of this long-drawn-out corona-covid saga. I want a return to normality and to be able to get back to my customary rhythm of conferences, exhibitions, and assorted other business activities (preferably without a tie). And as if my prayers were answered – here was one such event, which happened to be one of our own: our annual Kaspersky Security Day 2021…
So what can I say?… That folks clearly missed such kind of meets. Who was there? Everyone! Just short of 200 guests in person, and more than 500 followed the live broadcast online.
// Last year – in the fateful lockdown year of 2020 – this annual event did take place, only completely online, and we called it Kaspersky On-Air to reflect this. The previous year, in 2019, was a sell-out offline event. Btw – the yearly event is a Russian-language-only one.
Ok, back to this year’s event. There was me up on stage, telling everyone how happy I was to see them all face to face… So what else did I say? Here’s what…
We live in a totally – unbelievably – unpredictable era where all-things-cyber keep clashing with all things geopolitics. And I don’t even have to point out the hows and whys for this: all you have to do is browse the headlines of the world’s news and there they are.
That’s the outline. Here’s what I went on to say…
We’ve been living our lives for years, if not decades already, firmly and completely within cyberspace, which continues to change at startling speed: just three, five, ten years ago – the whole cyberspace thing was totally different! And who’d have thought it – the coronavirus actually helped the world dive yet deeper into cyberspace (even a big dark infectious cloud has a silver lining:). We’ve all fully mastered modern comms platforms, while production and commerce have also had to become ever more digital.
We’re inevitably continuing to delve rapidly deeper and deeper into cyberspace, which in and of itself is the right way to go and most promising. Alas, every silver lining comes with a big dark cloud attached: the nasty cyber-reprobates are doing their very best to hinder this move in a positive direction. Especially acute today are security issues in the sphere of the Fourth Industrial Revolution, a basic principle of which is the connection of industrial processes to the internet; and this is something to be genuinely worried about, especially when it concerns critically important infrastructure, services and equipment.
Now – geopolitics…
When geopolitics is added to the cyberworld, what do we get? Two things: both negative. First, we see geopolitics doing precious little to help in trying to… ‘control the population of cyber-villains’ around the world. Second, geopolitics increasingly exploits the basically 100%-technological topic of cybercrime for its own self-serving political ends.
Thus, the overall result is a magical cyber-geopolitical cocktail. Sometimes it all looks like a thrilling global show with star actors and crazily expensive film sets: all very exciting; a modern-day cyber cloak-and-dagger saga that’s great for filling newspaper pages. However, as we all know, you can only have so much of a heady cocktail; sooner or later you have to… pay the consequences.
Now let’s look at all this from the other side – the dark side: the side of cyber-maliciousness…
If we look at the world of cybercrime and hackers through the prism of Maslow’s hierarchy of needs, then at the very bottom level you have the most inexperienced – noob – hackers. And it may surprise you that they generate the main mass of the cyber-maliciousness we deal with. Every day we detect around 360,000 new unique malicious programs. Yes – every day! Including weekends and days-off. A million new maliciousnesses every three days; more than two million new assorted other cyber-nastinesses every week!
And btw, before corona those numbers were 20-25% lower. Why?
Because the cyber-rascals were always ‘working from home’, lockdown or no. And they probably started working, say, seven days a week instead of five during lockdown since the pickings – folks working from home and using the internet a lot more – became so much richer. Also – lockdown meant the cyber-swine had less distractions getting in the way of their going after those rich pickings (all the bars shut, etc.). Also – cybersecurity levels were generally lower with folks working from home via a modem as opposed to in the (more-cybersecure) office, which saw the cyber-rogues hacking into corporate networks via employees’ home computers a lot more. Yes, the cyber-bad-eggs did real well out of the pandemic.
However, technically speaking, generally we’ve Koped just fine with this covid-caused increase in hacker maliciousness. Our neural networks, machine learning, anomaly-searching algorithms and so on – all of it is hard at work constantly sifting through and sorting the piles of new cyber-vermin, detecting malicious code, testing updates, and protecting all users on every possible cyberfront there is. Put another way, technically speaking, the lowest level in the hackers’ Maslow pyramid poses no problem for us at all.
So what is the problem?
The problem is the cyber-wrong’uns moving up a level in the pyramid (if they weren’t caught and arrested at the lowest). They learn, become cleverer, hone skills, and team up with more professional hacker groups. And it’s here they’re able to develop more complex targeted attacks – so-called APT attacks. Some five years ago we monitored several dozen such groups; today it’s hundreds. And with every passing week the more aggressive and criminally professional they become.
// Btw: I’m not touching upon the problem of state-backed hackers, which are behind so many of today’s cyber-espionage operations. That’s a whole other topic – one that would need to be addressed separately.
From the technical standpoint, the problem of professional hacker groups is much more serious than that of amateur cybercriminals just starting out or simply too mediocre – but also solvable. To protect corporate networks from professional targeted attacks there are specific products and technologies, cybersecurity audits, education programs and so on. So yes, we can secure against APT attacks too. The real serious problems start at the next level of the pyramid.
At the next level of the pyramid we have attacks on industrial systems, on physical equipment and on technological processes. Fortunately, such incidents occur fairly rarely; however, some of our industrial clients have been telling us how they’ve started having brief brushes with such hackers. By that I mean that they weren’t affected by targeted attacks, just random ones: hackers noticed an IP address, gave it a prod, nothing happened, and so moved along in search of other victims.
It is perfectly clear that attacks on industrial infrastructure (that is – on hardware, and not on office networks as was recently the case with Colonial Pipeline in the U.S.) – will be a problem in the near future. Alas, just as folks tend to go up Maslow’s (regular) hierarchy of needs (aiming for, if not reaching the upper levels), it seems fully logical that the most progressive hackers will be going up, aiming for, and (eek) reaching this level of the hackers’ Maslow pyramid.
Which brings us to the very top of the pyramid: attacks on critical infrastructure. And this isn’t merely a problem. It’s a potential catastrophe: the nightmare scenario for all cybersecurity folks. What happens if the cyber-villains get to the most critical of all super-critically important objects? Alas, it’s perfectly possible, and has been since… 2005, when Stuxnet set its ominous precedent.
Now, regarding the lower levels of the pyramid we Kan guarantee good the best (!) levels of cybersecurity through our existing, ‘traditional’ solutions; however, up there are the very top, you need more than cyberprotection: you need cyberimmunity. And that means you need… us! For we’re able to protect and/or immunize you from malicious activity on all levels of the hackers’ Maslow pyramid. And in such turbulent and unpredictable times as these featuring never-ending cyberpolitical storms, that’s surely a source of much-needed peace of mind.
And that is the basic outline of my speech at the opening of ‘Kaspersky Security Day 2021’.
Afterward came all sorts of interesting tales about modern cyber-issues and our fight against them, our Kaspersky Expert Security, about our continuing stable development in tough times, expert support, and a lot more besides. The full recording of this wonderful event you can find here (Russian only).
In all, an amazing gig. The event was full to the brim with interesting material, presented accessibly and unforced, and with fun added; that is – the way we always like it ).