Eugene Kaspersky, the founder and CEO at Kaspersky Lab, and a cybersecurity expert, has delivered an open lecture 'Cyberimmunity for the digital age' at St Petersburg University.
Eugene Kaspersky began with a brief view into history. He recalled that Homo sapiens had already gone through several eras: Stone, Bronze, and Iron Ages. Now, as the expert put it, we are in for the plastic age as plastic has become the main material on the planet.
However, the situation is going to change in the future. What will underpin our life is technologies rather than materials. Digital technologies are where the digital age will begin, the expert is convinced. He gave an example from the nearest future: 'The “digital” is everywhere now: our behaviour is recorded by phones, cameras, motion sensors ... In the future, I suppose, we can witness the following: you wake up, make breakfast, and your refrigerator and coffee machine send a signal to the cloud: “The owner is awake. So he needs to go to work. A scooter near the house will be necessary”. The scooter drives up to the set point, parks, and waits for you. Everything happens automatically.'
The 'digital' is everywhere now: our behaviour is recorded by phones, cameras, motion sensors ...
Eugene Kaspersky, a cybersecurity expert
These technologies may soon be available, he said. Yet we have to solve three tasks to ensure that the digital age comes into force. First, massive cybercrime. Each day, Kaspersky Lab applications detect about 360,000 previously unknown harmful applications designed to steal money and data from users.
‘Each day, our systems collect about two to three million suspicious files', said the expert. 'They need to be sorted: to separate the infected and harmful from those in which there is actually nothing wrong. Doing it manually is impossible.’
To combat mass cybercrime, we use automatic systems for recognising a harmful code. They help to track the 'behaviour' of applications, reveal their similarity to the known viruses, and run suspicious files using the 'sandbox'. It is a mechanism to run an unknown programme in an isolation mode and see how it works without doing harm to your computer.
The second threat to the digital age, as he put it, is professional cybercrime: fraud committed not by individual attackers but by groups. 'The number of criminal groups that are engaged in targeted, highly professional and often successful cyberattacks is increasing', said Eugene Kaspersky. 'Several years ago, Kaspersky Lab monitored about a hundred of such groups. Today, there are already about a thousand of them. Traditional antiviruses cannot fight attacks by such criminals.' How we can protect against them is to detect anomalies in how applications operate on specific computers and phones in the network. Yet even by doing so we cannot ensure 100% safety and security, said the expert.
The third threat to the digital world is cyberattacks on industrial and critical infrastructure. 'For example, in 2014, an attack was carried out on one of the steel companies in Germany', the expert said. 'A malicious code entered the blast furnace network and gave a command to stop the equipment. All the raw materials in the blast furnace froze, and it itself turned into a piece of metal. It could no longer be launched. In other words, the blast furnace was destroyed through a cyberattack.'
The future belongs to the development of immune operating systems.
Eugene Kaspersky, the founder and CEO of Kaspersky Lab
Having even one fully protected industrial facility is impossible, said the expert. Each is vulnerable in some way and may be subject to a cyberattack. Traditional cybersecurity systems can fix them only partially. These technologies ensure that the industrial infrastructure is more resilient. Yet, as in the case of cyberattacks on individual users, they are far from being able to completely solve the problem. This is why society needs to move from cybersecurity to cyberimmunity.
'The future belongs to the development of immune operating systems. Such systems guarantee that the cost of an attack will be higher than the possible damage. In other words, the attackers will have to invest in developing and implementing attacks more than the sum of the damage to the side being attacked', he said. Unlike the traditional systems, immune operating systems are based on completely new principles. Each micromodule is isolated and has its own security policy, he explained.
‘If you are a calculator, you do not have access to the Internet and you have access only to the keyboard and the screen. If you operate a turbine, you only have access to the turbine', said Eugene Kaspersky. 'In other words, each module has its own scenario of how it should operate. Even if a module is hit, the rest of the system is not going to be damaged.’ Developing such technology is far from being an easy task. Yet it will eventually be implemented in all industrial and mission-critical plants.
‘If you are thinking about your future profession, pay attention: the most delicious and interesting thing is developing immune operating systems for industrial and critical infrastructure. Specialists in such systems will earn a lot of money’, said Eugene Kaspersky to students.