The Moscow-based computer security firm Kaspersky Lab has analyzed major new kinds of malware, including Stuxnet, which four years ago was revealed to have damaged centrifuges in Iran’s uranium-enrichment facilities. That discovery of this malware, believed to have been created by American and Israeli agents, led to fears that such attacks would escalate, perhaps eventually leading to actual cyberwar (see “New Malware Brings Cyberwar One Step Closer,” “Old-Fashioned Control Systems Make U.S. Power Plants a Hacking Target,” and “Preparing for Cyberwar, Without a Map”).
But since then there have been no other attacks that have caused physical damage. David Talbot, chief correspondent of MIT Technology Review, sat down with Eugene Kaspersky, founder of Kaspersky Lab, to ask why, and get his views on the most serious cyber threats.
Has Kaspersky Lab discovered any new Stuxnet-like attacks?
Nothing like this. After that we saw attacks on institutions like Saudi Aramco, and South Korean financial services, but only on IT systems. In Russia there was an attack on their computer system which managed police speed cameras, shutting down the cameras, but not physical infrastructure damage. Technically it is possible to do, so I’m afraid it is a question of time. Just as with when we talked about possible malware for smartphones several years ago, it was a question of time, and now it is here.
What was the cyberwar component of the Russia-Ukraine dispute?
There were attacks on banks, media, political opponents. But I don’t believe the governments are involved. I think they are hacktivists—criminal patriots. It looks like kids playing with their botnets. I believe that if government is involved, it could lead to more serious damage, like an Internet blackout. But it was like a little noise. I don’t know why it wasn’t worse. It was far from being the worst-case scenario.
What are the leading computer security threats today? What about the “Internet of things”?
The first is that cybercriminals and espionage efforts are moving to the mobile arena more and more. The second is traditional criminal gangs infecting computer systems to support existing businesses, like hacking computers to report wrong data about the amount of coal loaded to trains. Report more than was physically loaded, and taking the coal. But overall, cybercriminals are still happy with Windows and Android. And if they recognize there is not enough work, they can easily infect Mac, Linux, BlackBerry, and others.
If it runs on Android, malware can get on there by mistake. But the criminals are looking at not every device, but the most profitable devices or the ones that can help with traditional crime. Are there spies interested in the temperature of your house or the data in your fridge? Not really. But if your fridge is part of an Internet and you make online transactions to the supermarket with a credit card reader on the fridge, yes, why not?