Select your localized edition:

Close ×

More Ways to Connect

Discover one of our 28 local entrepreneurial communities »

Be the first to know as we launch in new countries and markets around the globe.

Interested in bringing MIT Technology Review to your local market?

MIT Technology ReviewMIT Technology Review - logo

 

Unsupported browser: Your browser does not meet modern web standards. See how it scores »

The Moscow-based computer security firm Kaspersky Lab has analyzed major new kinds of malware, including Stuxnet, which four years ago was revealed to have damaged centrifuges in Iran’s uranium-enrichment facilities. That discovery of this malware, believed to have been created by American and Israeli agents, led to fears that such attacks would escalate, perhaps eventually leading to actual cyberwar (see “New Malware Brings Cyberwar One Step Closer,” “Old-Fashioned Control Systems Make U.S. Power Plants a Hacking Target,” and “Preparing for Cyberwar, Without a Map”).

But since then there have been no other attacks that have caused physical damage. David Talbot, chief correspondent of MIT Technology Review, sat down with Eugene Kaspersky, founder of Kaspersky Lab, to ask why, and get his views on the most serious cyber threats.

Has Kaspersky Lab discovered any new Stuxnet-like attacks?

Nothing like this. After that we saw attacks on institutions like Saudi Aramco, and South Korean financial services, but only on IT systems. In Russia there was an attack on their computer system which managed police speed cameras, shutting down the cameras, but not physical infrastructure damage. Technically it is possible to do, so I’m afraid it is a question of time. Just as with when we talked about possible malware for smartphones several years ago, it was a question of time, and now it is here.

What was the cyberwar component of the Russia-Ukraine dispute?

There were attacks on banks, media, political opponents. But I don’t believe the governments are involved. I think they are hacktivists—criminal patriots. It looks like kids playing with their botnets. I believe that if government is involved, it could lead to more serious damage, like an Internet blackout. But it was like a little noise. I don’t know why it wasn’t worse. It was far from being the worst-case scenario.

What are the leading computer security threats today? What about the “Internet of things”?

The first is that cybercriminals and espionage efforts are moving to the mobile arena more and more. The second is traditional criminal gangs infecting computer systems to support existing businesses, like hacking computers to report wrong data about the amount of coal loaded to trains. Report more than was physically loaded, and taking the coal. But overall, cybercriminals are still happy with Windows and Android. And if they recognize there is not enough work, they can easily infect Mac, Linux, BlackBerry, and others.

If it runs on Android, malware can get on there by mistake. But the criminals are looking at not every device, but the most profitable devices or the ones that can help with traditional crime. Are there spies interested in the temperature of your house or the data in your fridge? Not really. But if your fridge is part of an Internet and you make online transactions to the supermarket with a credit card reader on the fridge, yes, why not?

0 comments about this story. Start the discussion »

Tagged: Computing, Communications, Web, malware, antivirus software, Kaspersky Lab, Eugene Kaspersky

Reprints and Permissions | Send feedback to the editor

From the Archives

Close

Introducing MIT Technology Review Insider.

Already a Magazine subscriber?

You're automatically an Insider. It's easy to activate or upgrade your account.

Activate Your Account

Become an Insider

It's the new way to subscribe. Get even more of the tech news, research, and discoveries you crave.

Sign Up

Learn More

Find out why MIT Technology Review Insider is for you and explore your options.

Show Me