Slashdot Mirror

← Back to Stories (view on slashdot.org)

Kaspersky Says Cyber Weapons "Cleaner" Than Traditional Weapons But "Much Worse"

Posted by samzenpus on from the give-me-email-or-give-me-death dept.

DavidGilbert99 writes "Eugene Kaspersky and Mikko Hypponen have been watching the cyber security world every since happy hackers were writing viruses for nothing more than their own entertainment. Today however things are very much different. At the DLD 2013 conference, the pair debated the current state of cyber warfare and cyber weapons. Kaspersky said that while cyber weapons may be much 'cleaner' than traditional missiles, guns and bombs, they are 'much worse' as they can be used by just about anyone who has some level of computer proficiency. Both agreed that it was very difficult to protect against the highly-complex nation-state developed malware like Stuxnet, Flame and Gauss. Hypponen said that we are in the 'first stages of a cyber-arms race' warning: 'I think we've only seen the very beginning of these problems.'"

2 of 89 comments (clear)

  1. Scare Headlines Sell Products by BoRegardless · · Score: 5, Insightful

    I am not surprised by Kapersky saying what he does.

    If you don't want your automation system attacked, then keep it off line and what is off line monitored and limited so it can't be accessed improperly and then treat your crew right...with supervision.

    Life is not easy.

  2. Re:not worse by Elbereth · · Score: 5, Insightful

    It's not just Internet-connected infrastructure. In many cases, people took the proper precautionary steps, but weren't actively paranoid. To protect your infrastructure today, you really do need to be paranoid. People bring in gadgets infected with malware, plug the malware-infected gadget into a PC, and the PC infects every system on the network. OK, so you ban people from bringing in gadgets, and now you remove all secretarial PCs from the main network. Maybe you even disable every USB port and force people to use PS/2 keyboards and mice. Well, the next infection comes in from a contractor who installs software directly from the manufacturer. If the hackers know that you use Flash and/or Java in your company's intranet, it's not inconceivable that they manage to infect Flash or Java. I mean, we're talking about nation states here. They can do whatever the fuck they want, and money is not much of an issue.

    Somewhere along the line, people with resources a hundred times greater than yours will come up with a line of attack that you didn't defend against. And if you protect against everything obvious, who knows what the crazy fuckers will do? If I were on the Iranian nuclear power commission, I'd probably give the Americans and Israelis a semi-obvious backdoor to my network, just so that they don't send in black ops teams. I'm not saying that I think the Americans and Israelis would be so stupid, but, then again, these people probably grew up watching James Bond movies. They probably think that shit is exciting.