Cyber-attacks seem common-place these days. With attacks on the financial sector and state sponsored attacks on the internet on the rise Eugene Kaspersky of Kaspersky Lab calls for international policing of the internet to take place to thwart cyber terrorism.
Kaspersky Lab is one of the fastest growing and largest private IT security providers in the world. Chairman and CEO Eugene Kaspersky talk to Russia Today:
RT: It seems cyber security is the talk at Davos, have you noticed an increase in the tension, and why this year?
Eugene Kaspersky: You are absolutely right that cyber security issues are in the focus of many discussions here in Davos and attention to cyber security is increasing year by year. And it’s very easy to understand why, because cybercrimes are getting more professional, they are big enterprises. The financial sector is under attack. There are a lot of state sponsored attacks on the internet. Unfortunately the situation with cyber threats is getting worse and worse year by year.
RT: Cyber security is a tricky business, because it’s so expensive and never absolutely secure. GP Morgan, for example, spent $250 million, they say, on IT security last year and they still got hacked. So, in a sense, how safe can you make a system?
EK: You are partly right that in cyber security it’s hard to guarantee a high level of security but at the same time, we have the techniques, we have the products, which can guarantee a very high level of security for individuals, for enterprises and their critical infrastructure. And my definition of a high level of security is, is that the security is good enough if the cost of attack is bigger than the possible damage to the victims system. So the attack must be more expensive than the value of information that could be stolen or the damage that could be made to the physical infrastructure.
RT: What are some of the greatest challenges facing your company, technical or otherwise?
EK: This is the main challenge for my company to design such technologies and products that will guarantee a very high level of protection, a very high level of security. To stop all types of attacks in cyber infrastructure, attacks on individuals, enterprises and critical physical systems.
RT: We often hear ludicrous physical sums, two trillion dollars for example mentioned as yearly damage from cybercrime. Are those [figures] over inflated?
EK: Unfortunately I can’t guarantee that these numbers are true, but they don’t surprise me. Maybe that’s close to the reality.
RT: The CEO of Sisco, you may have heard, he’s not very optimistic. He believes that in the coming years there will be more cybercrime and worse cybercrime than currently, what’s your outlook?
EK: I’m afraid we will face more issues in cyberspace because there are more and more cybercriminals. They are coming to this business; many of them are getting more and more professional. They are professional enough to hack even very well protected networks. At the same time I’m expecting that new devices will be under attack, smart TV for example, is connected to the internet as a computer and I’m afraid that criminals will affect the system as well. And very soon, maybe not this year, maybe in coming years, we will see more and more, an increasing number of attacks on critical infrastructure.
RT: Are those possible, because we often see them in movies, a terrorist attack,a nuclear power plant by computers, is that the realm of fantasy or could that possibly be the reality?
EK: Of course the movies are movies, and there are a lot of fantasies there. But unfortunately those movies are partly true, unfortunately there are critical systems, critical infrastructure and physical systems. They are based on computer technologies as well, and the computers they manage the physical processes.
RT: As these threats become more and more real, more and more vicious, governments have begun involving themselves in cyber security as well; law enforcement agencies, spy agencies in regulation of the internet. Who should IT security be left up to, firms such as yours, or internet provider’s maybe, or should governments also have a role?
EK: It’s a very good question and there are different opinions, and I think that to manage, to co-ordinate cyberspace there has to be some international organization, maybe not the United Nations, maybe let’s say 20 countries, which are main contributors to cyber technologies and to the internet.
RT: The internet is of course international, cyber criminals are everywhere. You find them in every country. How does that complicate things for you?
EK: The fact that cybercrime is very international and criminals live in different countries. Actually it’s not a headache for me, it’s a headache for the cyber police. But the cyber police are getting more professional, Interpol and Evropol have cyber divisions and we assist them, we co-operate with the cyber police and national and international treaties. So I’m optimistic that the cyber police have more resources and more power to control the population of the cybercrime.
RT: Do you think the issue of cybercrime is appreciated enough among the public, do you think the public understands how dangerous it is?
EK: I think that the level of awareness about the cybercrime, about the cyber-attacks on the internet, attacks on computer systems is good enough, because many people they already know that cybercrime does exist and it’s dangerous. Enterprises of the state are victims of these attacks, so if you’re talking about cybercrime its good enough. But talking about critical infrastructures, still governments are in the process of understanding, they are learning the problem. I’m afraid it’s getting a little bit slow.