Eugene Kaspersky, CEO of Kaspersky Lab, discussed the latest threat landscape at its Cyber-Security Symposium in New York City Oct. 6. At the symposium, Kaspersky Lab also launched the Windows version of the company's Endpoint Security 8 software suite.
Speaking on upcoming trends in cyber-security, Kaspersky warned that the future is looking very grim. He cited three types of attackers: hacktivists for cyber-protests, cyber-criminals motivated by financial gain and cyber-combatants focused on cyber-warfare, Kaspersky said. Every business and user is under attack and the global economy and every country is at risk, he said.
"I don't see clear blue skies ahead," Kaspersky said, adding that he expects to see even more sophisticated types of attacks.
Cyber-criminals are highly organized, effective and globally distributed. Their tools of the trade, such as botnets, are readily available for rent, with actual terms of service and conditions to follow, just like any legitimate business. There is a lot of profit and low risk in cyber-crime. As more people around the world go online for the first time, the pool of potential victims also grows, Kaspersky noted.
Computers are everywhere and control so many aspects of people's lives that a focused cyber-attack can impact more than just the system itself. Kaspersky mentioned recent tragedies, such as the Spanair flight 5022 crash in 2008, in which malware played a role. He noted how the Blaster worm infected several computers in key data centers used by utility companies and may have had some impact on the severity of the blackout that blanketed the East Coast in 2003.
In all of these incidents, malware was "not the reason it happened, but it could not have happened without malware," Kaspersky said.
Kaspersky discussed the prospect of cyber-warfare, noting that governments are all investing in cyber-weapons and creating elite cyber-divisions. He said China, South and North Korea, and the United States have some kind of a military role in cyber-space, and emphasized this is not a complete list.
"There must be new designs, new innovations in IT and OS development. Systems that are more secure must be used in critical infrastructure," Kaspersky said.
The IT industry needs to work together to improve cyber-defenses, such as securing the critical infrastructure, international cooperation, and increased regulation and standards to raise the security posture. Kaspersky called the new breed of security products advanced protection technologies.
Kaspersky Lab introduced Endpoint Security 8, which targets firms that need to secure their cloud computing, virtualization and mobile infrastructures. For the first time, Kaspersky Lab has integrated its enterprise version with the Kaspersky Security Network, the cloud-based reputation database with information on the latest malware threats. The consumer versions are already using the cloud service.
The new product protects networks with deep anti-malware protection and comprehensive management and control systems. Administrators can also take advantage of white-listing capabilities to set policies for specific applications or categories of applications. The "System Watcher" feature tracks the computer's behavior for anomalies and resets the system back to the point just before the anomalies occurred.
Endpoint 8 also runs the improved signature and pattern-based antivirus engine to detect malware even if the code has changed slightly. It offers Web filtering, device control, intelligent personal firewall and intrusion detection.
Endpoint 8 also offers management options to protect virtual machines, with support for VMware-based systems. Administrators can remotely monitor and manage the network via a Web console and generate detailed reports.