‘Many major states lack the expertise to prevent cyber-terror’ – security chief
Terrorists will soon be able to carry out advanced cyber-attacks on vital state infrastructure, warns Eugene Kaspersky, CEO of security firm Kaspersky Lab. Governments still lack the capacity to deflect sophisticated hacks, he says.
Russian security expert Kaspersky, who advises the UK government, Europol and Interpol on cyber security issues, said in an interview with London newspaper The Times that the majority of states lack adequate systems to defend themselves in the event of a serious cyber-attack.
Britain’s security is more advanced than that of most states, he said. But he warned that the UK government is still “fearful” of the destruction cybercriminals could wreak.
Terrorists could carry out “modular” assaults, whereby experts are paid to work on separate dimensions of a hack without knowing what the project involves in its entirety, Kaspersky said.
The security boss suggested if cybercriminals can carry out successful attacks on well-protected financial institutions, they have the ability to wage an attack on any enterprise.
“States are scared,” he told The Times. “They’re absolutely not yet ready for this challenge. They understand the problem, and it’s huge. But they don’t yet have the strategy in place.”
UK Prime Minister David Cameron and US President Barak Obama said in January that British and American intelligence officials would test the defense capabilities of critical institutions during a series of cyber war games scheduled to kick off later in 2015.
The joint cyber tests will be conducted against each state’s banks, financial institutions, and other critical infrastructure in order to improve defenses against prospective cyber-attacks.
Additionally, the states will create a joint “cyber cell” featuring agents from both countries that will conduct the war games and share information on threats.
The first war game will occur later this year with the help of the Bank of England, and will test financial institutions in London and on Wall Street.
Later exercises will test other infrastructure such as power suppliers and transportation systems.
The rise of cyber criminality
One of the most well-known cyber-attacks on state infrastructure was carried out in Iran in 2010. A destructive virus called Stuxnet was used to infect equipment at a nuclear plant.
The computer worm compromised equipment there, forcing centrifuges used for separating uranium to spin too rapidly and brake. Following the attack, almost 20 percent of Iran’s nuclear centrifuges were destroyed.
The virus is typically introduced to a target environment via a USB drive.
Ralph Langner, the researcher who discovered Iran’s infected nuclear equipment, said in a TED Talk in 2011 he thought the cyber-attack was carried out by the American government with assistance from Israel’s intelligence agency, Mossad. However, neither the US nor Israel have admitted responsibility.
In 2014, equipment at a steel mill in Germany also suffered serious damage following a cyber-attack. Germany’s Federal Office for Information Security said the factory’s central computer network had been targeted and attacked by cyber criminals.
The hackers reportedly got access to the plant’s control systems using specially designed emails that tricked members of staff into handing over their login data.
Once they gained access to the factory’s system, the hackers prevented the scheduled shutdown of the mill’s furnace. German authorities never discovered the cyber villains' identities.
Reflecting on the rise of cybercrime across the globe, Kasperksy said law enforcement officials in the West will most likely increase their ability to counter cyber-attacks in coming years.
As part of Britain and America’s joint plan to bolster cyber security, money has reportedly been set aside to train a new wave of cyber agents.
Meanwhile, experts warn a terror attack in Britain is likely.
Metropolitan Police Commissioner Sir Bernard Hogan-Howe said Thursday that he was hopeful British authorities would create a reserve armed squad to address the “real and present” threat of a terrorist gun attack in the UK.
The Met Police Commissioner said plans to train members of Britain’s riot squad, known as the Territorial Support Group, are under way.
The government plans to deploy the squad’s services in the event of a serious terror incident.
Earlier this month, PM David Cameron confirmed elite British forces will be deployed on UK streets in the event of a Paris-style terrorist attack in Britain.