Co-founder and CEO of “Kaspersky Lab” Eugene Kaspersky delivers a speech called “The threats of the Age of cyber-warfare”, expressing his vision on the current state of the global cybercrime and exemplifying his research with some observations and evidence of close affiliation of malware related crime with real-world facts.
Today we are here to discuss the problems, explaining our view on the existing situation and the future. This is the main topic of my presentation, and I am going to start.
Well, computers are everywhere. How many computers do you have or use in your life? You don’t know. You don’t know how many computers you have in your car. You don’t know how many computers manage the train, if you use train to get to New York. You don’t know how many computers manage the elevators in this hotel. Everything is digital, everything is online.
Entertainment…It’s digital. Oh, well, except poker in Las Vegas. But in Las Vegas, poker is under the control of cameras which are for sure digital and report that to the digital systems.
How many times did you open paper printed encyclopedia last year? Zero. How many times did you open Wikipedia or Wikileaks? As to Wikileaks, usually I say, please don’t publish so much information at the end of Friday, because secret services – they are humans too. They have families and they want to have weekends.
Social lives – well, how many people here in the room have 5 or more accounts in social networks? Well, I understand I am talking to journalists, it’s not fair, okay, okay. But when I am in a business audience, or I deliver a speech to students in universities, if someone raises the hand, I ask security to catch that person and to write down the name, to report that to the employer or to the professor.
Do you imagine a business that doesn’t have computers, which doesn’t have access to the Internet? Every business must pay taxes, that’s it. So only businesses which don’t pay taxes can be Internet free. So every legal business is connected.
– Social Life
– Private Life
– Businesses, Services
– Industrial Systems
Governments are another issue. Governments want to be online. And a very serious problem is that the new generation wants be 100% online. And if you don’t have Internet government or online government, if you don’t have Internet voting, then the new generation, kids – they will never go to the election office. If there is no online service, they will never go to vote. If you don’t have secure online voting, Internet passports – that will be the end of democracy. Well, this is also a very special topic, and maybe we will discuss that later.
Industrial systems – unfortunately, or fortunately, all these systems, well, they are not online, but it’s possible to bring USB, so they are partly online. And unfortunately, it’s a very, very big danger, and I have some examples of what’s already happened because of the security issues with industrial systems.
So, everything is online, and unfortunately everyone, every business, every person is under the attack. There are so many targets: individuals, governments, businesses. And there are 3 main sources of these attacks.
The first source is not so serious, that’s just script kiddies1, vandals. Still there are kids who develop malware just for fun, like in the past. But less and less kids are doing that, because they don’t have time, they play computer games. In the past, these kids were presenting themselves, they wanted to make themselves proud because they wrote a super computer virus. Not anymore. They play computer games, they grow into super heroes in computer games.
– Cyber criminals
– Cyber combatants
The second source is cyber criminals. I needn’t explain what cybercrime is and who cyber criminals are. Just read police reports and the stories, investigations, arrests, sometimes pictures.
And the third source is organizations, governments or individuals which attack the Internet in very different ways with cyber weapon, with distributed DoS attacks, which develop spying software to steal critical information. Unfortunately, we are getting more and more reports about that.So, a little bit about online crime. First of all, it’s global. It’s not just Chinese cyber criminals, it’s not only Russian cyber criminals – it’s global. Of course there are more cyber criminals in Asia, in Russia, in Latin America than in Europe or in the United States. But if you look at these faces, these pictures of criminals, you can see quite different faces: Americans, Russians, Palestinian… It’s everywhere. Computers are everywhere, Internet is everywhere, except Antarctic, I was there and checked, there was almost no Internet. So maybe Antarctic is the only one region free of cybercrime, but the rest isn’t – it’s everywhere. Unfortunately, it’s very effective, it’s possible to stop a country with the help of malware. It’s organized. This is a very, very old screenshot (see image) but I like it, because it’s a part of the business, it’s a gang which develops botnets2 and trades these botnets. So actually this is a price list: how many bots you want to use, how many days you want to use these botnets. There’s an ICQ number for technical support; there is also something about discounts if you buy the service 2 or 3 or more times; Terms of Service.
That’s a business. There is B2C (business to customers), B2B (business to business), well, I call this C2C – criminals to criminals. That’s organized world, huge well organized world with a lot of money in there, and it’s very profitable.This picture here shows the consequences of illegal street race in Moscow. Believe me, Moscow doesn’t look like this everyday. So there were a couple of Russian cyber criminals in that car. It’s a new BMW 7. One of them died in this incident, he was 19 years old. A 19-year-old boy driving a new BMW. They have lots of money.
Unfortunately, these guys have much more money than software engineers, than IT security software engineers. This is the answer to the question. Will cyber criminals be looking for a job in your company? Never, because they have much more money, unfortunately.
And it is easy to do because it’s just software, the Internet. They don’t need to invest too much, and they don’t have physical contact with victims. That makes the life of cyber criminals very simple. And it’s low risk. If they have enough of brain, they can do it in such a way that it is very, very difficult to find them, to trace them.
They attack from different countries using proxy servers, and in some cases they don’t attack victims in their own country. They don’t want local police to have calls from local victims. Some of these guys are extremely clever. We still don’t know the names of criminals which were responsible for some kinds of very big attacks like Conficker3, or Kido, attacks in the past, with 10 million infected proxy servers. I still don’t know the names. They were very professional people.
So it’s global, it’s very effective, organized, profitable, easy to do, no risk… of course there will be more and more cyber criminals. And also, keep in mind that there are more and more Internet users from very poor countries. And we live in the same territory, in the same city, on the same streets.
So, I don’t know how much money we lose because of that, because cyber criminals don’t report their financial figures. I am sure Gartner4 doesn’t have reports from cybercrime gangs. However, we tried to count, to approximate the financial impact, and we got the number – 100 billion dollars. And this is only from the cybercrime based on malware. Spam, credit cards, trading counterfeit stuff – it’s not counted. Only the cybercrime business which is based on malware costs global economy at least 100 billion dollars a year. So, if it’s 500 billion per all cyber crime, I am not surprised. And compared with that disaster in Japan, they said it was about 300-billion-dollar impact – every year we have at least one tsunami impact on the global economy.
1 – Script kiddie is a derogatory term used to describe those who use scripts or programs developed by others to attack computer systems and networks and deface websites.
2 – Botnet is a collection of compromised computers, each of which is known as a ‘bot’, connected to the Internet and used for cybercrime purposes.
3 – Conficker, also known as Downup, Downadup and Kido, is a computer worm targeting the Microsoft Windows operating system that was first detected in November 2008. It uses flaws in Windows software and dictionary attacks on administrator passwords to propagate while forming a botnet.
4 – Gartner, Inc. (NYSE: IT) is an information technology research and advisory firm headquartered in Stamford, Connecticut, United States.