Eugene Kaspersky on the evolution of malware

Co-founder of Kaspersky Lab and a true cybersecurity guru Eugene Kaspersky gives a short talk, expressing his viewpoint on malware evolution: the way malware was, the way it is now and how things might change in the future.

The evolution of malware within last 10 years depends on the evolution of people who developed that. Ten years back, all the malware was developed by kids, just teenagers, script kiddies, cyber vandals. They made simple malware and did some experiments with high-end technologies, but their motivation was just to have fun. We had thousands of usual viruses infecting the system, proof-of-concepts infecting Microsoft Office documents, the first Internet worms, the first smartphone viruses. But that was not so serious.

Later the cyber criminals they took the place, and that was the reason to change the malware behavior and production. Now they have virus factories which develop millions of malware, thousands of the malware in the families, and it’s industries.

And so our future is in danger. Criminals came and they are getting more organized. There are different groups of cyber criminals, they do different jobs and they are focused on what they do. Carders out there are focused on developing card stealing technologies; botnet authors are focused on botnet management; virus writers, malware writers are developing more and more complicated malware. So I am afraid that in the next 10 years we will fight with more and more complicated malware. And I think that malware production will be moved to the countries which have more software engineers: to Russia, United States, China, India and will stay there. And cyber criminals in the rest of the countries will simply buy the services form these countries. And I am afraid that we will also see malware attacks which we will classify as cyber terrorism.

Adoption of stronger cryptographic techniques is a stick which has two ends, positive and negative. What we see is cyber criminals use extra technologies and they started to use cryptographic systems to protect their botnets for example, to manage botnets in a safe way, and I am afraid they will use more and more high-end technologies, which will make our work of protecting customers and fighting cyber criminals more difficult.

Speaking of protection, people have to pay more attention to the quality of antivirus protection. Also, they have to switch their minds on when they browse the Internet; they should not trust any data from unknown or untrusted source; they have to understand that social networks is untrusted source – don’t, don’t trust anyone in Facebook or Myspace, forget about that because there are so many criminals there and there are many victims which came from these social networks.

Enterprises – they also have to pay attention to their IT environment, they have to have the right architecture of their networks, from the security point of view. With regards to governments, I think that we will see several steps in developing better Internet security. The first step, I think, is Internet Interpol, the international police to investigate international cybercrime cases. Well, cybercrime is international because Internet does not have borders. Then, I think there will be more regulation in the Internet. The local national laws will be adapted to the modern Internet needs. And then, I think they will have Internet passports, Internet government, what else, because Internet is just a new land, it’s a new country with more than 1 billion population and 100% connected to the Internet.