PUNTA CANA, DOMINICAN REPUBLIC – There are a lot of threats on the cyber landscape, but one of the threats that concerns Eugene Kaspersky the most is hacktivism.
Kaspersky, the founder of Russian IT security vendor Kaspersky Lab, told attendees last week at the company’s North America partner conference that, while cyber criminals get a lot of attention when it comes to IT threat reports, he believes hacktivists – people who use the tools of hacking and cyber crime for political gains – are a worse threat than cyber criminals to businesses both large and small.
“Criminals don’t want to kill you; they want your money. Hacktivists have a political motivation,” said Kaspersky. “They want to damage your business, they want to kill your business, they want to disclose the data you don’t want to be disclosed, they want to very badly damage your reputation, kill your network and damage your data.”
And that motivation, said Kaspersky, makes hacktivists much more dangerous than your run of the mill gang of cybercriminals driven solely by a desire for financial gain.
“It’s a very short distance between cyber activists and terrorists,” said Kaspersky.
Kaspersky pointed to the Internet blackout of Estonia in 2007 as an extreme example of the power of hacktivism. With no Internet in the country for days, it didn’t just mean no e-mail or Facebook. With so much critical infrastructure relying on the Internet today, such as financial transactions, business and commerce were essentially driven to a halt.
The vendor is developing new vectors and technologies to respond to these emerging threats said Steve Orenberg, president of Kaspersky Lab North America.
“The area right now where there’s building awareness and concern is really at the infrastructure layer, protecting critical infrastructure,” said Orenberg. “Much of the inquiries, discussions and briefings we’ve had (on this topic) have been with governments and federal agencies, which are really more aware of these types of threats, which aren’t massively publicized.”
There is a growing concern about the vulnerability of critical infrastructure to attack by both hacktavism and nation states at high levels, said Orenberg, and Kaspersky has established a government relations office in Washington, DC to work with government security agencies and the legislative branch to share threat research and intelligence, and hopefully help to see legislation enacted to help respond to the threat.
“Eugene likes to say our mission is to save the world,” said Orenberg. “Right now there’s nothing to sell. It’s providing information. Because of this emerging threat that’s targeted to critical state infrastructure, such as transportation, electricity and finance, we’re developing a separate set of products geared towards protecting critical infrastructure. There’s no specific timeline. It won’t be this year, but it’s something the company is working on.”