Kaspersky is known to many for their Home Antivirus Solutions rather than their Business software. However, in the keynote (link in Dutch) given by their CEO, Eugene Kaspersky, attention was brought to the security of so-called "Mission critical infrastructure": facilities like transportation hubs, power plants or water stations (or in the case of Belgium: breweries).
Industrial Control Systems
An Industrial Control System (ICS for short) is the computing control unit for an industrial system in automated facilities, such as a controller for a centrifuge, a circuit breaker or a filtration station for water. In large facilities, SCADA (Supervisory Control And Data Acquisition) systems are in place to regulate the whole operation of the facility, and to enable factory workers to get vital system data and send commands to the different machinery units. More often than not, these systems run in a seperate network, concealed from any threats from the outside world. But are these systems still safe, in a world like today? The entrance of IoT (Internet of Things), Automatisation and Computerized Machinery enlarge the threat levels for these systems significantly, and when those fail, the damage could be catastrophical.
One of the most known attacks on one of these industrial systems was carried out on an Iranian nuclear plant doing research towards the refinery of Uranium. The Stuxnet worm was specifically designed to copy itself into the PLC (Programmable Logic Controller) of the facility, and subtly disrupt functionality. Eventually, the worm actually made it into the system, even though it was entirely disconnected from the outside networks, by an infected USB thumb drive that was carried into the building by an oblivious employee.
Once inside, the worm wreaked havoc on the systems, to the point of destroying almost one fifth of the priceless nuclear centrifuges by speeding them up above their maximum capacity, eventually forcing Iran to shut down the facility entirely.
Cybercrime has always been an issue, and with many upcoming technologies like the IoT, the numbers are unfortunately only rising. Especially Linux systems are becoming more and more of a target, since most embedded systems, e.g. IP Webcams, Smart devices,.. are UNIX-based. Botnets like Mirai can be used to perform attacks on an industrial scale. A reported global annual loss of 400 - 500 bln USD is a dazzling high number, almost as big as Belgium's entire GDP, or more than twice the size of A.B. InBev's market cap.
Kaspersky Industrial CyberSecurity
Luckily, the news is not entirely negative. Kaspersky Labs recently released their KICS-suite for Businesses, which enables security departments to detect and localise breaches in real-time, and mitigate any damage as fast as possible. The efficiency of the software was demonstrated live at the keynote event, and was quite impressive indeed. Any irregularities on the network or system got picked up by the software right away, and prompted on the security log console in real time as the attack on the sandbox system took place.
When asked by our team if he thought a future with cyber-attack immune systems would eventually be possible, Eugene Kaspersky answered us by defining his vision of "immune": even though an entirely watertight system is unfeasible, not to say impossible, to ever hope to accomplish, it is possible to design a system that would make the cost to break in higher than the reward, effectively immunizing the system against said attacks. With that goal, Kaspersky Labs continues the fight against cyber crime and will continue to do so for the foreseeable future. Is the future bright? Maybe not. But it's certainly getting brighter.