Kaserspky Lab CEO Eugene Kaspersky and his team are in New York today, telling potential customers and partners how cyber warfare impacts corporate IT security. The speaker lineup includes Howard Schmidt, former cyber-security coordinator for the Obama Administration. Side note: Kaspersky Lab has been developing its own secure operating system to protect nuclear reactors, electric grids and other mission-critical infrastructure. Given today's event location, it's a safe bet Kaspersky Lab also wants to engage Wall Street and financial services customers. Here's a live blog from the event.
Today's gathering arrives ahead of the Kaspersky Lab Partner Summit (Feb. 7-10, Cancun, Mexico), one of The VAR Guy's Top 100 Channel Partner Conferences for 2013. The VAR Guy's guidance for partners: Read the blog below, take some notes, then go armed to the Kaspersky Lab Partner Summit to determine how the trends below will potentially impact your customers' businesses.
Note: Check this blog often as each area will be updated throughout the day.
Recap: Eugene Kaspersky and Schmidt discussing cyber-warefare's impact on corporate IT security.
- 2012: Red October and other cyber warfare and espionage attacks emerged. The myth of Mac security invincibility ended.
- What industries are most vulnerable to attack? Kaspersky said his mind is caught in an "endless loop" trying to answer the question, but power, telecommunications, transportation and military come to mind.
- There are not enough IT security experts and educated professionals. "We need more and more experts," said Kaspersky.
- But, he conceded we must balance security with freedom, and each industry may require a different balance.
- Schmidt walked attendees through some horror scenarios involving transportation systems going dark and airlines essentially being stranded. Real warm and fuzzy stuff.
- Back in the 1980s there were was a war dialer that attacked a city grid and turned all the traffic signals green. "When you look at that category it's different than someone trying to steal" your business plans. "But the fundamental vulnerabilities are the same in all industries." The solutions are always similar but the vectors from which they emerge may be different.
- Can security keep up with constant innovation, such as Google's self-driven car? "I hope I will die before the end of technology innovation," quipped Kaspersky.
- Worst-case scenarios for cyber terrorism have yet to play out, concluded Kaspersky.
- Cyber criminals are increasingly chasing money.
- Nation states, however, are driven by something else.
- It costs several hundred billion dollars to make nuclear bombs, but cyber warfare is much less expensive.
- In 2009, the Aurora operation attacked Google, Adobe, Juniper, Yahoo, Morgan Stanley, Dow Chemical and more.
- Also read up on DuQu in 2011.
- Gauss-oriented attack is a nation state sponsored malware attack. It is stealing banking credentials. They apparently were trying to find information about how financial organizations move money around to pinpoint weak points. But ultimately, the true purpose of the technology is unknown. There is an encrypted warhead deep inside -- the best minds are trying to crack the encryption and everyone has failed.
- The latest malware worth watching is Red October. Kaspersky spotted the malware in 2012. Diplomatic institutions -- embassies -- were targeted. One module steals information from iPhones, Android and Windows phones.
- Three dangers of cyber warfare: (1) Ideas from cyber weapons can be re-purposed and copied. (2) Companies become collateral victims in the cyber war between superpowers. (3) Cybercriminals start using weaponized exploits that were originally developed by governments.
- Against military grade weapons you want the best available defense technologies. The keywords you want to look at include Patch. Whitelist. Default deny. Exploit prevention.0-day defense. Realtime protection. Cloud protection. Perimeter. Green zone. Raise awareness. Access control. Education. "Without education and awareness bad things turn into catastrophes.
- Andy Steingruebl, senior manager, customer and ecosystem security, paypal
- Eddie Schwartz, CISO, RSA
- Adrian Stone, director, security response, RIM/BlackBerry
- Costin Raiu, director, global research and analysis team, Kaspersky Lab
- The number of true attacks are likely 5 times larger than reported.
- What chance do SMBs have amid cyber attacks? The cost of exploitation falls every day.
- Humans are now high-value targets, as are their BYOD devices.
- Businesses should invest more in application security testing.
- In the old days of security, you tried to get visibility and control in your data center. Now you've got a bunch of service providers you need to trust.
- Adoption rate for full-disk encryption has skyrocketed thanks to regulations.
- Bug bounty programs incent hackers to report bugs to companies rather than using the vulnerabilities for malicious intent.
- BYOD: We haven't evolved mobile strategy and innovation to the point where we can say bring your own device, do your fun stuff, and have corporations effectively protect the device.
- BYOD is Like GMYD: Give Me Your Device -- as in the corporation wants to control it.
- How do you maintain great user experience even as you manage BYOD? Big panel debate.
- Have a crisis plan before you need it.
- Don't underestimate the impact of cloud computing, where data lives, and who manages it.
- How do you use Big Data to look into uncertainty, detecting potential threats and then mitigating them?
- Mobile device management, encryption and patch management with a solid password policy can do a lot to mitigate the risks.
- He offered a list of the biggest attacks and incidents of 2012. The VAR Guy will post that list later.
- Changes in malware involve the attacks becoming very, very targeted.
- How are Botnet's formed and why are they financially profitable? Orans explained it step by step. The VAR Guy has a photo of the process. Nasty stuff. More later.
- Three- to five-percent of corporate PCs at any given time have been compromised by botnets. Roughly 20 to 30 percent of consumer-grade PCs have suffered from botnets.
- Three ways to protect BYOD devices: MDM, hosted virtual desktops and network access control.
- Anti-spam companies becoming cloud application brokers: Web filtering, anti-malware, DLP, identity services, encryption services, devices profiling, audit and logging.
- Businesses want three things: Agility (move fast, be nimble and flexible); efficiency (cut costs, consolidate and streamline) and productivity (maximize the value of existing resources; do more with less).
- Malware gets in the way of all that. There are more than 200,000 new samples daily. There are more than 35,000 malicious programs that target mobile devices.
- The new offering includes encryption, mobile security and MDM. It's all in one dashboard/console. MDM piece involves security, full-visibility, policy enforcement. Container technology allows corporate applications to be separate from a user's private BYOD applications. You can draw a line between corporate and consumer data. That also allows content to be selectively wiped if the device is lost or stolen.
- In terms of systems management, there's systems provisioning, vulnerability scanning, license management, remote tools, patching and network admission control.
Keep checking back for updates.