Kaspersky Lab’s Position On Evolution of Cybersecurity

The progress of science and technology has always had a dark side to it. Kaspersky Lab’s security solutions have always given our customers — both individual consumers and large corporations — the ability to have full confidence in their computers, to trust them completely, at every stage of cyber threat evolution.

Kaspersky Lab’s Position On Evolution of Cybersecurity
 
Kaspersky DDoS Protection was introduced to protect businesses from all types of DDoS attacks and to ensure prompt recovery from the consequences of distributed denial of service
 
Kaspersky Mobile Security for Android was added as a security solution for Android mobile products
 
Kaspersky Security for Mac OS was introduced as a security solution for Apple mobile and portable hardware
 
Kaspersky Fraud Prevention is a security solution for mobile and online banking
 

The Securing Smart Cities project was rolled out to identify the weaknesses of urban infrastructure and come up with recommendations for city managers

 
The Kaspersky Anti Targeted Attack Platform and Kaspersky Industrial CyberSecurity were introduced to combat targeted attacks and advanced persistent threats facing industrial businesses and facilities






What New
Online Threats
We Will See
in 2020

Kaspersky Lab’s Position On Evolution of Cybersecurity

Things That
Get Too Smart

The business model used by cyber extortionists is quite straightforward: criminals block the user’s access to personal data on his computer or other digital device, forcing the user to pay ransom to regain access to his data. The more we come to rely on our digital data, the more wide-spread this kind of blackmail becomes. The number of victims attacked by blackmailers in April 2015 — March 2016 was up 5.5-fold year-over-year. The Institute for Critical Infrastructure Technology, a cybersecurity think tank, released a report predicting even bigger problems with the advent of the Internet of Things, when it will be about blocked critical cloud services and unavailable essential hardware necessary for keeping up our lives comfortable and safe, rather than about blocked access to user files. We can make some projections today about which areas of our life will be most vulnerable.







Robots

The world is going to have more than 20 billion Internet-capable devices by 2020. And these are going to be not so much smartphones as is the case today, as stand-alone equipment, such as military and civilian robots, which are going to perform all kinds of routine tasks. Attacks against technical «personnel» will become prevalent in antivirus companies’ reports very soon, and malware targeting robots will become as ubiquitous as are smartphone apps now.

Medical
equipment

Remotely controlled artificial organs, exoskeletons, wearable computers which have become body parts. Data collected by all of these and other similar devices will be transferred to cloud storage to enable, for example, your physician to monitor for even the smallest deviations from the healthy state. A few years ago, hacking experiments demonstrated the vulnerability of a cardio stimulator and an adrenalin pump. Two US medical institutions had to pay ransom to cyber criminals on 2016 to recover patient data encrypted by ransomware. For now, criminals can grab only medical records by gaining unauthorized access to computers, but direct access to medical equipment is clearly the next step in their criminal game.







Smart
cities

Songdo, a city in South Korea, has sensors installed on every square meter of the city connected to central control units. Residents Milton Keynes, England, get around in self-driving cars and public transit vehicles. A city-wide operating system controls public utilities in Barcelona. Researchers are discovering vulnerabilities in elements of future smart cities which are already in operation today (for example, in outdoor security cameras; in police body cameras in the US; traffic lights and subway data systems). The day is not far when smart cities will begin to interact by distributing infrastructure loads efficiently, which means that a vulnerability in just one element can trigger a domino effect, infecting the whole system, taking cyber terrorism to an entirely new, much more chilling, level.

Smart homes, offices
and cars

Household appliance (and, sure enough, home robots) will take control of all the household tasks, giving instructions to one another, just to keep the human masters happy. Weave, one of the world’s first device-to-device interaction protocols, has already been developed for the purpose. However, connected devices in the home and office are facing the same problem as connected hardware outdoor — they are vulnerable to cyber attacks and the same highly dangerous domino effect if an attack is successful. Gartner forecasts that more than 25% of known attacks against industrial companies will be channeled through elements of the Internet of Things by 2020. And the cars city dwellers of the near future will use to commute to work in the near future are also vulnerable, as was proven in 2015. The experiment was repeated in 2016, with even more dire consequences.

Decentralized
organizations
and crypto exchanges


The blockchain technology — a decentralized network for simultaneous transactions — will sooner or later replace conventional exchanges and other autonomous transaction registration systems. Unauthorized withdrawal of at least US$ 50 million from The Dao, the world’s first fully automated investment fund (where DAO stands, among other things, for a decentralized autonomous organization) showed that theft is possible even without use of any malware. The criminals tricked the system by using the time lag between actual cash withdrawal and the transaction getting reflected in The Dao account, as well as the capability of creating a subsidiary to which Ethers can be transferred (Ether/ETH, a relatively new cryptocurrency created as part of the Etherium project). Cryptoexchanges, which provide venues for trading Bitcoins, Ethers, Litecoins and other cryptocurrences, are constantly coming under attack, even before they become established and gain a significant following.

Defending
against ransomware


Kaspersky Lab released a free tool to protect smaller and medium-sized businesses (SMB) against encryption and ransomware on August 9, 2016, Kaspersky Anti-Ransomware Tool for Business 1.0 Beta 2. The tool uses System Watcher to track malicious activities by unknown «strains» of malware, while Kaspersky Security Network is responsible for checking the system for any code samples of ransomware and encryption ware already known to KL. The new tool is compatible with many security solutions by third-party vendors.

What can you do
if you had no protection,
and now your files
are encrypted?


There is no magic bullet — a software tool that can recover any file regardless of what malware was used to encrypt it. However, Kaspersky Lab experts wrote the code for RannohDecryptor, a free decryption tool capable of dealing successfully with several Trojans. The tool was originally created to help the victims of Rannoh encryption malware, and then more functionality was added to the tool, and now the victims of CryptXXX can also «life the evil spell» from their encrypted files.