The Kaspersky Lab Cyber Conference “2012: IT Security in the Age of Cyber Warfare” was held on February 5-9, 2012 in Cancun, Mexico. The conference brought together senior figures from international government, non-government, and law enforcement organizations; top IT industry analysts; and key company experts, to discuss the new paradigm of evolving cyber-threats, the measures required to control cyber weapons, and the future of the IT security industry as a whole.
Conference Day One: The Cyber Threat Landscape in the Age of Cyber Warfare
Director, Global Research & Analysis Team
The Cyber Threat Landscape in the Era of Cyber Warfare: a Review of 2011 and a Forecast for 2012 and Beyond
The recent spate of targeted attacks on major corporations and state organizations all over the world, the use of malicious programs as weapons for waging cyber war and conducting espionage, and the cutting-edge technology of state-backed malware (Stuxnet, Duqu, etc.), all herald the beginning of the new cyber era - the era of cyber warfare. As Kaspersky Lab predicted in 2010, the cyber scene is undergoing a reshuffle of forces, which is seeing a sharp rise in the power of relatively new but already influential players besides antivirus vendors, software developers, and cybercriminals: cyber-superpowers.
In his presentation, Costin Raiu tracks the evolution of the main tendencies in the field of cybercriminal activity, evaluates the key incidents of 2011, and shares his projections for 2012 and beyond, based in the particular interests, capabilities and limitations of the main players in cyberspace..
Chief Malware Expert, Russian Global Research & Analysis Team
Lifting the Lid on Cyber Warfare Incidents: Stuxnet, Duqu and More
Use of the Stuxnet worm was one of the most striking examples of cyberwarfare, making plenty of waves in the media in 2010. It was discovered by chance during an attempt to solve some stability issues on a PC which in fact turned out to be compromised with one of the most dangerous instances of malware the world’s ever known.
Stuxnet targeted industrial infrastructure. Together with Duqu – a descendant of Stuxnet that appeared in 2011 – it changed the definition of cyberattacks and ushered in a new era of cyberwarfare.
How many such threats exist that we don't know about until systems start behaving strangely? How long can they stay invisible? How are they built and what skillset is required to develop such malware?
Vitaly Kamluk, along with other members of the Global Research and Analysis Team at Kaspersky Lab, has been actively researching cyberwarfare type threats as well as other recent dangerous malware such as Xpaj, since their onset.
This presentation will explain what is common among all these incidents, and how they are related to cyberwarfare. We will share with you some of our latest insights on these topics!
All of this research work was possible due to a series of successes in international collaboration. Such collaboration is extremely important in analyzing such threats, and Vitaly Kamluk is going to shed some light on what works well and what doesn't in this field of activity.
Senior Security Researcher, EEMEA, Global Research & Analysis Team
The Shadow Economy of Cybercrime: New Platforms, New Targets, Ever Increasing Profits
While cyberwar is certainly getting all the front-page headlines right now, especially because of the well-known cyber-espionage and cyber-sabotage operations pioneered by nation state players in the past years, it doesn’t mean that traditional cybercrime is no longer a threat.
As long as traditional cybercrime will make a profit, there will be people doing it and there will be people trying to stop it. The days in which virus writers were creating malware just to make a point or just to prove that they can do it are gone for a long time. Right now, most of the malware appearing is written with just one purpose: financial gain.
Cybercriminal businesses behave the way real businesses behave – they are always connected with the latest happenings in technology, trying to closely follow the users – because that’s where the money is. This presentation aims to take a look at how traditional cybercrime has evolved and where it is going. We’re going to take a look at the new platforms which cybercriminals are targeting, their latest victims and their ever increasing profits. And last, but not least, we’re going to see if this is all going to stop anytime soon.
Chief Executive Officer
The Internet as a Military-Free Zone - a Dream or an Opportunity?
Over the past two decades the Internet has become an integral part of our daily lives. Today Internet communication in inseparably linked to the essential industrial and infrastructural systems upon which all our lives depend in the modern world. This is a strategically important channel of communication, and it needs to be protected - both from cybercriminals and from military interference.
The discovery of the first state-sponsored malware programs – Stuxnet (2010) and Duqu (2011) – has demonstrated to us all the new capabilities that can be applied in conducting cyber-espionage, cyber-sabotage, and potentially even cyber-warfare via the Internet. The danger shows itself in the technical might of military software able to inflict damage on large industrial installations and a lot more besides, and also in the element of surprise: both Stuxnet and Duqu were found only by lucky accidents, but had both been operating long before their discovery.
A degree of panic that began to be felt in 2010 due to the discovery of the Stuxnet worm led to several nation states deciding to equate use against them of cyber-weapons with real, “traditional” acts of war with bombs and bullets. Then in 2011 practically all large countries of the world have showed their readiness for the creation and use of cyber-weapons - albeit off the record. All this testifies to the fact that we find ourselves at the dawn of a new era - the era of cyber-warfare.
In his presentation, Eugene Kaspersky will talk about the systemic threats which the world today is up against due to the development of IT, give examples of the most serious malware incidents, and share his vision of how to protect the Internet and its users from the use of cyber-weapons.
Conference Day 2: IT Security in the Age of Cyber Warfare
Chief Sales and Marketing Officer
Kaspersky Lab Business Overview and Strategy
Garry will start with a look at what Kaspersky lab has achieved over the last 15 years – its main milestones and achievements – and then go on to provide some insight on its recipe for success – confirmed by its strong positions in different markets around the world – including its constant monitoring of market trends and listening to clients and partners, its world-beating technological innovation, and its proactive vision of threats. Garry will close by sharing some of the company’s long-term business strategy plans; namely, international expansion, channel and partner-network management, and business development in different segments with an emphasis on the corporate one.
Chief Product Officer
The Evolution of the Kaspersky Lab Approach to Corporate Security
We live in a constantly changing world, and that includes in the field of corporate IT security. Simple antivirus software was enough for most companies ten years ago and earlier; later firewalls were added, but only relatively recently have companies started to feel the need for better control over their IT security. This is because today companies have to deal with a variety of operating systems and platforms, virtualization, consumerization and advanced persistent threats; thus, endpoint protection needs to be functional, complex and all-encompassing, while being light on system resources at the same time.
We at Kaspersky Lab develop a symbiosis of security technologies, covering all possible endpoint platforms in an efficient way so the client doesn’t have to spend ages on implementing our solutions. We constantly add new features and functions to make manageability of endpoints as easy as possible, and this ensures that our next steps – introducing data protection and encryption on endpoint machines – will be relatively easy.
Join Kaspersky Lab on its evolutional path from simple antivirus to comprehensive yet straightforward management of the corporate security environment.
Chief Technology Officer
Kaspersky Lab Technology Vision and Strategy
Kaspersky Lab has always been known for its technological excellence and innovation in antimalware, and we still remember our antimalware roots, exemplified by our new breakthrough generic exploit detection technology. But in addition to antimalware we are breaking new ground with new technologies and features. One example is our whitelisting technology - representing the best whitelist database in the industry.
The next steps we are to take include heuristic detection of growing mobile malware threats, online banking protection taken to a new level, and further expansion of anti-malware solutions’ manageability – particularly for mobile devices in companies – through the Kaspersky Security Center. Be ready for more visionary and strategic updates for the future IT-protection ecosystem from the pioneer of anti-malware technologies.