This February, Kaspersky Lab held quite an important event: the annual Industry Analyst Summit. This was the third time we invited top security industry professionals to discuss a wide range of topics including our current and future product strategy, technologies aimed at providing the best protection for consumers and businesses and the threat landscape and its impact on the entire cyber environment. Discussing such a broad range of topics requires the best people from the company. Hence, a prominent team of Kaspersky Lab’s top managers, security experts and product development leaders, led by Eugene Kaspersky himself, were present at the event.
Business security was one of the major topics of the event, and two very inspiring presentations by Eugene Kaspersky and Costin Raiu, Director of Global Emergency Response and Analysis Team, partially covered this particular topic. The most alarming outcome of the presentations, which is also part of the following discussion, was that it is now much cheaper to perform an APT attack on a business than it was in the past.
Eugene’s presentation spoke to how cybercriminal acts have evolved over the last decades, starting from pure research endeavors in the 80s, passing the “criminal to consumer” phase in the late 90s, when cybercrime realized the potential to make real money in cyberspace, and ended with today’s unsound environment of governments spying over other governments, cybercriminals extorting money and confidential data from businesses and highly sophisticated teams targeting critical infrastructure.
Costin Raiu, of Kaspersky Lab’s GReAT team, provided even more details, and the alarming fact that the corporate world is the reason why the price of an advanced cyber attack has dropped over time. According to Mr. Raiu, the price tag on Stuxnet, a highly complex cyberweapon, topped $100 million. The Icefog campaign, discovered by Kaspersky Lab’s experts in late 2013, has a cost an estimation of only $10,000. That is a huge discount, despite the fact that those behind the attack employed custom-made tools to successfully conduct cyber-espionage against government entities, military contractors and other government and private organizations, mostly in South Korea and Japan.
Businesses that considered the probability of a sophisticated attack on their information impossible have to think again. Another interesting fact about Icefog was the fact that this attack was a surgical one. This means that attackers knew how to attack and knew what information they get wanted and where to get it. As it is often the case with advanced attacks, this one was staged not only by technology means, but also with certain advanced reconnaissance.
When we ask businesses about the most frequent security issues they experience, the typical answers are often “spam” and “general malware”. Those are not unusual, since hundreds of thousands of new malicious programs are pushed online every day. But when we talk APT, we think of malware and/or attack scenarios that are specifically targeted at a certain company. For quite some time, businesses could act as spectators watching how high-profile attacks like Stuxnet, supposedly high-budgeted government-initiated projects. This is not the case anymore since a $10k price range means that even small businesses may be attacked as well. Our solution? Complex threats can be blocked by complex technology. We have many in our arsenal, and the best example would be Automatic Exploit Prevention. Read more about it here.