Eugene Kaspersky And Mikko Hypponen Talk Red October And The Future Of Cyber Warfare At DLD

What is the consequence of cyber warfare slowly becoming increasingly common? That was the basic question that guided the DLD keynotes of Eugene Kaspersky, the co-founder of security company Kaspersky Lab, and F-Secure‘s chief research officer Mikko Hypponen.

Kaspersky, who admitted that all his years of security research left him a bit paranoid, argued that the early viruses and malware of the 90s was the equivalent of a bicycle, with the criminal malware we now increasingly face being cars. Stuxnet and other currently active state-sponsored viruses, in his view, are like space shuttles and Red October, the recently discovered highly sophisticated malware that performs very targeted attacks, in his view, is like the space station.

Hypponen took a similar view. The “happy hacker” of the 80s and 90s, he said, is long gone. Instead, we now have to deal with criminals who try to make money from their malware and botnets, hacktivists who try to protest and governments attacking their own citizens and other governments for espionage and full-scale cyber warfare.


F-Secure’s Mikko Hypponen

Asked about the highly targeted and personalized Red October attack, both Hypponen and Kaspersky currently seem to assume that it was a state-sponsored attack, especially given that it took a good amount of traditional espionage to target the embassies, European Union agencies and space and nuclear research centers around the world the malware attacked over the last few years. Still where it came from remains unclear, especially because it attacked sites in a multitude of countries. This, too, leads Kaspersky to believe that it wasn’t developed by Russia. Red October, after all, attacked a number of sites in Russia. In his view, it could be from Israel, a hacktivist group, or, he speculated, maybe the secret services of different countries were customers of a group of sophisticated hackers.

As for cyber warfare in general, one thing Hypponen especially stressed is the difference between cyber espionage and cyber warfare. Spying, said Hypponen, is not warfare. “Warfare is something different,” he said. “It’s when you start using malware, viruses and backdoors to target our critical infrastructure.” Today, he argued we are seeing the very first stages of a global cyber arms race. We are now seeing many other governments besides U.S. and Israel jump on the same bandwagon and now that other countries see that these attacks are successful, they want to jump on the bandwagon, too.

Stuxnet and the Manhattan Project

Hypponen went on to liken Stuxnet, the virus that targets Iran’s nuclear program to the Manhattan Project. The scientists involved in created Stuxnet, he argued, lost their innocence when they worked on this. It’s possible, after all, that Stuxnet killed people, though we can’t be sure about that. “The people who launched this must have understood and did it anyway,” said Hypponen. “We crossed some line as mankind when we started doing that.”

It’s just a matter of time before we cross this line again, Kaspersky thinks. The main question for him is if we ready to give up some of our technologies because they have become to dangerous? In human history, he argued, we sometimes had to stop using new technologies like the airship or the Concorde after major accidents. What if the threats on our cyber systems lead us to have to quit using some forms of IT and store government data on paper again? Are we going to put humans back in charge and handle tools mechanically instead of using robots and sophisticated appliances to run our electricity systems and factories? “Probably not”, said Kaspersky, but he is afraid that “the situation is going from bad to worse.”

Looking ahead, Hypponen believes that the next major war between developed countries will definitely include some form of cyber warfare, maybe to shut down electricity and defense systems before launching a conventional attack. “It won’t be a ‘clean’ cyber war,” Hypponen believes.

Asked whether we will experience a major and devastating cyber attack that will influence the general public in the next three years, Kaspersky showed his paranoid side and noted that those already happened. He blames the major East Coast blackout of 2003 on the Blaster virus. “We still don’t understand that we live in an absolutely different world,” said Kaspersky. “We are like Alice in Wonderland and don’t know how to behave in this different land.” On the positive side, though, he said that he believes “that we will survive.”