Eugene Kaspersky – Chairman and CEO, Kaspersky Lab
"We have four ATMs in our head office basement, which we do tests on. But we don’t have enough parking space in the basement to test trains, but we’re near a small harbour so we may yet test how we can hack into a ship.”
Carbanak was a $1 billion bank heist carried out over two years, by targeting and infecting the front-end clerk computers to gain access to emails, allowing the crime gang to harvest intelligence. Then slowly and with no noise, they began integrating their malware into the system to ultimately provide controlling administration rights to the bank’s computers. Then they could do anything they wanted! They started paying fake accounts, fake employees, fake company suppliers and as Kaspersky said with a smile, created “magic credit cards, like a normal credit card but no daily limit and the balance is always the same – magic!” The cyber robbers were also managing the ATMs and it wasn’t until a bank called to report an infected ATM that the ruse was discovered, ultimately resulting in offenders arrested from around the world. But not all of them. This heist was organised by Russian and Ukrainian cybercriminals and despite the current geo-political conflict underway. Kaspersky emphasised, “For cybercriminals, business is business.” The key point Kaspersky makes, in his heavy Russian accent, was that all known offenders were Russian speaking. “Russian software engineers are the best, Kaspersky boasted, “Russian cyber criminals are also the worst! That’s the reality. The technical education in Russia is the world’s best. Sometimes the software engineers go to the dark side and bring new technologies to the region and now we’re seeing these attacks globally.” Kaspersky also described how cybercrime is now an economy unto itself. “There has been an economy develop where the malware is created and traded, others steal the data and trade it. We call it crime as a service. They behave like businesses and some even pay taxes.” Police even know of cyber gangs but unless there are victims in Russia or calls from overseas agencies, they may not have sufficient grounds to launch an investigation. Of increasing concern, Kaspersky highlights, is the internet
of things has been shown to be vulnerable. “In the past it was just computers and smart phones, but with the Mirai botnet, we are seeing attacks on CCTV Cameras and a number of IoT devices. Plus, despite the growth in the human population, the population of smart devices is now larger than the population of smart humans. Computers make less mistakes than humans, they sleep less, consume less. In the old days, the guard at the door was armed and standing with a security dog – it was secure but not safe. But today with computers, it is cyber that makes it safe but it is not secure.” Crime groups have started working together and now cyber and physical crime gangs are working to turn off physical security systems via cyber-attacks before breaking in or committing robberies. In Russia, a bank robbery was committed after the security cameras and alarm systems had been hacked and switched off. Digital SCADA systems are also vulnerable to cyberattack and SCADA systems also make mistakes. New criminal business models are targeting manufacturing and transportation – with cases of stolen commodities. Coal was stolen from a coal mine and facilitated by hacking the system and changing the weight of the coal weighing systems so the theft went undetected. Petrol was stolen from an oil refinery and by hacking into the system’s temperature controls they were able to alter the volume of petrol, which changes in volume based on temperature. Preventing attacks on critical infrastructure is a key challenge, with the most critical being the power grids. “Without power, it will be the end of our civilisation.” Kaspersky said. In the major power blackout in Northeast USA in 2003, the Blaster worm virus had damaged the network files in the unpatched Unix systems, which coincided with a technical system error which wasn’t detected because the Unix machines weren’t talking to each other and ultimately resulted in the blackout. The Blaster worm was therefore a contributing factor but not the cause. In 2015, it was a pure cyber-attack against the Ukraine power grid by the Russians which took out 200,000 premises. The attack involved wiping the network’s software, as well as the firmware, so it wasn’t possible to get the grid up again without sending engineers in to re-build. “So, we live in the age of cyber-blackouts,” Kaspersky declared. The next critical infrastructure concern is on transportation. Technically, it is possible to own a car via hacking the car’s computer. The WikiLeaks NSA files have also confirmed the CIA had been doing tests and discovered the vulnerability in modern vehicles. When we think of driverless ships, trucks, aeroplanes and trains which are all being made automatic, they will all be vulnerable. Kaspersky disclosed, Australian Cyber Security Magazine | 15