Skip to content

The world of cyber threats

February 17, 2011

BBC, 16 Feb 2011: The boss of the world’s biggest security company said the Stuxnet virus that targeted Iranian industrial facilities last year came as no big surprise.

But Enrique Salem of Symantec admitted the ability of the worm was “unprecedented”.

Speaking to a small group of reporters after his keynote address to the world’s biggest security conference, he said “as much as we have been planning and preparing for an attack like Stuxnet, what we saw was a different level of sophistication.

“What we had been anticipating was an attack on critical infrastructure – instead of someone flying over and dropping a bomb they would use cyber warfare to do the attack.”

Mr Salem told the RSA event the worm involved a half a megabyte of code with the “ability to disable the kill switch”.

The security boss also revealed that talk of such an attack was raised at a panel he attended five years ago with a senior executive from the Department of Homeland Security.

“He said it is not a matter of ‘if’ but ‘when and how’ often our critical infrastructure will be attacked.”

Microsoft’s head of trustworthy computing Scott Charney agreed.

“For people working in the field for a long time, the idea of targeted malware in an interconnected world is hardly surprising. The move from the theoretical to the real is one that has often been talked about.”

Mr Salem also added that the day Stuxnet was released was the day the world of cyber espionage changed forever to one of cyber sabotage.

That date was 13 July, 2010.

“Being able to destroy physical property is a real threat. What it creates is a starting point for other attackers.”

Mr Salem pointed to the recent attempts to compromise the computer systems of the company that runs the Nasdaq stock exchange as evidence of how the threat landscape has changed and what the future looks like.

“The problem now is that the attackers aren’t saying I am going after all companies in New York. They are saying we are going after a specific target, in this case the Nasdaq. They can be very strategic in their attack.”

As a result Mr Salem said new technology and new approaches are needed.

“I run the largest security company in the world. I get up and people say I have a vested interest (in pushing this line). But my job is to protect and provide security and when we say critical infrastructure is under attack, it is real.”

Mr Salem mapped out a number of strategic steps that need to be taken to guard against the next major cyber attack. They include an early warning system, better intelligence on what attacks could happen, better protection, the ability to anticipate what any threat could look like and the ability to clean up after an attack.

He also pointed to a role for government that might involve a counter attack or strike.

The idea of a kill switch to allow the government to switch off the internet if it is under attack is one he did not seem overly enthusiastic about.

“The ability for us to turn something off like that and not cause other massive disruption would be very hard. We are becoming more and more dependent on the internet. There are better approaches than trying to shut off the internet.

“When I was in the anti-spam business we had to make sure the cure was not worse than the problem. We have to have better soutions than just turning it (the internet) off but sometimes you have to go to extremes,” Mr Salem told the BBC.

Comments are closed.

%d bloggers like this: