Cybercrime has historically focused on causing disruption in cyberspace, but Eugene Kaspersky, founder of Kaspersky Lab, tells Sophie Curtis that traditional ‘real world’ criminals are also moving online
The distinction between real-world crime and cybercrime is becoming increasingly blurred. In the past, thieves, robbers and fraudsters would rely on knives and guns to get the job done; today they are more likely to use phishing scams, denial-of-service attacks and trojans.
Traditionally, the purpose of these cyber attacks has been either to steal data, which can be sold on the dark web for financial gain, to steal money directly, or to sabotage the computer systems of a company or organisation in the pursuit of some political, social or moral cause.
However, a new and far more dangerous type of cybercrime is emerging – the use of carefully targeted malware to support traditional crime.
According to Eugene Kaspersky, founder of Russian multi-national computer security company Kaspersky Lab, criminals are already using cyber attack tools to carry out theft and commit fraud in the real world.
In an interview with The Telegraph, he described how a Latin American drug cartel had hacked the SCADA computer system running Antwerp’s shipping port, so they could unload containers full of cocaine under the noses of customs officials.
He also recounted how mobsters had hacked into the computer systems of a Russian mining company, allowing them to siphon off tonnes of coal and sell it in secret; and how another criminal gang had hacked the system that issues loyalty cards for a chain of petrol stations, in order to get huge discounts on fuel.
The use of cyber attack tools to support traditional crime is a growing trend, said Kaspersky, and there are already examples of cyber attacks resulting in loss of life.
In August 2008, for example, Spanair Flight 5022 crashed just after take off from Barajas Airport, killing over 150 people . An internal report revealed that its central computer system was infected with malware, which may have prevented the detection of technical problems with the aircraft.
The most concerning example to date of a cyber attack with real-world consequences was the Stuxnet virus, which infected Iran’s uranium enrichment facility at Natanz in 2009 and 2010, destroying roughly a fifth of Iran’s nuclear centrifuges by causing them to spin out of control.
Although no one was killed in the Stuxnet attack, it showed the potential havoc that a cyber attack on physical critical infrastructure could wreak. Some alleged that the US government was behind the attack, describing it as the ” world’s first cyberweapon “.
“This is not science fiction, it’s not a scenario we are waiting for, it’s already happened,” said Kaspersky. “It’s a really scary thing because these systems are everywhere – all the world is managed by computer systems, from elevators to power grids to water pumps to cars.”
Kaspersky said that, with the proliferation of the ‘Internet of Things’ and web-connected devices in buildings and vehicles, the potential for cyber espionage is also growing. As he puts it: “You are watching TV and the TV is watching you”.
A recent study by Kaspersky Lab revealed that two-thirds of adults are unaware that cyber criminals could use malware to take over their mobile device camerato steal private, stored images, and even take some compromising photographs of their own.
According to the study, 57 per cent of adults have sex within sight of a camera-enabled mobile device, 44 per cent take them into the toilet, 37 per cent get undressed in the presence of these devices and 30 per cent leave sensitive documents or payment cards near their devices.
Kaspersky said that anyone who finds espionage tools on their computer should assume that their data has been stolen. Furthermore, they should no longer trust their own data, because the cyber criminals could have modified it.
“Espionage tools are very close to cyber weapons. In the physical world there is a big distance between the button and the bomb, but in cyberspace there are no distances,” he said.
“It takes very little effort to upgrade an espionage tool to a cyber bomb. Imagine there is an espionage tool that is looking for a specific configuration – it will look around until it finds that configuration, and then a warhead will be send via a software upgrade and … boom.”
He added that many nations already have cyber weapons that could be used to cripple other countries’ physical infrastructure systems in the case of a war.
Reports indicate that NATO and Ukrainian media websites suffered denial-of-service assaults from Russia during the referendum on Crimea earlier this year, and that servers in Moscow took apparently retaliatory strikes afterwards.
The French, the Israelis and the Chinese are also known to be hard at work on cyber weapons of their own, with the initial aim of spying on other national governments.
However, there is a much bigger threat if the focus of attacks shifts to critical infrastructure, with the goal of disrupting or disabling essential services. Kaspersky said he hopes such cyber weapons will never be used by nation states in this way, because the results could be catastrophic, and could set a terrifying precedent for terrorists.
“The traditional mafia came to cyberspace with ideas about how to use cyber to support traditional crime. I am afraid next the terrorists will migrate to cyberspace,” he said.
“In cyber space there is a very short distance between criminals, activists and terrorists. You attack a web page and cause it to crash, that’s crime; you do it a bit more strongly and crash a country, that’s terrorism.
“It is possible to employ software engineers to develop the components of cyber weapons without them having any idea who is assembling those components together. Maybe the terrorists are designing these weapons right now. It could happen anywhere.”
Kaspersky said that it is difficult for traditional intelligence agencies to keep on top of these threats because, unlike real-world crime, cybercrime leaves very little trace. In many cases, computer systems will need to be redesigned from the ground-up, to put a greater emphasis on security.
He also said that legislation is needed to create better standards for critical infrastructure security systems – not just from a physical perspective but from a cyber perspective.
“To protect critical infrastructure, the only option is to develop very secure operating systems and very secure applications on top, and produce very strict regulations for these systems. We need a lot of engineers and we need to allocate a lot of resources to this,” he said.
“There is not a nation in the world which is able to do it in a short period of time, so we are in danger because these systems are vulnerable and we can’t fix them right now.”