ARTICLE by
CAROL ODERO
IT leadership
Is Cyber Immunity The Future of Cybersecurity? What kind of security do you need in 2023? It turns out the answer is much. There is no one-size-fits all especially with the list of threat predictions in 2023 Eugene Kaspersky – yes, that Kaspersky - is the kind of person who when they walk into a room, you know they’re bringing something with them. In his case, it starts with an extroverted persona that feels larger than life and ends with a brilliant mind. Founded in 1997 by well, Kaspersky, the company is headquarted in Moscow, Russia. They are well known for their antivirus software which is designed to detect and remove viruses, malware, and other threats from computers and mobile devices. “Unfortunately, the bad guys are very active, so we are seeing a massive increase in the daily incidence of malicious files. Our daily catch is now about 400,000. This is an indicator that there are more people developing malware, and the criminals are getting smarter.” He adds that, “We have witnessed an increase in cyber-attacks ostensibly aimed at gathering intelligence. There has also been the development of new malware, and, along with the heightened awareness of the importance of cybersecurity has meant organisations are increasingly investing in cybersecurity.” Something which has led to the rise of international cooperation were countries are coming together to address growing threats. Eugene mentions two worldwide cyberthreat trends namely professional targeted attacks (APTs) by criminal and espionage groups, and attacks on industrial and critical infrastructure. Attacks are also highly complex, 6
professional, and massive in scale. He particularly identifies REvil aka Sodinolibi, a ransomware actor whose group members were arrested in November 2021. Just Google ‘cybercriminals arrested’ and you will find more of such stories. For Eugene, this presented an opportunity - to construct a cybersecurity ecosystem which will cover all cybersecurity scenarios over entire corporate infrastructure. The ecosystem will be managed from a single platform embedded automation for security operation centers. And — very important — the ecosystem will exercise the principle of zero trust approach for highest security levels. “Today’s hyper-connected world requires us to reconsider the way we do cybersecurity. We need to shift toward a more reliable approach – one with no room for error. This is why we’re working on developing cyber immunity products with ‘innate’ protection against cyberthreats. Most attacks on the cyber immune systems are ineffective. We want a safer and more resilient digital world where cyber immunity is the new norm,” said Eugene.
All interactions between them are controlled at the level of the microkernel and the internal security system: they allow only what was indicated at the stage of system development. That way, even if an attacker could gain access to any of the components, they will not be able to perform malicious actions and in any way affect the operation of the system. Eugene gives a rather alarming list on what to expect in 2023. •
Other advanced threat predictions for 2023 include: •
SIGINT-delivered malware: One of the most potent attack vectors imaginable, which uses servers in key positions of the internet backbone, allowing man-onthe-side attacks, may come back stronger. While these attacks are extremely hard to spot, they will become more widespread and will lead to more discoveries.
•
The rise of destructive attacks:
Today, traditional operating systems work with added security tools, such as antiviruses. The problem is that even those do not guarantee 100 per cent protection. And in some cases (for example, electronic control units in cars), it is impossible to install them. Enter cyber immunity with its architecture is based on the division of objects into many isolated modules.
www.cioafrica.co | MARCH-APRIL 2023 | CIO Africa Magazine | by dx⁵
The next WannaCry and drones for proximity hacking. Statistically, some of the largest and most impactful cyber epidemics occur every six to seven years. The last such incident was the infamous WannaCry ransomware-worm, leveraging the extremely potent EternalBlue vulnerability to automatically spread to vulnerable machines. Kaspersky researchers believe the likelihood of the next WannaCry happening in 2023 is high.
