IE Talks Cybersecurity, Industrial Infrastructure & Digitalisation With Kaspersky In an increasingly digitalised world, cybersecurity and protection of digital information are becoming more important than ever. As the coronavirus pandemic sweeps across the world and with a larger percentage of the global population working from home, cyber attacks threaten infrastructure on a larger scale than before.
R
ussian cybersecurity experts Kaspersky recently revealed a string of cyberattacks on various industrial centres dating back to 2018. At its core was the highlyadvanced malware MT3 - dubbed “MontysThree” by the team - which used various advanced subroutines to remain undetected. MontysThree was responsible for a series of advanced persistent threat (APT) attacks on various actors in the industrial sector. These kinds of attacks are rare but present a potentially catastrophic target for hackers. Today, Industry Europe will be diving into the world of cybersecurity and its role in our digitalised future from those involved in the sector. To this end, we interviewed Georgy Shebuldaev, Head of Growth Center at Kaspersky, to find out why protecting industrial interests is so vital. Industry Europe: Thanks for joining us, Georgy. If you could introduce yourself and what you do, we can begin.
6 Industry Europe
Georgy Shebuldaev: I am the head of the Growth Centre at Kaspersky. The Growth Centre is where we target new Kaspersky business opportunities to deal with various burgeoning sectors. One of our new branches is in industrial cybersecurity, which is a relatively new interest for us, in comparison to protecting home and corporate users. That’s why I’m here. IE: Would you care to explain why it is so vital to protect industry in the same way you would legislature or corporate cybersecurity? GS: Well, the most straightforward answer is just in the connection between safety and security. Regarding Operational Technology (OT) and industrial infrastructure, the connection between safety impacts because of cybersecurity events is very strict. Far more strict in comparison to both banking and corporate networks. The possible risks are bigger. On the topic of the interaction of production processes in
something such as the energy sector, we have the potential for blackouts and a cascade of unpleasant situations and risks. Over the past 20 years, our OT infrastructure has become far more digitalised day-byday. Because of this, the probability of such risks emerges. That’s why, on a global level, we’re seeing a positive movement and a greater push for regulations and mandatory requirements for OT cybersecurity because the issue of plant cybersecurity becomes not only a company-wide risk but could send shockwaves that can be felt at a state level. IE: What potential threats exist or could exist in the future? GS: There isn’t a massive difference between what we see in corporate and business structures and what can happen in operational technology. The best example is ransomware, which is designed to be encrypted into corporate machines to get