Saleh Fareed
Saudi Gazette
JEDDAH — Maintaining cyber security is an important part of Saudi Arabia’s national strategy and is high on the government agenda, according to an expert.
“The Saudi government has been paying a lot of attention to possible cyber threats over the last several years, and its awareness of the scale of the potential problems that cyber criminals and cyber terrorists can cause is quite high,” said Eugene Kaspersky, Chief Executive Officer and Chairman of Kaspersky Lab.
Eugene said that the Saudi government has always placed great emphasis on cyber security. “I believe Saudi Arabia is on par with many other countries regarding the level of its cyber defenses. It’s probably not in the leading group, but from what I see it’s hardly backward. The problems in Saudi Arabia are the same as all over the world: there’s a deficit of highly-skilled software engineers in IT security, and there’s an obvious reliance on IT infrastructure in the everyday life of the country,” he said.
He explained, why Saudi Arabia is considered a hot target. “The reasons why it’s considered a hot target are obvious: there’s a lot of money in the country that the bad guys would like to steal, and it’s an important regional player: a G20 member and the largest oil exporter in the world. In our complicated world that means there’ll be other players who would like to steal Saudi secrets and, potentially, in case of an international crisis, use cyber weapons against it.”
He noted that the US has probably the best cyber defenses in the world and the whole world needs more software engineers and more investment in making software more secure, particularly when it’s used to operate critical infrastructure.
He said: “We are currently working on our own secure operating system for industrial use, but it would take some time to adapt the existing software to the system.”
Giving some examples of specific threats that were difficult to eliminate, Eugene said: “We are seeing today how targeted attacks are getting increasingly sophisticated and hard to detect. The espionage campaigns that we have investigated in the last few years — the Mask most recently, or the Red October a bit earlier — have obviously required dedicated teams of highly-professional engineers to develop and run them. Such cyber-espionage networks require significant investments and top-end expertise. The danger and the potential damage such attacks can cause, for example, by the elimination of data, remains immense.”
Explaining the increasing numbers of attacks targeted at particularly banks and financial institutions, he said “The answer is straightforward: because that is where the money is. Banks and financial institutions rely heavily on complex IT-systems, and they are the most obvious high-value target for cybercriminals who aim to steal money. They are also the backbone of any modern economy which cannot operate fluidly without a developed financial system. This makes banks and financial institutions a sought-after target for hacktivists who are aiming to cause economic damage to their foes.”
Speaking about the security threats posed to individuals as a result of online banking and social networks “I think that there is a general awareness that the Internet is not a safe place and some sort of protection is needed, but I feel that many people do not care much about, for example, using unprotected Wi-Fi networks. Many people are using online-banking services with their tablets and smartphones without being aware that it may be a dangerous thing to do.”
He furthered noted that today there are three main groups of cyber threats, which can be distinguished by their sophistication and the potential damage they can cause, “There are cybercriminals. They go after money — stealing, cheating and defrauding. Their targets are bank accounts, credit cards, online payments and sometimes even online gaming accounts. The second key threat of today is cyber-espionage. This is a rapidly growing issue as more and more corporations and governments come under attack and have their vital data stolen. The third key threat is that posed by sabotage. In our interconnected world, we are increasingly reliant on networked IT-systems, and today it’s possible to cause physical damage and even kill people,” he said.
Eugene, who began his career in cybersecurity accidentally when his computer became infected with the ‘Cascade’ virus in 1989, pointed out that Kaspersky Lab keens to continue working together with other countries to maintain cyber security; he added by saying “We work quite closely with law enforcement agencies all over the world to assist their investigations. We have been actively supporting the establishment of Interpol’s cyber division – the Global Complex for Innovation – which is due to start operating later this year.”
He announced that Kaspersky Lab working hard to raise awareness on the subject of cyber security through a variety of education programs focused on cyber security.
