INFOSEC: CYBER SECURITY RESEARCHER Eugene Kaspersky has warned that it's only a matter of time before terrorists adopt state sponsored style attacks such as Stuxnet and Red October to target countries' critical infrastructure.
Speaking at the Information Security conference in London today, Kaspersky said that these types of attacks are "the worst of the worst" in cyberspace at the moment.
"We are in an era of cyber weapons and cyber warfare. Until now, the source of attacks [on critical infrastructure] looks to be government sponsored," Kaspersky said.
"We don't have any report about traditional terrorists getting access to the same technology but I'm afraid it's just a question of time. So this is the worst of the worst, when cyber terrorists and cyber guerillas will attack businesses anywhere around the world."
Explaining that the people using state sponsored attacks are "very professional" as they are learning from victims as they grab data - and infect victims over and over on a loop - Kaspersky said that there are three types of worst case scenarios in the event terrorists adopt this style of attacks.
The first, he explained, is attacks on industrial systems like power plants, power grids, telecommunication, transportation and healthcare.
He noted that telecoms companies are at the most risk from possible cyber terrorists as they have no protection to adopt yet against them.
"[As for telecom protection], I have no idea. The only protection is the brain," Kaspersky said. "To protect their national internet mobile networks from these huge attacks... I'm afraid there is no way, [the] only way is to be ready for these attacks and to manage the damage."
He said in this event, rescue teams would have to fragment the network to "cut it into pieces" and restore it, but during this time customers would have no access to the mobile network.
Kaspersky explained that the second worst case scenario is an attack on critical IT infrastructure, which could paralyse data for oil producers for example, as many huge corporations don't know how much they depend on IT infrastructure until an attack comes.
The third worst case scenario according to Kaspersky is an attack on the government, especially education, and that we need preperation on an international level to find the bad guys "before they press the button".
"The good news is I don't have any idea worse than that," he added.
Kaspersky explained that terrorists will likely turn to cyber threats as they are much cheaper and easier to develop than traditional forms of terrorism, such as physical weapons or missiles, for example. µ