Tuesday, 17th September 2019

Top eight things learnt from Kaspersky Next 2018

At the annual Kaspersky Next event (formerly Cyber Security Weekend), speakers from Kaspersky Lab, Oxford University, Cyber Security Capital, Titania, the Electronic Frontier Foundation and the Serbian Information Comissioner’s Office came together in Barcelona to discuss what’s next for the industry and for technology. Talks covered topics as far ranging as women in cybersecurity, privacy and the evolution of industrial cyber attacks.

Here are eight of the most interesting things learnt from this year’s event:

  1. Stolen data has more than just one use for cyber criminals

Stolen data has a very limited resale value, David Jacoby from Kaspersky Lab estimates you are only worth about $50 on the black market – so why do our accounts and identities remain an attractive target for cybercriminals? David explained how trading in stolen accounts is an easy way for criminals to launder money for more sinister criminal activity such as drug dealing, human trafficking and the selling of arms.

  1. Nation states are beginning to use publicly available tools

Christian Funk from Kaspersky Lab has been seeing that, to avoid attribution, Nation State threat actors have started using publicly available tools for pen testing, network administration or just Windows Powershell. Then, during incident response and analysis, it is impossible for researchers to find the code similarities between distinct samples that would usually a sure-fire way to attribute the attack.

  1. By 2022, the skills gap between available cybersecurity professionals and unfilled positions will be 1.8 million

Jane Frankland, author of IN Security, explained how by developing a more diverse workforce and recruiting people with diverse skills in communication, creativity and management can help us get ahead of the cyber criminals by challenging conventional thinking. She reminds the industry that simply by interacting with people who are different forces us to prepare better, anticipate alternative viewpoints & expect that reaching consensus will take effort. Ilijana Vavan, Managing Director of Kaspersky Lab Europe, then also joined Jane on stage to talk about her approach to getting more women into a cyber security career, and how Kaspersky’s CyberStarts initiative is the company’s commitment to diversifying talent.

  1. Hacktivists modified the chemical mix of a water company’s supply by accident.

In her talk on the evolution of attacks on industrial control systems, Noushin Shabbab gave us examples of when cybercriminals have successfully carried out attacks on these systems, reminding us that it is a real threat that is already underway. In 2016, a Swiss water company using a 1980s IBM server was hacked by a group who managed to modify the application settings affecting the chemical balance of the water with apparently very little knowledge of what they were actually doing.

  1. To ensure the physical safety of a patient, security is ignored

In their ‘Memory Market’ presentation, Dmitry Galov, Kaspersky Lab; Denis Makrushin, independent researcher and Laurie Pycroft, Oxford University, told the audience about the conflict for medical implant developers as brain implants become more sophisticated and connected. Since such an implant needs to be controlled by physicians remotely in emergency situations, it needs to be fitted with some sort of software ‘backdoor’, therefore opening the risk of being manipulated by threat actors.

  1. Within 30 years our memories could be completely controlled by others

Dmitry and Laurie predict that by the 2020s, it will be possible to electronically record the brain signals that build memories, then enhance or rewrite and reinstall them in the brain. By the 2030s, the first commercial memory boosting technology will be available and, by the 20140s, this technology will be able to give extensive control over our own, or others’, memories.

  1. There is a global agreement never to use autonomous weapons

Nicola Whiting from Titania took the audience through the good and bad of AI. She revealed that the European Parliament passed a resolution calling for an international ban on lethal autonomous weapons systems (LAWS) on the grounds of their “potential to fundamentally change warfare by prompting an unprecedented and uncontrolled arms race,” as well as “fundamental ethical and legal questions of human control.”

3,000 A.I. and robotics researchers, including 116 founders of leading robotics and artificial intelligence companies, influenced this resolution, warning about lethal autonomous weapon systems, and pledging “never to develop, produce or use lethal autonomous weapon systems.”

  1. Privacy is not dead

Marco Preuss from Kaspersky Lab, Eva Galperin from the Electronic Frontier Foundation and Nevena Ruzic from the Serbian Information Comissioner’s Office discussed the realities of protecting privacy in today’s age of data promiscuity. Each came from a different background and angle on the topic but agreed that with the GDPR, tools like the new Privacy Audit and sites like haveibeenpwned.com, it’s possible to get a control of where your data is to start regaining control of it.

Ilijana Vavan, Managing Director of Kaspersky Lab Europe commented on the event: “It’s been amazing to see the range and breadth of research currently being conducted in the interest of our future. This year’s Kaspersky Next event looked at not just what is next for us in technology with regards to the risks and advantages of AI and the fascinating topic of brain implant hacking but also asked what’s next for us as an industry as we aim to plug the skills gap and how we get more women to help us do this. I’d especially like to mention our amazing third party speakers who came from across Europe, and as far away as the US, to share their insights into the future of technology and the cybersecurity industry. It’s events like this that make me feel especially proud of Kaspersky Lab’s commitment to research and collaboration in making the world a safer place from cyber threats.”

WorldStream has launched its next-generation anti-DDoS platform, WorldStream DDoS Shield. WorldStrea...
NetApp survey shows that visibility into cloud usage and spending are still major concerns; only 31%...
Autonomous endpoint security thoroughbred wins race to protect global digital content provider.
Barracuda’s Secure SD-WAN platform delivers industry-leading security, connectivity, and automation...
F-Secure's global honeynet measured twelve times more attack events in H1 2019 than in H1 last year.
Half of professionals also admitted concerns around their current cloud providers.
Hogarth selected Pulse Secure’s VPN and NAC solutions to ensure workforce is authenticated, authoris...
Nearly one-third (32%) of IT group employees in SMBs and mid-market enterprises globally said their...