Connect with us

Hi, what are you looking for?



Kaspersky Lab Confirms Plans For Secure OS Built For The Age of Cyberwar

Kaspersky Lab Confirms Rumors That It Has a Secure SCADA Operating System In Development

Kaspersky Lab Confirms Rumors That It Has a Secure SCADA Operating System In Development

DUBAI – ITU Telecom World 2012 – Monday at the ITU Telecom Conference in Dubai, Eugene Kaspersky, co-founder and CEO of Moscow-based security firm Kaspersky Lab, spoke on the topic of cyber-warfare and the threats organizations, governments and individuals face in the “age of cyber-warfare.”

Following Kaspersky’s keynote speech, the company officially confirmed on Tuesday, previous rumors that the Russian security firm was in the process of developing a secure operating system for industrial control systems.

Eugene Kaspersky

Kaspersky, who has been extremely vocal on the topic of cyberwar, cyber weapons, and the looming dangers of cyber attacks, is concerned over just how easy it is to develop and obtain “cyber weapons” that could inflict serious damage to targets, and even others in the crossfire.

“It’s very easy to build cyber weapons,” Kaspersky explained to an international audience during his ITU Telecom keynote.

“It’s easy because it’s software! You can modify [existing malware], change the code, and have your own cyber weapon in your hands,” he said. “That’s why I think cyber weapons and cyber attacks are extremely dangerous.”

“In the long run, cyber-warfare is where all parties lose: attackers, victims and even uninvolved observers,” he added.

Kaspersky, who has called for more cooperation between governments in the form of “cyber treaties”, continued to elaborate on measures that he believes need be taken to protect industrial control systems and critical infrastructure, and explained some of the scenarios that could occur as a result of various cyber attacks.

Advertisement. Scroll to continue reading.

Such attacks may not always stem from governments or typical cybercriminals or hacktivists. Kaspersky presented a potential scenario in which sports fans armed with the right tool(s) could wreak havoc. For example, he said, disgruntled sports fans on the losing end of a football (soccer) match could launch a damaging cyber attack against a rival city.

“Our first priority is to make sure that cyber threats will not affect critical infrastructure,” Kaspersky said in comments following the event. “This goal has to be understood and embraced by all involved parties, on an international level.”

Angry sports fans aside, Kaspersky emphasized that the threats from cyber terrorism to state-sponsored cyber attacks and cyber-espionage are all a reality.

“The world has changed. Governments are actively acquiring cyber-weapons, and this means that adequate means of protection are needed in response,” the company explained. “Still, despite the fact that key information infrastructure is extremely important, there exists today no means to properly safeguard it.”

This is where the company’s plans for a secure operating system catered to industrial control systems fit in.

Eugene Kaspersky at ITU Telecom

In addition to continuing its work as a leading anti-malware technology company catering to both consumers and businesses, Kaspersky Lab believes it has something in the works that could serve as a major component in defending against increasingly complex cyber weapons, and help protect industrial control systems that power critical infrastructure such as power grids, water facilities, airports and more.

“A new, secure unit to obtain trusted workflow information is the first step towards an efficient protection against cyber-warfare,” the company explained.

“A fully secure, trustworthy operating system is what we’re creating,” the company noted in a blog post to the Kaspersky-owned Securelist site. 

“The operating system incorporates a whole range of fundamental security principles, the observation of which will guarantee that at all times it will function the way it was designed to by its developer, and never in a different way.”

The company said that the operating system to-come is designed so that even if a component or application installed on the OS is compromised, it won’t let an attacker gain control over the system or execute malicious code.

“In taking this approach we are sure that our operating system will be completely reliable and that it could be used as a fully trustworthy source of information, which in turn is the only solid basis for building a security system of a vastly superior degree of effectiveness,” the company continued.

But how and why is an anti-virus firm building such an operating system when other tech giants like Microsoft and Apple have not?

It’s more about design and function, Kaspersky explained, noting that its system “is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media.”

The yet-to-be-named operating system will be written completely from scratch, and won’t be based on any existing code.

If we don’t succeed in reducing the vulnerabilities in our critical systems and putting defenses in place for cyber attacks, Kaspersky warned of a possible blackout, which he humorously referred to as “romantic time”, characterized candlelight and hand written letters, during Q&A following his keynote.

“We can’t let cyber-warfare stall human progress, as it threatens not only governments and businesses, but regular people as well,” Kaspersky said after the event.

While the company has confirmed its plans for the secure OS, details are quite limited at this point.

“We can’t reveal many details of the project now because of the confidentiality of such cooperation,” Kaspersky noted in his post. “And we don’t want to talk about some stuff so competitors won’t jump on our ideas and nick the know-how. And then there are some details that will remain for certain customers’ eyes only forever, to ward off cyber-terrorist abuses.”

The company told SecurityWeek they do not have any details they can share at this time in terms of a potential date for an initial version of the operating system to be officially unveiled.

Written By

For more than 15 years, Mike Lennon has been closely monitoring the threat landscape and analyzing trends in the National Security and enterprise cybersecurity space. In his role at SecurityWeek, he oversees the editorial direction of the publication and is the Director of several leading security industry conferences around the world.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


WASHINGTON - Cyberattacks are the most serious threat facing the United States, even more so than terrorism, according to American defense experts. Almost half...


Russian espionage group Nomadic Octopus infiltrated a Tajikistani telecoms provider to spy on 18 entities, including government officials and public service infrastructures.


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.


Several hacker groups have joined in on the Israel-Hamas war that started over the weekend after the militant group launched a major attack.


On the first anniversary of Russia’s invasion of Ukraine, cybersecurity companies summarize the cyber operations they have seen and their impact.


The war in Ukraine is the first major conflagration between two technologically advanced powers in the age of cyber. It prompts us to question...


Websites of German airports, administration bodies and banks were hit by DDoS attacks attributed to Russian hacker group Killnet

Application Security

Virtualization technology giant VMware on Tuesday shipped urgent updates to fix a trio of security problems in multiple software products, including a virtual machine...