Dubai: Security solutions provider Kaspersky Lab has confirmed it is developing technologies for a secure operating system aimed at protecting nuclear power stations, energy supply and transportation control facilities, financial and telecommunications system.
“We are in talks with certain governments about this and it will take time, but we are not in to compete with Microsoft. It will to provide another layer of protection from major exploits, disgruntled employees and attackers,” Eugene Kaspersky, CEO and co-founder of Kaspersky Lab, said.
The OS will be designed to block sophisticated pieces of malware like Stuxnet, an exploit that would spread via Windows machines and targeted Siemens industrial software and equipment, many of which affected Iranian organisations that were also linked with the country’s uranium enrichment infrastructure.
It won’t be a fully-featured operating system, like the Windows or Mac OS software you see today, but it will run on top of existing platforms, “controlling ‘healthy’ existing systems and guaranteeing the receipt of reliable data reports on the systems’ operation,” Eugene said.
“Our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media”
“We’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity. This is the important bit: the impossibility of executing third-party code, or of breaking into the system or running unauthorized applications on our OS; and this is both provable and testable, he said.
Kaspersky recognises that instead of rewriting the software from the ground up, it can provide a secure environment that lies in-between the important parts of industrial systems, isolating malware and ensuring they don’t reach the critical areas of systems that maintain sewage levels, route phone calls or control power levels.
The company believes it can use its security expertise to build and deploy an effective protection platform for important control systems, making sure the public at large isn’t notified of a high-profile attack.
“We can’t let cyber-warfare stall human progress, as it threatens not only governments and businesses, but regular people as well,” commented Eugene after the event.
“Our first priority is to make sure that cyber threats will not affect critical infrastructure. This goal has to be understood and embraced by all involved parties, on an international level.”
He said international cooperation and advanced technology as the key requirements to survive the age of cyber-warfare. In his speech at the ITU Telecom World 2012 conference, Eugene Kaspersky highlighted the dangers of the cyber-arms race and showcased Kaspersky Lab’s approach to protecting vulnerable industrial systems.
“In the long run, cyber-warfare is where all parties lose: attackers, victims and even uninvolved observers. Unlike traditional weapons, tools used in cyber-warfare are very easy to clone and reprogramme by adversaries,” he said.
The most important move to survive in this environment is the “development and deployment of a new, advanced security paradigm for the most critical infrastructure,” he said.
