Eugene Kaspersky highlights Cyber Immunity at NCSA conference 

The number of devices connected to the internet continues to grow exponentially, and so as cybercriminals’ interest. Cyber threats can cause physical damage, for instance, to industrial plants, energy facilities, and smart city systems. The information security industry is creating more security technologies, but often it is merely playing catch-up with the attackers.

Eugene Kaspersky, CEO of Kaspersky, underlined the concept of “Cyber Immunity” at the public lecture hosted by Thailand’s National Cyber Security Agency (NCSA).

He shared an in-depth overview of cybersecurity trends and the company’s trademarked vision in his presentation titled “Cyber Immunity for a Secure Digital World”.

Kaspersky’s Cyber Immunity concept implies that the overwhelming majority of cyberattack types are ineffective and cannot affect a system’s critical functions in the usage scenarios specified at the design stage. 

Cyber Immunity can be achieved by using KasperskyOS and following certain secure software development methodologies while creating a solution, such as defining security goals and assumptions and ensuring they are accomplished in all usage scenarios, isolation of security domains and the control of interaction among them, and cybersecurity of the solution’s whole trusted computing base.

On stage, he noted that from year to year, the cyber threat landscape gains in both complexity and sophistication. Cybercriminals harm businesses with headline-grabbing attacks targeting IT and telecoms, healthcare, financial services, industrial plants and critical infrastructure, and so on. No sector is 100% safe. Globally, Kaspersky researchers observe that highly complex, professional attacks have become massive in their scale. 

In 2022, Kaspersky’s detection systems discovered an average of 400,000 new malicious files daily, demonstrating a 5% jump when compared to 2021. In total, approximately 122 million malicious files were detected in 2022, 6 million more than the previous year.

Thailand demonstrates interesting numbers for its OT systems. For the major malware types, percentages are slightly lower in the country or almost equal to the world’s average values. But % of OT computers on which malicious documents and viruses were blocked in 2022 in Thailand is noticeably more than the world’s average.

As malicious documents are most often delivered by phishing attacks, Kaspersky suggested anti-phishing protection improvement in the country – both from the technical measures perspective and from the general security awareness and security culture perspective.

 
Kaspersky researchers see that Thailand's 2022 rates are lower for all the industrial sectors, when compared to the world’s average, except for the Manufacturing and OT Engineering & Integration. As OT Engineering and Integration companies frequently experience cyber threats on their computers running various OT software, those computers may become entry points for attacks affecting their customers. In other words, for the industrial organizations in Thailand, the company sees higher risks of supply chain attacks, that need to be mitigated.

 
Although being far from the world’s most cyber-secure countries, Thailand performs well compared to other countries in the region. 

The four major problems to address that are noticeable at such a high-perspective picture are: 
1.    phishing, 
2.    unprotected OT computers spreading viruses and worms,
3.    noticeable risk of ransom attacks inside the OT perimeter,
4.    high risks of supply chain attacks because OT Engineering and Integration systems are highly exposed to cyber threats.

Kaspersky said: “Kaspersky Cyber Immunity is an approach we recently trademarked in both the United States and the European Union. It represents a secure-by-design system that affords to the creation of solutions that are virtually impossible to compromise and that minimize the number of potential vulnerabilities. Essential elements of this concept are our solutions like Kaspersky Secure Remote Workspace, our first and next-generation IoT gateways, and all the upcoming KasperskyOS-based products developed to create a more secure digital world.”

“We are delighted to have Eugene Kaspersky and his team for the public lecture today. NCSA is determined to improve our cybersecurity expertise and raise cyber threat awareness here in Thailand in order to undertake integrated and responsive action. We are certain that this continued collaboration between the two entities as well as Kaspersky’s knowledge and experience will be applied to maintain and enhance our very own cybersecurity capabilities,” stated Major General Teerawut Wittayakorn, Deputy Secretary-General of NCSA.

“At Kaspersky, our mission is to build a safer world, and we are very excited about the possibilities to achieve this with Thailand’s NCSA. We strongly believe that collaborations and mutual cooperations between government agencies and cybersecurity firms like us can boost the world’s cyber safety,” adds Kaspersky.
Taking Kaspersky’s findings into the consideration, the company recommends the following to entities in Thailand:

•    Invest into general cybersecurity awareness. Train your personnel on how to protect from phishing emails and how to cyber-securely behave when performing other activities.
•    Protect as much of your OT environment with effective cybersecurity solutions as you can. Isolate nodes (both with the help of technical and organizational measures) that could not be protected for a reason. Make sure they do not spread virus and worm infections.
•    Make sure you are well-protected from ransom threat. Protecting organizations’ perimeter, making sure the password policy is strong, the accounts are not stolen and leaked, the nodes are protected with respect to all the vendors recommendations – are the most important things to do. You should also have a detailed plan, well-trained cybersecurity team and all the prepared tools at their hands for the case of an incident.
•    Invest in controlling the cybersecurity state of your supplier organizations. Make sure they do not connect any equipment of theirs, that is not protected enough, to your IT and OT systems. Make sure they follow all your cybersecurity policies.