Eugene Kaspersky has reiterated his long-standing support for Internet IDs, and called for all SCADA systems to be redesigned around a secure operating system, to protect critical infrastructure from cyber-attack.SCADA is so vulnerable, Kaspersky told the AusCERT audience: “It’s not possible to protect. Stuxnet told us that modern systems are not protected at all. SCADA could be very easy victims – the result of an attack could be like Stuxnet but everywhere.”He said his company’s research suggests that malware costs the world economy $US100 billion each year, and noted other vendors estimates of the total trillion-dollar cybercrime industry mean that, “because of cybercrime, we have the equivalent of two or three Japanese tsunamis a year” of economic damage.People “need to understand the danger of cyber-weapons and of cyber-war to ruin national infrastructure. Transportation, power-grids, power plants … it would take us back to the pre-electric era.” “The only way to protect critical infrastructure – is to redesign SCADA systems based on a secure operating system. It is possible to do, but it requires a redesign of all the software for industrial systems.”However, Kaspersky said, the only possible way to achieve such a radical redesign of the SCADA world would be with government support. He noted increased government awareness of Internet issues: “Governments have to be leaders … they have to make this world more regulated, more secure. The good news is that finally they recognize that cybercrime is a very serious issue.” However, at the same time Kaspersky lamented the heavy-handedness of laws such as those being implemented in the UK.Likewise, Kaspersky said, the increased participation of government in cyberwarfare leads him to believe that escalation is almost inevitable – and, he said, the similarities of different systems around the world means that a cyber-conflict between two countries could result in critical infrastructure attacks in unreleated countries.“It’s our responsibility to design this world in a more secure way for our children,” was Kaspersky’s conclusion.#auscert2012Follow @CSO_Australia and sign up to the CSO Australia newsletter. Related content news Google Chrome zero-day jumps onto CISA's known vulnerability list A serious security flaw in Google Chrome, which was discovered under active exploitation in the wild, is a new addition to the Cybersecurity and Infrastructure Agency’s Known Exploited vulnerabilities catalog. By Jon Gold Oct 03, 2023 3 mins Zero-day vulnerability Vulnerabilities Security brandpost The advantages and risks of large language models in the cloud Understanding the pros and cons of LLMs in the cloud is a step closer to optimized efficiency—but be mindful of security concerns along the way. By Daniel Prizmant, Senior Principal Researcher at Palo Alto Networks Oct 03, 2023 5 mins Cloud Security news Arm patches bugs in Mali GPUs that affect Android phones and Chromebooks The vulnerability with active exploitations allows local non-privileged users to access freed-up memory for staging new attacks. By Shweta Sharma Oct 03, 2023 3 mins Android Security Vulnerabilities news UK businesses face tightening cybersecurity budgets as incidents spike More than a quarter of UK organisations think their cybersecurity budget is inadequate to protect them from growing threats. By Michael Hill Oct 03, 2023 3 mins CSO and CISO Risk Management Podcasts Videos Resources Events SUBSCRIBE TO OUR NEWSLETTER From our editors straight to your inbox Get started by entering your email address below. Please enter a valid email address Subscribe