Kaspersky provides voice of dissent at London Cyber Conference

By Stuart Sumner
02 Nov 2011 View Comments
Eugene Kaspersky is chief executive of Kaspersky Lab

Amid the backslapping and predictable calls to action at the London Conference on Cyberspace today, Eugene Kaspersky was the lone critical voice, asking delegates why it has taken so long for them to respond to the cyber threat.

"I was talking about precisely these cyber security issues eight years ago, and they're only now being considered at the government level," he began, setting the tone for the rest of his controversial address.

Further reading

"I want you to think about the future, be ready for the next questions that the internet will ask us. We have to work with the speed of [technological change] otherwise we are too late."

He also disagreed with several of the points made by other speakers, notably Scott Charney, corporate vice president, Trustworthy Computing, at Microsoft, who spoke before him in today's session on cyber crime, chaired by security minister James Brokenshire.

Charney, like several other speakers, spoke favourably about the Budapest Convention, a project that aims to harmonise national laws on cyber-crime enabling international co-operation. To date around 30 states have signed and ratified the treaty.

Controversially, Kaspersky said: "I don't believe in the Budapest Convention. I don't believe more countries will sign it."

Instead he called for the creation of an international cyber police force.

"The co-operation between cyber police forces around the globe must be enabled through an independent unit.

"There's a promising project, a kind of internet Interpol. This has more chance of being successful. It's now part of the ITU [International Telecommunication Union] UN project."

He was referring to the Global Cybersecurity Agenda, which the ITU's web site describes as: "...a framework for international cooperation aimed at enhancing confidence and security in the information society."

Charney had also discussed the possibility of introducing authentication as a requirement to access internet services, a controversial measure often cited as a good way of combating cyber crime because it would guarentee traceability.

"We want anonymity on the internet as it protects freedom of speech and association. We also want accountability as criminals do bad things and we need to prosecute them," said Charney.

With the two mutually exclusive concepts seemingly presenting an impasse, Charney advocated only applying authentication requirements to certain internet functions.

"You have to ask if you want anonymity or accountability in a particular activity or function on the internet.

"If I'm engaged in online banking I want robust authentication. If I'm engaged in certain kinds of speech, I may want anonymity. So one of the challenges is to tease apart the type of activity being done to work out where we want each."

But Kaspersky was unsure that any restriction was the best approach, predicting civil unrest if internet freedom was restricted.

"[The concept of] internet IDs, whether a plastic card or a fingerprint keeps me awake at night," he began.

"Many people will disagree with it and I don't want to see thousands of people on the streets protesting about it."

He recommended that if introduced, it is done so gradually.

"It needs to be done slowly, step by step, service by service. And it's important not to make it too strong for citizens. We will need strong international co-operation over this."

He concluded by warning that he expects a repeat of industrially targeted attacks like last year's Stuxnet virus, which delayed Iran's nuclear programme.

"I'm sure Stuxnet will happen again and again," he said.

He recommended that industrial systems are redesigned to be more secure.

"It's extremely complicated and expensive to redesign industrial systems but there's no other way. We depend on electricity, transport, information, everything depends on industrial systems.

"We depend on our IT, our digital networks, the internet and mobile systems. They're changing so fast that we're very late now to start to talking about them."

Reader comments
blog comments powered by Disqus
Newsletters
Windows 9 - what do you want?

What would your business require from Windows 9 "Threshold" to make it an attractive proposition?

35 %
5 %
10 %
6 %
44 %