News

Eugene Kaspersky outlines secure operating system plans

Robert Westervelt, News Director

BOSTON -- Citing the need to better secure critical infrastructure from cyberattacks, Kaspersky Lab CEO Eugene Kaspersky said he has set aside a dedicated team of engineers to produce a hardened operating system capable of protecting and monitoring industrial control systems.

    Requires Free Membership to View

The right way is to protect the computer that manages SCADA.

Eugene Kaspersky,
CEO, Kaspersky Lab

In October, Kaspersky confirmed in his personal blog that the company was developing a secure operating system designed to protect industrial control systems.

He gave few details about the system during a luncheon with reporters on Tuesday. An engineering team is developing a platform that can be used to protect critical infrastructure facilities, such as power plants and manufacturing facilities that use sophisticated software to manage complicated processes, he said.

"The right way is to protect the computer that manages SCADA," Kaspersky said. "The products must be done by companies that produce industrial control systems. We'll provide the platform … and educate them to build the traditional software for their systems based on the secure platform."

Security experts have been advocating the need for critical infrastructure protection following a wave of what is believed to be nation-state sponsored attacks. Discussion about Industrial control system security was fueled in part by Stuxnet, which was designed to target the sensitive control systems at an Iranian uranium enrichment facility. Kaspersky said the system his team is working on would be designed to prevent custom malware, such as Stuxnet, from hooking into or mirroring system processes.

Kaspersky Lab CEO

Eugene Kaspersky: Enterprises must make hacking costly, difficult:

Companies must get better at making hacking corporate networks complicated and costly for cybercriminals, explains Kaspersky Lab CEO Eugene Kaspersky.

Kaspersky described the platform being produced as a "micro-kernel" system that would isolate processes and tightly control trusted applications, and monitor and restrict their behavior. The security would be managed at the kernel, ensuring applications would not have access to unneeded system processes. "Applications can't connect to system resources without special permission," Kaspersky said.

The project is far from being complete, he said, adding that it won't likely be a product sold commercially, but rather a platform licensed by industrial control system manufacturers. "We want to get this out ASAP," Kaspersky said, refusing to outline a timeline.

The platform will help solve the issue of patching industrial control systems, which is rarely done, Kaspersky said. Monitoring capabilities built into the platform would ensure slight data changes that could impact the performance of an ICS system can't take place, Kaspersky said. The CEO is currently reaching out to its partners as part of the development project, he said.


There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: