BOSTON -- Citing the need to better secure critical infrastructure from cyberattacks, Kaspersky Lab CEO Eugene Kaspersky said he has set aside a dedicated team of engineers to produce a hardened operating system capable of protecting and monitoring industrial control systems.
The right way is to protect the computer that manages SCADA.
CEO, Kaspersky Lab
In October, Kaspersky confirmed in his personal blog that the company was developing a secure operating system designed to protect industrial control systems.
He gave few details about the system during a luncheon with reporters on Tuesday. An engineering team is developing a platform that can be used to protect critical infrastructure facilities, such as power plants and manufacturing facilities that use sophisticated software to manage complicated processes, he said.
"The right way is to protect the computer that manages SCADA," Kaspersky said. "The products must be done by companies that produce industrial control systems. We'll provide the platform … and educate them to build the traditional software for their systems based on the secure platform."
Security experts have been advocating the need for critical infrastructure protection following a wave of what is believed to be nation-state sponsored attacks. Discussion about Industrial control system security was fueled in part by Stuxnet, which was designed to target the sensitive control systems at an Iranian uranium enrichment facility. Kaspersky said the system his team is working on would be designed to prevent custom malware, such as Stuxnet, from hooking into or mirroring system processes.
Kaspersky Lab CEO
Companies must get better at making hacking corporate networks complicated and costly for cybercriminals, explains Kaspersky Lab CEO Eugene Kaspersky.
Kaspersky described the platform being produced as a "micro-kernel" system that would isolate processes and tightly control trusted applications, and monitor and restrict their behavior. The security would be managed at the kernel, ensuring applications would not have access to unneeded system processes. "Applications can't connect to system resources without special permission," Kaspersky said.
The project is far from being complete, he said, adding that it won't likely be a product sold commercially, but rather a platform licensed by industrial control system manufacturers. "We want to get this out ASAP," Kaspersky said, refusing to outline a timeline.
The platform will help solve the issue of patching industrial control systems, which is rarely done, Kaspersky said. Monitoring capabilities built into the platform would ensure slight data changes that could impact the performance of an ICS system can't take place, Kaspersky said. The CEO is currently reaching out to its partners as part of the development project, he said.