Eugene Kaspersky has had an interesting, varied life, with more than his share of adventures, successes and challenges. He’s seen and done a lot, but when he learned that he was going to receive an honorary degree from Plymouth University in England he was taken aback. Excited, yes, and humbled, sure. But also somewhat surprised because, to his way of thinking, if the CEO of a security company is important enough to receive such an honor, it’s not a good sign for the direction things are going with online attacks.
In an interview just before the ceremony in Plymouth, UK, last week, Kaspersky discussed the current state of cybersecurity, the biggest threats to consumers in the coming months and years and whether international cybercrime laws are ever going to improve.
Threatpost: What was your first thought when you got the news that you were getting the honorary degree?
Eugene Kaspersky: My first thought was, Are you serious? I was surprised. But it was great news and I’m very proud to receive such an award. I wasn’t waiting for such an award. It’s really unexpected. I got an award from the president of Russia for science and technology, and when I found out about that we were in New York and for about half a day I was walking around so proud. I had the same feeling for this. My second thought was, if someone in security is this important, something is wrong. It means attacks are getting worse and worse.
Threatpost: You’ve been working on the education programs for a long time now. Do you think that security education is necessary for consumers as well as enterprises users and students?
Eugene Kaspersky: Yes. We’re doing a great job with our education programs. I was talking to some people from the university and they’re really happy with it, as well. It proves that our education programs work and it’s an indication that we’re doing a great job with the right people. It’s a good idea to educate consumers about security as well, especially cybercrime, because that’s the biggest worry for them. For other groups, they need to worry about cyberespionage. There are highly skilled groups doing these attacks, and we need more skill on our side. Education helps with this.
Threatpost: What are the one or two threats you worry about most right now for consumers?
Eugene Kaspersky: I worry about app stores. There are two methods for infecting things like iPhones and iPads: vulnerabilities or fake software with backdoors. I’m afraid people will use the fake software. It’s a logical attack and we’ve seen it many times on Android. We don’t know whether it’s happening on the iPhone, but it’s logical. For Apple, all it would take is a game or a piece of software that’s interesting to people, someone inserts a backdoor, and it’s only activated on that particular device. If I’m thinking about this scenario, other people are too. For Android devices, you don’t need to plant malware on official sites because it’s more wide open and there are other sites to get apps. Now with Windows 8, there’s an app store as well. But there’s probably no need to attack this as the malicious links to malware sites always work, too.
Threatpost: Do all of the consumer devices make it more difficult to protect people these days?
Eugene Kaspersky: Many people think they’re safe on their iPhones and iPads. They don’t think of their phones as computers. The tablet is a little different. It looks more like a computer. So it’s a mind problem. The challenge for security companies is to educate them about these things. At the moment, the iPhone is safe, but it could change. It’s the same thing that happened with the Mac with the Flashback Trojan. Cybercrime suffers a little right now because there’s no monoculture. There’s Windows and Android and the iPhone and other platforms. It’s more difficult to infect many computers. It will take them time to adapt to the new technology, to infect new devices.
Threatpost: So we’re going to have attacks against all kinds of devices at some point, things that aren’t even computers?
Eugene Kaspersky: In the future we’ll have things like home appliances that will be targets. One of our researchers just bought a treadmill that’s Android-based and it keeps all of your data in the cloud. So you can get it on other machines. Criminals are now facing a challenge to behave the same way in a multi-platform world. But consumers are facing criminals who aren’t going to disappear.
Threatpost: I think people often wonder why cybercrime is so bad and not many people go to jail. Is that changing?
Eugene Kaspersky: The good news is, national and international cybersecurity departments are very serious about cybercrime. The police are getting more serious and there are more and more arrests. Security technology is getting more robust and criminals are facing two challenges now: better protection and more professional cyber police.