Kaspersky launches Industrial Cybersecurity Solution in Malaysia 1

Kaspersky launches Industrial Cybersecurity Solution in Malaysia


Back in the good old days, strategic attacks on infrastructure by belligerents usually relied on a good helping of ordnance. These days, a savvy operator doesn’t even need to send a single bomber, much less a drone. Now, all it takes is some perp with a keyboard and a virus to launch a cyberattack in order to knock out critical infrastructure. No, it’s not the juvenile act of knocking out access to a website or some such tripe. Imagine if someone managed to hack into a nuclear reactor and caused it to go awry. Imagine someone hacking into a country’s power grid and knocking it out or worse.

Think it’s all fiction? No, it isn’t. In 2010, Iran’s nuclear power programme encountered massive setbacks on account of a custom-engineered Stuxnet worm introduced into the mainframes running the nuclear centrifuges that made them tear themselves apart. To date, no nation state nor any group has admitted responsibility for the act. The motivations for these acts vary from ideological reasons all the way up to a strategic goal by a hostile nation state but the potential outcome as well as the implications are chilling.

While Stuxnet is the most publicised case in recent memory, it highlights the fact that a nation states’ critical physical infrastructure: everything from power plants all the way down to the traffic lights managing traffic on each street corner is potentially vulnerable to infiltration and malicious malware. While it has its benefits, improved convergence and connectivity have made things easier to manage remotely and also far easier to disrupt for someone with malicious intent.

Nation states have been slow to adopt or recognise cyberwarfare as an increasing threat: it’s the invisible bogeyman and few are ready to tackle it head on bar a select few countries that have placed it as a national priority. Unfortunately, not all countries exhibit a similar level of readiness in terms of preparation for cyberattacks. Kaspersky, in a recent report determined that Malaysia was somewhere in the middle of the list in terms of preparedness against concerted cyberattacks at 15%, placing it with a moderate risk level better than Thailand and about par with Argentina . The United States was the most prepared of all in the report. According to the Kaspersky Lab Industrial Cyberthreats Real-Time Map, Malaysia is 66th on the list as a target for cyberattacks.

Kaspersky launches Industrial Cybersecurity Solution in Malaysia 2
According to Kaspersky in a recent press conference, Malaysia’s industrial sector contributed 36.8% of the country’s GDP in 2014 and employed 36% of the labour force in 2012. That’s quite a huge chunk of the pie any way you slice it and having some malicious hacker knock it out would be catastrophic to say the least.

In order to offer a comprehensive solution to protect strategic infrastructure and industrial assets, Kaspersky launched their Industrial Cybersecurity (KICS) solution in Malaysia. Rather than a ‘one size fits all’ solution, KICS is not so much software nor is it an educational workshop for but a combination of both with extensive customisation based on what industry assets are being protected. Kaspersky sends in teams of consultants who analyse the myriad systems that make up that particular industry’s infrastructure and then customises a solution that hardens and protects vital areas from cyberattack without gumming up the works.

Kaspersky launches Industrial Cybersecurity Solution in Malaysia 3
Rather than building an impenetrable front wall in terms of defending industry assets, KICS works on a defense-in-depth theory by detecting and preventing threats as well as educating and preventing potential breaches at all levels of a nation’s infrastructure and personnel hierarchy. Even if a perp manages to get in, the theory is that they can’t go far.This starts with basics like not slotting in random flash drives you find on the floor into  your office PC all the way to sandboxing suspicious files and awareness against phishing and social engineering attacks.

Kaspersky launches Industrial Cybersecurity Solution in Malaysia 4
When push comes to shove, KICS also has penetration testing teams to act as an OPFOR of sorts, working to detect vulnerabilities so that they can get patched up immediately. While it sounds like something wonderful to have, it’s unfortunately designed for large strategic level assets like electric grids, oil and gas plants and it’s a bit too hefty for anything smaller than that. There’s no official word on if Malaysia is adopting KICS though Sylvia Ng, General Manager of Kaspersky Lab Southeast Asia said,”We are currently in a lot of discussions and have done some preliminary mapping.” For more on Kaspersky and their KICS solution check out their official website here.