DUBAI — Antivirus-software company Kaspersky is developing a secure operating system to run computers inside nuclear power plants and other vital infrastructure and industrial plants, its founder and chief executive said.
Eugene Kaspersky, a Russian computer scientist who became a multimillionaire cybersecurity expert, said at a news conference in Dubai that the system was at the prototype stage and that his Moscow-based company is in talks with government institutions about installing the new operating system.
He declined to identify any, saying the talks were confidential.
Energy and water plants, factories and transportation systems are typically run with supervisory control and data acquisition, or SCADA, systems accessible via conventional computer networks, making them vulnerable to hackers, Kaspersky said.
SCADA software is sometimes left unaltered for decades, which means that it does not get updates to protect against security bugs as they are discovered.
"It's not possible to design SCADA in a secure way, so the most obvious solution is to have a secure envelope that monitors what's going on within SCADA," Kaspersky said Tuesday. "Engineers travel with laptops, USBs, so even if the system is disconnected from the Internet, there is traffic."
Hacking was once seen as the preserve of rogue programmers working alone or in small groups. Thy usually targeted company websites and caused little long-term damage.
But the rise of "hacktivist" collectives and suspected state-sponsored cyberattacks has shifted the threat toward government-run institutions and energy, transportation and telecommunications networks.
Many such plants use firewalls designed to protect SCADA systems from being infiltrated by malicious bugs. But Kaspersky said he was developing an entire security-focused operating system to beef up their security further.
Some 30,000 computers at Saudi Arabian state oil producer Saudi Aramco were infected in August, although there is no evidence that the virus got into its industrial control systems. But the Stuxnet worm, which penetrated Iran's nuclear enrichment facility, is now freely available on the Internet.
"After Stuxnet, the attacks on Aramco and other incidents, governments and enterprises are listening," Kaspersky said.
Earlier this month, U.S. lawmakers said China's top telecom-equipment makers should be shut out of the U.S. market because they pose a potential security threat, but Kaspersky was unconcerned that his new operating system might attract similar concerns.
"This system is quite compact," he said. "It's easy to check; it doesn't have extra functionality. You own it."
Related articles:
A Message from The Moscow Times:
Dear readers,
We are facing unprecedented challenges. Russia's Prosecutor General's Office has designated The Moscow Times as an "undesirable" organization, criminalizing our work and putting our staff at risk of prosecution. This follows our earlier unjust labeling as a "foreign agent."
These actions are direct attempts to silence independent journalism in Russia. The authorities claim our work "discredits the decisions of the Russian leadership." We see things differently: we strive to provide accurate, unbiased reporting on Russia.
We, the journalists of The Moscow Times, refuse to be silenced. But to continue our work, we need your help.
Your support, no matter how small, makes a world of difference. If you can, please support us monthly starting from just $2. It's quick to set up, and every contribution makes a significant impact.
By supporting The Moscow Times, you're defending open, independent journalism in the face of repression. Thank you for standing with us.
Remind me later.