Executives from security software developer Kaspersky told CDN that the level of sophistication in the Stuxnet super worm could challenge the competitivness of Canadian businesses.
Nancy Reynolds, senior vice-president of corporate sales and support for Kaspersky Americas, said Stuxnet is a good example of a worm that can take down countries, and it targets control systems. “This is a form of cyber terrorism is what it is and it will impact government competitiveness if they don’t protect themselves,” she said.
Kevin Krempulac, Canadian general manager for Kaspersky, added that Stuxnet has been a real eye-opener for government. “Stuxnet is the first display of cyber terrorism and it can cripple a nuclear plant and hydro grids and you have to believe these types of attacks will continue as time goes on.” he said.
The Stuxnet worm first appeared in June of this year and according to published reports targets Internet-based industrial controls that are largely Windows-based. Speculation has it that the country of Iran’s enriched uranium supply was its main target.
Sean McGurk, acting director of the National Cybersecurity and Communications Integration Center in the U.S. department of Homeland Security, called Stuxnet a game-changer for business and governments. He said Stuxnet was likely developed by a well-financed team and it has the capability to modify the files of software running industrial control systems and can steal the data contained there without the owner knowing it. McGurk told this recently to the U.S. Senate Homeland Security and Governmental Affairs Committee.
In Canada, Krempulec said the government has shown some responsibility, coming up with Bill C-28.
Bill C-28, also called the “anti-spam bill” or Fighting Internet and Wireless Spam Act (FISA), is a key part of the Canadian government’s digital economic strategy. The intent of C-28 is to deter harmful and misleading forms of spam, namely identity theft, phishing and spyware. The government hopes to dramatically reduce spam in Canada with this proposed legislation.
“I think Bill C28 is a good first step and shows responsibility,” Krempulec said.
Reynolds added that she expects other governments follow with this type of legislation.
While it was not timed with Stuxnet, Kaspersky released eight new product refreshes last month to combat malware that include mobility and Mac-based solutions.
“We certainly are now able to cover the wide gamut of attacks and we want to lead and be innovative in this space. We think we have made a difference with security solution for Oss and platforms,” Reynolds said.
Krempulec said these new products will provide protection from the end point to the gateway and everything in between. “Devices are everywhere these days and that means data is everywhere. It’s on multiple OSs such as Linux, Mac, Novell, Android, RIM and we have to have protection that is across the board but be centrally managed,” he said.
— With files from Grant Gross, IDG News Service
Follow Paolo Del Nibletto on Twitter: @PaoloCDN.