Eugene Kaspersky, founder of the cyber security firm that bears his last name, gave a talk on criminal malware and infrastructure attacks to Australia’s National Press Club last week. During the talk, which you can watch in full in the video above, Kaspersky said three things that made Quartz sit up and listen:
The International Space Station has been infected by viruses before, and they came from the USB devices of scientists.
starting at 18:05 (emphasis ours)
The International Space Station, they have Linux. It also has SCADA. Do I need to explain what SCADA is? It’s a computer system which manages a physical environment…Do you think the space guys do some manual job there to change the configuration? No. [Simulates typing on a computer keyboard]. That’s it…
And scientists from time to time, they come into space with USBs, which are infected. I’m not kidding. I was talking to the Russian space guys and they said yes, from time to time there are virus epidemics in the space station.
A Russian nuclear power plant got infected by Stuxnet
26:55
How many computers, how many enterprises were hit by Stuxnet in the United States? Do you know? I don’t know, but many. Last year, for example, Chevron agreed that they were badly infected by Stuxnet.
A friend of mine working in a Russian nuclear power plant once, during the Stuxnet time, sent a message that their nuclear plant network, which is disconnected from the internet…was badly infected by Stuxnet.
More malware is written in Chinese than any other language, followed by Spanish or Portuguese, and then Russian.
29:50
The main danger is from the Russian criminals, because they are the most smart guys…Russian software engineers are the best, and Russian malware engineers are the best. They are the most dangerous. Well, I don’t want to say Russians. Russian-speaking…
In terms of numbers of attacks, Chinese-speaking malware, Chinese-speaking criminals, they are more than half of the attacks. Second place: Spanish and Portuguese…in some cases we don’t know, is it Spanish? Portuguese? Those are close languages.
So, number 1 is…Chinese-speaking malware. Number 2: Spanish/Portuguese-speaking malware. Number 3: Russian-speaking malware. But Russian-speaking malware is the most complicated.