Kaspersky Lab Hacked: What Hope For the Rest of Us?

By Steve Anderson June 11, 2015

Usually when there's been some kind of major hacking, we get word from security firms like Kaspersky Lab and the like telling us about how important strong passwords are and how we need to rotate such passwords and other similar tips. But what happens when it's the security firms like Kaspersky Lab that get hacked? That's just what happened Wednesday.

While the Moscow-based Kaspersky Lab was quick to assure its customers that data was safe—reports suggest that the hackers didn't even target the user information, rather focusing on Kaspersky's internal systems and “intellectual property” storage—the fact that the company was successfully hacked at all raises distressing questions. Reports also note that the hole in Kaspersky's systems used to break into the operation in the first place had since been fixed.

Kaspersky Lab also noted that the hackers were “a generation ahead of anything seen,” and apparently focused on methods designed to exploit “zero-day vulnerabilities,” as in finding the things even the developers didn't know had gone wrong. Kaspersky wasn't naming names when it came to who it believed attacked, but suggested that a government was behind it due to the sheer costs of the infrastructure needed to stage such an attack.

But if Kaspersky Lab itself—whose tools are frequently used by companies who want to protect against such a fate—is hacked, then what hope do the rest of us have to remain safe from intrusion? Attacks are happening on a daily basis by some reports, and indeed, word from Verizon Enterprise Solutions estimates that there were 700 million compromised records from companies worldwide combining to make losses of $400 million total in just 2014. But the picture is likely even worse than that; Verizon Enterprise Solutions' study was reportedly based on 70 organizations that supply data for the study, so the actual losses of the other firms that exist and have suffered losses would likely make those totals soar.

via Shutterstock.com

There is, of course, one great point protecting most of us; most hacks are nowhere near this complex or aggressive. Most hacks seen by regular people are simple affairs that can often be turned away with a fairly decent password. The kinds of hackings seen by places like Kaspersky are huge affairs requiring ridiculous amounts of funding to carry off, something that's not going to be done by someone wanting access to a bank account that may contain four to five figures. Essentially, the hope that most of us have is that the return on investment isn't going to be sufficient; sure, if Kaspersky can be broken, anyone can be broken, but look at what it would take. A person could invest in a great security system only to discover that a particularly ambitious thief took a chainsaw to the side of the house.

In a way, none of us are ever safe. But thieves are no different from any other business in one particular point: thieves must be profitable to survive, and no thief will survive long using Kaspersky-grade methods to break into a PayPal account. So the normal protection methods will likely be proof against the normal attacks, and most of us can sleep soundly at night knowing we probably won't be hacked by a government sufficiently ambitious to attempt to break into an operation like Kaspersky.




Edited by Stefania Viscusi

Contributing TechZone360 Writer

SHARE THIS ARTICLE
Related Articles

6 Challenges of 5G, and the 9 Pillars of Assurance Strategy

By: Special Guest    9/17/2018

To make 5G possible, everything will change. The 5G network will involve new antennas and chipsets, new architectures, new KPIs, new vendors, cloud di…

Read More

Putting the Flow into Workflow, Paessler and Briefery Help Businesses Operate Better

By: Cynthia S. Artin    9/14/2018

The digital transformation of business is generating a lot of value, through more automation, more intelligence, and ultimately more efficiency.

Read More

From Mainframe to Open Frameworks, Linux Foundation Fuels Up with Rocket Software

By: Special Guest    9/6/2018

Last week, at the Open Source Summit, hosted by The Linux Foundation, the Open Mainframe Project gave birth to Zowe, introduced a new open source soft…

Read More

Unified Office Takes a Trip to the Dentist Office

By: Cynthia S. Artin    9/6/2018

Not many of us love going to see the dentist, and one company working across unified voice, productivity and even IoT systems is out to make the exper…

Read More

AIOps Outfit Moogsoft Launches Observe

By: Paula Bernier    8/30/2018

Moogsoft Observe advances the capabilities of AIOps to help IT teams better manage their services and applications in the face of a massive proliferat…

Read More