Applied cyberimmunity: What is it?

What cyberimmunity means in practice and in the industrial infrastructure environment.

What does our concept of cyberimmunity mean in practice? Setting aside copious debate about the future of cybersecurity as an industry and about the possible ways it may develop — the philosophy of cybersecurity — Eugene Kaspersky spoke about the application of cyberimmunity last week at the Kaspersky Industrial Cybersecurity Conference 2019.

The essence of cyberimmunity is to employ a level of protection such that the cost of an attack on a company exceeds the costs of possible damages. Nowadays, no serious cybersecurity expert can give a 100% protection guarantee. At the current level of information technology development, everything can be “hacked” — the only question is how much effort attackers are willing to expend. Therefore, the only way to avoid an attack is to make it economically unprofitable to potential attackers.

Of course, doing so is not easy. The main barrier here is that most modern information systems were originally built without cybersecurity in mind, so they contain flaws that tend to be covered with suboptimal solutions. The problem is particularly pervasive in industrial cybersecurity. That does not mean that we advocate eliminating everything old and designing new systems from scratch, but we definitely believe new systems must rest on “Secure by design” principles.

Cyberimmunity in industrial environments

As one possible option for the practical implementation of cyberimmunity at critical infrastructure facilities, we see an IIoT gateway based on our Kaspersky OS. Our operating system is based on a microkernel architecture, operates in a protected address space following the “Default Deny” concept, and allows you to define business logic to the smallest detail. Thus, any actions not allowed by this logic are blocked automatically.

The system source code is available for examination by the customer. Logic is also prescribed by the customer. Thanks to this, the only real option to inflict any damage by the means of such a device is to bribe the customer and initially put a mistake in the logic. But if attackers had such an opportunity, then why would they need to hack it?

You can learn more about our operating system in 7 questions about 11-11, answered, in which Eugene Kaspersky describes the key features of the system, and the more technical What is a secure OS? by Andrey Dukhvalov, head of our Future Technology department and chief strategy architect. In addition, you can find information about our operating system on its website.