Governments have fallen victim to a string of high-profile cyberattacks in recent years. German IT expert Sandro Gaycken tells DW about cybersecurity’s shortcomings and why he thinks Kaspersky did not work with Russia.
DW: At the end of October, a new virus called “BadRabbit” attacked computer systems in Russia, Ukraine, Germany and other countries. Among the victims were media organizations, ministries and various businesses. The last few months have seen similar attacks by viruses like “WannaCry” and “Petya.” Can we defend ourselves against these infiltrations?
Sandro Gaycken: No, not really. There are of course a number of IT-security technologies, but they’re all still in pretty early stages and only work to a limited degree. That’s why it’s hard to protect yourself, especially when the attacker is somewhat clever.
Is that our new reality?
Yes, right now it is. But a lot of money is currently being invested in the cybersecurity market, so better products are on the way. But it’ll take at least five to eight years [to get them ready].
What is your advice? How could we at least limit the damage?
Don’t connect your devices to the internet.
In the US, public authorities are not allowed to use products by Russian cybersecurity company Kaspersky anymore. The government ban was triggered by reports about Russian intelligence agencies using Kaspersky software to get their hands on NSA data. Kaspersky denies any sort of cooperation with Russian intelligence agencies. The company also advises NATO on cybersecurity issues. Will other NATO states follow the US example and cease cooperation with Kaspersky?
I haven’t heard that. German industry players and German authorities still trust Kaspersky, they’ve been working together for a long time. There’s the assumption a little bit that there’s industrial politics behind it, too. In Germany there were no concrete indicators found that would make Kaspersky any more suspicious than other software alternatives.
Of course all IT-security products have the problem that they are vulnerable, too. That’s not something you’d think as a layman, but cybersecurity products can have faults as well and sometimes just aren’t programmed well enough.
Kaspersky will have certain targets that can be attacked more easily, just like the big US companies have those, too. You can then say these targets have been put there on purpose, or you don’t believe that. But as long as no one can present intelligence-based evidence, it’s all speculation.
So you as an expert don’t see the use of Kaspersky software as dangerous?
I assume that the Russian as well as the American intelligence agencies have access to all big IT-security products anyway, or at least they could get access. So it doesn’t really make a difference. You just have to decide where you want to have which security level, what kind of IT-systems you need and whether they have to be connected to the internet.
Should Kaspersky users be worried about the fact that the head of Kaspersky graduated from a KGB academy and is friends with several Russian intelligence officials?
That’s normal in the security community. If you work in any type of technical security, you’ll almost always work with intelligence agencies. Especially people who are good in their fields come from this technological intelligence area. That’s not different in Israel. That alone is not an indicator.
Of course it would seem fitting for a Russian company to [work with intelligence agencies]. But it would be extremely ill-advised for Kaspersky to let this happen. If this came out, massive losses would be the consequence.
Sandro Gaycken is an expert for cyber and network security and is an advisor to the Bundestag, NATO and the European Union.