Can there really be unhackable systems under a recently-trademarked “cyber immunity” platform? One cybersecurity expert is betting on it.

Given the exponential growth in the number of devices connected to the internet, increases in incidences of mass cybercrime, advanced targeted attacks, and attacks on industrial and critical infrastructure are now a serious challenge to every organization and individual. 

In the Cyber Age, there is an urgent need for organizations to reconsider the design of existing infrastructure and to build and innovate around the notion of being “unhackable.” According to Eugene Kaspersky, CEO, Kaspersky, “Cyber Immunity” can be achieved through developing IT systems that are secure-by-design.

In contrast, the information security industry is creating more security technologies, but often it is merely playing catch-up with the attackers. Hence, “cyber immune” systems will render “the overwhelming majority of cyberattack types” ineffective and unable to “affect a system’s critical functions in the usage scenarios specified at the design stage.”

Achieving cyber immunity

According to Kaspersky, cyber Immunity can be achieved by using his trademarked specific operating system as a platform (containing a thin client, next-generation IoT gateways, various upcoming features) together with a specific development methodology while creating a product, such as:

    • defining security goals and assumptions and ensuring they are accomplished in all usage scenarios
    • isolating security domains and controlling of interaction among them
    • holistic cybersecurity of the system’s whole trusted computing base

In a public lecture he hosted in Singapore with Div0, Kaspersky noted how 90% of Singapore’s economy is made up of small- and medium-sized enterprises, and that within H1 2023, there were malware or unwanted software disguised as business applications were distributed and 453 unique attacks were detected targeting this sector.

Compared to the same period a year ago, the firm’s ecosystem recorded only 24 unique files being distributed, and 112 unique attacks detected. This was largely aligned with the Cyber Security Agency of Singapore’s (CSA)’s June 2023 report citing 40% of cyberattacks here being targeted at the sector.