Kaspersky Launches “Cyber Immunity” for Device Security

Kaspersky is promoting “Cyber Immunity” to integrate security by design into devices, addressing the increasing threats of mass cybercrime, targeted attacks, and risks to critical infrastructure. This initiative was highlighted during Cybersecurity Week, organized by Kaspersky in Cartagena, Colombia.

The concept of “Cyber Immunity” involves embedding security directly into the design of systems and devices through an additional layer between applications and the operating system. This layer, currently integrated into Kaspersky OS, the company’s proprietary operating system, is essential for blocking unauthorized access and preventing the spread of attacks between components, thus providing more effective protection against intrusions and malware.

Cyber Immunity's approach starts with identifying critical assets and defining specific security objectives. The system architecture is designed to meet these objectives and is verified through threat modeling, focusing on the trusted code that is critical for security. The architecture isolates security domains using models like MILS and FLASK, permitting only controlled interactions between components to safeguard critical assets from unknown threats.

According to the company, this methodology not only offers robust resistance to unknown threats but also reduces costs by eliminating the need for additional security tools and ensuring compliance with international regulatory standards.

Eugene Kaspersky, CEO, Kaspersky, acknowledged that the current version of Kaspersky OS for mobile devices is still under development. However, the core idea of cyber immunity is to increase the cost of attacks until they outweigh the potential benefits, making businesses less attractive targets for cybercriminals.

Claudio Martinelli, General Manager for the Americas, Kaspersky, explained that this immunity is achieved through three fundamental pillars: studying adversaries and analyzing threats, providing training and education, and delivering proven and effective solutions.

Identifying and Facing Cyber-Trends

Kaspersky outlined key trends in cyber threats, focusing on mass cybercrime, targeted attacks (APTs), and attacks on critical and industrial infrastructure.

“The increasing sophistication and frequency of these attacks highlight the need for more robust security solutions,” Kaspersky remarked.

Martinelli noted that while digital transformation has improved productivity and services, the rise of these threats has impeded progress. He attributed this increase partly to a lack of trained personnel and insufficient user awareness.

In 2023, Kaspersky detected over 400,000 malicious files daily using automated systems powered by machine learning. While many of these attacks come from mid-level hackers, there is a risk that these individuals could join more sophisticated groups, known as APT groups, which are primarily focused on espionage.

Regarding Mexico, Kaspersky pointed out that the country is among the leaders in mobile attacks in Latin America. According to the company, Mexico recorded 835,000 mobile attacks in 2023, ranking second in the region, behind only Brazil.

Fabio Assolini, Head of Kaspersky's Global Research and Analysis Team in Latin America, stated that the 70% increase in mobile threats across Latin America compared to 2022 reflects growing vulnerability, exacerbated by the rise in mobile internet usage and financial transactions via smartphones.

Additionally, Mexico faces significant challenges with the rise in phishing and ransomware attacks, which have surged notably. The government and manufacturing sectors are the primary victims, with a marked increase in threats targeting these areas throughout 2023.

Kaspersky emphasized that protection should go beyond defending against cyber-attacks to include safeguarding private data and identity. According to the company, its solutions offer 100% protection against certain types of attacks, such as ransomware.

Martinelli also discussed addressing the talent gap by outsourcing cybersecurity services through consultants or managed security service providers (MSSPs), which have grown significantly in response to the demand for specialists.

MSSPs can offer Kaspersky solutions to a wide range of companies, managing multiple clients simultaneously. However, Martinelli warned that “despite outsourcing, the responsibility for cybersecurity remains with the companies, which must establish their own security policies and priorities.”

One of Kaspersky's key competitive advantages is its ability to detect and analyze specific threats in Latin America. Martinelli highlighted that Kaspersky's local presence allows for quicker identification of emerging threats compared to other vendors without a regional presence.

This is further supported by the recent inauguration of Kaspersky's third office in Latin America, located in Bogota, Colombia, under the leadership of Daniela Alvarez de Lugo.

Kaspersky concluded by noting that the recent closure of its US offices will not impact the company’s financial health. Since sales to the US government were suspended in 2016, the company remains focused on the Latin American market.