During Kaspersky Horizons, the security company sees new threats emerging on the horizon. AI is already sending a shockwave through cybersecurity, quantum computers are an impending hurricane.
In the sweltering heat of Madrid, the luxury hotel Riú, once the tallest building in Spain, brings a welcome breath of fresh air. The hall with the not-so-original name Madrid 5 forms the backdrop for Kaspersky’s Horizon conference. According to the security company, new threats are looming on the horizon.
read also
The Era of ‘Pathetic Phishing Attacks’ is Over
The main themes have been chosen just as deliberately. In an almost school-like manner, the sessions are divided into two blocks, with the morning revolving around AI and the afternoon around quantum. “AI is turning cybersecurity upside down. What will happen if we add quantum computers to that?”, Oscar Suela, Kaspersky director for the Iberian Peninsula, wonders aloud.
Hacking Teens
Guest speaker Clément Domingo, a French ethical hacker and “cyberevangelist”, regularly delves into the deepest recesses of the online world for research and sees how cybercrime has embraced AI. “I dare say that cybercriminals are currently ahead of us. Teenagers can now easily hack the largest companies in the world”.
To his great frustration, Domingo sees his warnings still too often falling on deaf ears. “The biggest mistake lies in how companies deal with employees. Vendors can help you with technology, but that’s useless if you don’t know what’s happening behind your own doors. People are your last line of security. You don’t improve awareness with a technical explanation, but by making security visible, tangible and understandable”.
Teenagers can easily hack the largest companies in the world.
Clément Domingo, ethical hacker
Six Principles
It is up to companies like Kaspersky to change that. Jochen Michels emphasizes the importance of collaboration to regain a lead. His job as Head of Public Affairs is perhaps more important for Kaspersky than for any other security player.
“Attackers are using AI to scale up both the quantity and quality of their attacks. It goes without saying that we should only develop AI for defense, but we must not be blind to the fact that the technology is being misused. Criminals work together, so we must do this on the ‘good side’ as well”, says Michels.
Kaspersky has set out six ethical guidelines, which should serve as a guide for companies that develop AI applications. These are, in the order in which they appear on Michels’ slides: transparency, security, human control, privacy, developed for cybersecurity and open to dialogue. Michels: “It starts with honestly informing all customers about whether and what you use AI for in your products”.
Ticking off Meta
Domingo and Liliana Costa, “tech philosopher” and founder of the Spanish company Thinker Soul, fully agree with the principles, but note that they are not always followed in reality. “Companies often pretend to be open to ethics, until they are asked to actually apply it. Then they want to hang you. There is a concentration of power that undermines confidence in technology”, Costa doesn’t mince her words.
Domingo sees a lack of transparency as the biggest problem. “Everyone wants to bring the newest ‘banger’ to the market. We don’t know enough about how the models were trained. People today rely on ChatGPT. AI also learns from incorrect input from people: if you say often enough that the sky is red instead of blue, it will believe it”.
One company gets an extra rap on the knuckles from Domingo: Meta. “Giving AI access to private photos on your phone is madness. The technology of major players can just as easily be hacked, even if they claim to have the highest standards. This has already happened with WhatsApp. People really need to realize that if you give away your data, it’s no longer yours.”
“We have been trying to make it clear to people for years not to share personal information on social media. Now they are retrieving it themselves on your phone”, Marc Rivero chimes in, Kaspersky analyst and home player.
“The danger lies in the fact that people are lazy. If they feel that technology helps them, they don’t care how it works. So they just put data into AI apps without wondering whether it could ever be used against them. The more comfortable we are with AI, the less safely we use it”.
People are lazy. The more comfortable we are with AI, the less safely we use it.
Marc Rivero, Senior Security Researcher Kaspersky
Quantum: Threat or Opportunity?
After lunch, the focus of the debates shifts to quantum technology: another hip theme at IT trade fairs. Sergey Lohzkin from the Kaspersky GReAT research team doesn’t want his presentation to be too heavy on the stomach. “I’m not going to try to explain to you how a quantum processor works. You don’t need to understand that to know that quantum computers are going to have an impact on security”.
Kaspersky wants to alert the world now to future threats that will become reality with quantum computers. Lohzkin: “Governments are investing heavily in quantum technology in the race for supremacy. That is a theoretical ideal, but what is much more relevant to me is that they will break encryption protocols”.
“Quantum computers can become powerful espionage weapons if they fall into the hands of malicious actors. Files can already be stolen now and decrypted later with quantum technology. The pressure to implement quantum protocols will increase, but little is happening now, until the first ‘quantum hack’ is a fact,” predicts Lohzkin.
read also
Cryptography in (Post-)Quantum Times: Fast Cheetah or Slow Sloth?
Johannes Verst, present on behalf of the Quantum Business Network, places himself in the camp of quantum optimists. “Our goal is to encourage companies to think about quantum now, both about the risks and the opportunities. You should see quantum security as an additional layer that you place on top of traditional security.”
“If we can link investments in quantum to business value and reduce costs, many use cases are possible. The combination of AI and quantum is a dream team. Quantum removes limitations of traditional computers, which does not mean that we will no longer need traditional HPC in the future”, Verst continues.
Shadow Favorite
Lohzkin notes in a panel that Europe is allowing itself to be pushed aside on the quantum stage. Wrongly so, Verst believes. “Americans are generally better at marketing than Europeans. They sell a technology even before it is in use. That doesn’t make the technology in Europe any less. There is no single global leader in quantum technology”.
“We have very good startups that are already succeeding in effectively putting systems into use. Until a few years ago, we only talked to engineers about quantum technology. Now it is attracting broad investments, but engineers still need to learn to talk to customers”, he concludes.