Kaspersky Lab to release its own operating system

Eugene Kaspersky confirmed in his blog that his company is developing its own operating system. Rumors about Kaspersky Lab’s own OS appeared in summer 2012.

“We are working on new technologies – specifically, a new secure operating system designed for Industrial Control Systems, ICS,” the CEO wrote.

Kaspersky, who is the creator of one of the world’s most widespread antivirus solutions, noted that the new OS was necessitated by the difference in protection and operation requirements of ICS’s and regular personal computers and corporate networks. “In regular companies, confidentiality is what matters. In an ICS, the operability of the system is the top priority. An industrial facility focuses primarily on the continuity of production, and protection comes second,” wrote Kaspersky.

The vulnerability of industrial OS and control software is often the result of a scarcity of updates, without which weaknesses fail to be addressed.

Another challenge is the activity of certain state agencies. According to Kaspersky, these agencies are “those that certify software to work in critically important systems in one of their departments, and, at the same time, develop cyberweapons to attack enemies’ control systems in another. Examples include Stuxnet, Duqu, Flame and Gauss – projects so complicated that they are only possible if there is technical and financial support from very powerful entities.”

Currently, there are two methods for countries to safeguard themselves against information attacks. The first strategy is to ensure both informational and physical isolation of important entities; this essentially precludes internet connectivity. The second option is to maintain secrecy in order to protect critical information.

Kaspersky Lab is ready to offer a third option to safeguard information from external threats – the creation of a secure OS for ICS, which can be integrated in existing infrastructure to monitor the “health” of systems and guarantee the accuracy of the information received.

Lyubov Putsko, spokesperson for the Agnitum antivirus developer, reported that she did not believe there were any turnkey solutions in this sector currently available. “Windows is popular, and they rely on it when managing important facilities; however, it is not secure enough, as the attacks against the Iranians prove. QNX, a real-time control system, is also well known, but there is still a need to use Windows to visualize and manage processes. This is the gap that Kaspersky Lab wishes to bridge,” Putsko said.

Renat Yusupov, senior vice-president of a company (Kraftway) that is developing its own secure BIOS, believes that Kaspersky Lab has sufficient resources to develop, circulate and support its own integrated operating system. “It’s a different question as to whether the company will be able to convince developers of industrial process control systems to use their solution,” Yusupov said. “This is where the developer will need support from regulators and legislators.”

All rights reserved by Rossiyskaya Gazeta.