The head of one of the world’s foremost cyber security companies says he knows who the online criminals are even though they use alien languages to disguise their locations and identities.
Speaking at a panel discussion at the recent IP Expo event, Eugene Kaspersky, CEO of Kaspersky Lab, said he has data-mined the internet bandits and found that they often spoke in languages that were not native to them.
He said they do this in order to throw investigators off their trail.
However, most of the attackers communicate with each other in their own tongues, which means their locations and nationalities can be more easily identified.
“It’s very hard to attribute who is really behind all these attacks,” said Kaspersky. “We are a cyber security company and are part of the cyber security industry, but we don’t have access to internet traffic, and don’t have access to the mobile operators’ data, so it’s not our job to discover who is the criminal.
“But in many cases, we can guess because we can see their language. And according to our data, the most-spoken languages are native English, native Russian, and simplified Chinese.
“Who is the best or the worst? I don’t know, because there are so many attacks coming from them through cyberspace.
“So the most-spoken languages are coming from these three. But at the same time, there is French, Spanish, Spanish as in Latin American, German, Italian, Arabic, Korean… no Japanese — I don’t remember any statements which were in Japanese.
“But at the same time it’s not just attribution (of language) because remember that there are many cases where there is definitely a state-sponsored attackers which speaks, or pretends to speak, native English.
“And then there is a typo, which native (English) speakers will never do.”
Kaspersky added that the bewildering variety of threats, the diverse locations and the massive range of methods and techniques is making it extremely difficult to defend against cyber crime.
“I call it the ‘cyber middle age’,” he said, “because we have these new technologies and new cyber threats. At the same time, we still don’t know how to design defence in the right way.
“It’s a little bit like alchemy, trying to find a way to meet the security goals by mixing different things and staff. But no one knows how to do it. Except me — I know.”