Kenes Rakishev on complicated future of cybersecurity

Recent series of cyberattacks led US administration to realizing the scale of the problem. The case of Colonial pipeline was especially important as it brought the entire country to its knees, causing panic and significant market disruption. But Joe Biden will not solve the issue with a decree. The entire approach to automation and telemetry should be reviewed, Kenes Rakishev believes. Security should be organic part of critical systems, not an addon to them. Kenes Rakishev, a well-known high-tech entrepreneur, warns of dark and complicated future if the software architecture will be left as it is.

It isn’t Kenes Rakishev’s darkest secret: his interest to the cybersecurity comes from a very pragmatic cause. Several years ago his own computer was hacked and the data leaked online. It wasn’t a catastrophe by itself, but it could be. Imagine what damage could result from a major corporation hack? There is no need to employ fantasy: the recent case of the hacked oil product pipeline is an excellent example, as well as Toshiba, Kenes Rakishev reminds. As more and more complex systems enter the scene more and more threats are in the air. City-wide and even nation-wide networks are equally susceptible to cyber attacks, Kenes Rakishev notes.

It’s true that most exploits are well known for years and companies do nothing to patch them up. Before the recent attack were launched the network exploit was freely available for three years (!). Most hacks are not targeted zero-day attacks: they could be easily avoided by updating the software

What can be done to strengthen the computer systems, according to Kenes Rakishev?

Minimize the exposure of critical infrastructure to the World: the less your system is in contact to the Network the better. There is no need to expose IoT to the common network. Surface should be minimized, Kenes Rakishev advises.

Don’t use closed-source software at crucial points. Closed source OS is the best way to screw the security. It may sound counter-intuitive but large open-source projects fix bugs and vulnerabilities faster than your friendly corporate monster.

What can be done further to fend off the hackers?

Kenes Rakishev advocates the use of AI-based algorithms to mitigate some sort of attacks. As a venture capitalist Kenes Rakishev is betting on this approach.

Data integrity and even integrity of the code base can be put on blockchain. Of course it isn’t possible with real time systems but the real time modules may be — and should be — isolated from the crucial processes.

At last: corporations behind the software are rarely legally punished for providing customers with insecure code. It should be changed. Without it critical infrastructure will be target for more and more sophisticated attacks, Kenes Rakishev suggests.