Mr. Kaspersky not looking supervillain-like at all. (Photo: flickr.com/cebitaus)

Inspired by the behaviors of sophisticated malware such as Stuxnet, Flame, Duqu and Gauss, Russian billionaire and possible real-life Batman Eugene Kaspersky announced today that his Kaspersky Lab is developing a new operating system.

Mr. Kaspersky's announcement wasn't heavy on details about the OS, but security was obviously priority one. Acknowledging that Microsoft, Apple and the open source communities haven't been able to create truly secure controls, Mr. Kaspersky basically said the problem with the previous systems was their universality:

First: our system is highly tailored, developed for solving a specific narrow task, and not intended for playing Half-Life on, editing your vacation videos, or blathering on social media. Second: we’re working on methods of writing software which by design won’t be able to carry out any behind-the-scenes, undeclared activity. This is the important bit: the impossibility of executing third-party code, or of breaking into the system or running unauthorized applications on our OS; and this is both provable and testable.

Mr. Kaspersky linked to "Securing Critical Information Infrastructure: Trusted Computing Base" to help answer questions regarding the new OS. It's essentially a paper that dissects the way industrial cyber-attacks work and details why they work.

The study lists the following necessary elements of a "maximally secure" computer network:

• The operating system can’t be based on existing computer code; therefore, it must be written from scratch.
• To achieve a guarantee of security it must contain no mistakes or vulnerabilities whatsoever in the kernel, which controls the rest of the modules of the system. As a result, the core must be 100% verified as not permitting vulnerabilities or dual-purpose code.
• For the same reason, the kernel needs to contain a very bare minimum of code, and that means that the maximum possible quantity of code, including drivers, needs to be controlled by the core and be executed with low-level access rights.
• In such an environment there needs to be a powerful and reliable system of protection that supports different models of security.

With these features in mind, Kaspersky Lab states that its new system's central feature will be a "categorical impossibility" of running any background programs, giving engineers total control and management of the system.

Cyber-warfare being what it is today, it's safe to say the malware makers who inspired Mr. Kaspersky's Lab to develop this new system are likely already working on new exploits with it in mind.

Cover of Kaspersky Lab's report on Gauss

Kaspersky Lab recently uncovered a new and sophisticated cyberweapon they dubbed Gauss. Wired reports that intrepid researchers employed by Russian billionaire and possible Batman Eugene Kaspersky need the public's help figuring out the the malware's mysterious payload:

The warhead gets decrypted by the malware using a key composed of configuration data from the system it’s targeting. But without knowing what systems it’s targeting or the configuration on that system, the researchers have been unable to reproduce the key to crack the encryption.

In blog post published on SecureList.com, one of Kaspersky's experts also mentions another puzzle, the presence of "the uniquely named 'Palida Narrow' font" that is installed along with the malware. If you don't have the knowledge of "cryptology, numerology and mathematics" Kaspersky seeks, investigating Palida Narrow may be for you.

Kaspersky's ThreatPost addressed the intriguing presence of Palida Narrow in a blog entry published Friday. Dennis Fisher wrote that one intriguing theory about Palida Narrow is that it may be "a kind of brand to mark infected PCs for the command-and-control servers."

Kaspersky Lab has published a detailed report on Gauss that gives rates of infection--from 1660 computers infected in Lebanon to 43 compromised machines in the United States--as well as fascinating but possibly useless details like the (most likely fake) names and addresses used to register domains found embedded in the malware's code.

Call Daphne and Velma and put on your orange ascot and get out there and solve this mystery today!

Mr. Kaspersky not looking supervillain-like at all. (Photo: flickr.com/cebitaus)

Eugene Kaspersky's security researchers at Kaspersky Lab have sleuthed out a new "cyber-espionage weapon." The Russian supervillain's (or awesomely cool billionaire, depending on your point of view) labs say this weapon has nearly as cool a name as previously discovered cyber worms Flame and Duqu--"Gauss." It also has a specific and potentially telling target: Lebanese lending institutions. Bloomberg tells us more:

"Similar to Flame and Duqu, another cyber-espionage weapon, Gauss is a complex cyber-expionage toolkit, with its design emphasizing stealth and secrecy," Alexander Gostev, Kaspersky's chief security specialist, said in the statement. "However its purpose is different. Gauss targets multiple users in select countries to steal large amounts of data, with a specific focus on banking and financial information.'

Officials at one of the targeted institutions would only admit to Bloomberg that they were aware of the worm.

Kaspersky Lab's blog post about the threat gives a timeline detailing Gauss's life and the timing of its discovery, which Kaspersky writes "was made possible due to strong resemblances and correlations between Flame and Gauss."

Could it be Gauss, like Flame, was made in the USA? Maybe we'll find out if America's cyber weapons gurus are still leaking like a watering can.