If ever I mention while chatting with someone that Kaspersky has a fan club, I immediately get asked: Why? How come an antivirus company has a fan club? Here are the why’s: because it’s been a long time since we just made antivirus protection; because our company is always actively doing fun and interesting stuff; and because people want to participate in what Kaspersky does even if they’re not employees. And, well, it’s just cool to have one.

All this tomfoolery began, it’s scary to recall, 13 years ago, back when we cranked out version 6, which was praised throughout the computer security industry. Almost daily we posted new builds on the forum, where dozens of volunteers would immediately grab this raw but very promising code, install it, and test how well it worked. I think the main motivator for them to participate was the feeling that the developers (the entire team, without exception, followed the forum) instantly incorporated any feedback from bug reports and feature wish-lists. Users liked that they could have a say in the look, behavior, and fate of a popular software product.

Users still have this power to shape our products even today. Every year, our R&D division tests new versions of our products, which have now become numerous and very diverse — there’s even a dozen mobile apps — and the volunteers from our fan club still participate in this testing process. Fans are interested in tinkering with the latest builds, testing new features, and catching bugs. That’s why they participate in these types of closed beta tests. Well, it’s also cool to have the chance to use new products a few months earlier than the rest of the world! Not that we settle for thanking our friends with mere pats on the back … but more on that below.

Read on…

Hi folks!

A quick time-out from my Kuril expedition tales, this post is from Malaysia from where I’ve just returned. We were in the country’s new planned city of Putrajaya, which is already the seat of the government after it was transferred there from the overcrowded Kuala Lumpur. Other important state functions are slowly but surely moving over to the new city too.

So what can I say? Two things spring to mind: this place is both very interesting and rather unique. It was founded only in 1995 on a green-field site between Kuala Lumpur and Kuala Lumpur International Airport. The Prime Minister’s office is already here; however, the Parliament, King’s residence and some ministries are still back in Kuala Lumpur.

Read on…

So, what else did we get up to in Zurich, besides beer-and-bathe by/in the river? We got ourselves to perhaps my fave annual festival – STARMUS, which – oh my galaxy! – is already in its fifth year! Space, universes, stars, black holes; man’s space projects; plus assorted other jaw-dropping reports on scientific research from all over the planet and beyond; plus a traditional mega-music concert of impressive caliber (alas, which we traditionally miss).

Check out some of the speakers at this year’s event:

• ‘Moonwalker’ Buzz Aldrin (yep – second man on the moon (on Apollo 11);
• Charles Duke (Apollo 16); and
• Harrison Schmidt (Apollo 17).

Read on…

This year we celebrated the company’s 22nd birthday a little earlier than usual (but closer to the official birthday – see here for a brief history lesson). It was earlier because the road beckoned me once again to a very interesting place. But more on that later.

Here and just about everywhere further down, the photos are courtesy of Roman Rudakov.

We worked well over the year (for example, we earned $726 million (+4% on 2017), were number 1 in tests for protection and speed, were twice named as the best cybersecurity solution by Gartner Peer Insights) -> so we pushed the boat out for our birthday, because, well, those who are good at their work are good at everything else they do too :)

Read on…

How I would love to just visit Singapore as a tourist! To stay here for a week, wander around the city … But not running, running, gunzo-shigoto-arbeiten, meetings-presentations-more meetings and other work-trabajo-labor and so on in various other languages. Alas, not this time. It was more like this…

You wake up in the morning after the Starmus conference and realize that you can only dream of a bit of peace and quiet. From a sweltering Switzerland we immediately head (you could say without regaining consciousness) east for an equally hot Singapore. That’s where the INTERPOL World 2019 exhibition/conference is being held. It’s an event that brings together representatives of state, non-government and private sectors from INTERPOL member countries.

I talk a lot about the importance of international cooperation between law enforcement agencies and private cybersecurity organizations. Cybercrime knows no geographical boundaries, which is why it’s necessary to act together to fight it. It’s just that there’s a bit of a worldwide problem nowadays with this “together” thing. So, any real, ongoing initiatives aimed at international cooperation are worth their weight in gold! And we’re proud of our many years of work with INTERPOL. Since 2014, we’ve been a strategic partner, signed our first cooperation agreement and supported the opening in Singapore of the Digital Crime Center as part of the special IGCI (INTERPOL Global Complex for Innovation) unit dealing with cybercrime investigations. This center is where the technical side of INTERPOL’s investigations are conducted.

And, so, on July 3 in Singapore, we extended the cooperation agreement with INTERPOL for five years. Good work chaps!

The only chance to win the fight against cybercrime is #cybersecurity experts and law enforcement to act together. Just the way we do with @INTERPOL_HQ https://t.co/VLxfbuOiZ3 https://t.co/oJWXGmJWzo

— Eugene Kaspersky (@e_kaspersky) July 3, 2019

Read on…

Hi folks!

Herewith, the next in my series of occasional iNews, aka cyber-news from the dark side updates – this one based on some of the presentations I saw at our annual Security Analyst Summit in Singapore last month.

One of the main features of every SAS is the presentations given by experts. Unlike other geopolitically-correct conferences, here the analysts up on stage share what they’ve discovered regarding any cyberthreat, no matter where it may come from, and they do this based on principle. After all, malware is malware and users need to be protected from all of it, regardless of the declared virtue of the intentions of those behind it. Just remember the boomerang effect.

And if certain media outlets blatantly lie about us in response to this principled position, so be it. And it’s not just our principles they attack – for we practice what we preach: we’re way ahead of the competition when it comes to the numbers of solved cyberespionage operations. And we’re not planning on changing our position in any way to the detriment of our users.

So here are a few synopses of the coolest investigations talked about at SAS by the experts behind them. The most interesting, most shocking, most scary, most OMG…

1. TajMahal

Last year, we uncovered an attack on a diplomatic organization from Central Asia. Of course, that an organization like that is interesting to cybercriminals should come as no surprise. The information systems of embassies, consulates and diplomatic missions have always been of interest to other states and their spy agencies or generally any bad guys with sufficient technical ability and financial wherewithal. Yes, we’ve all read spy novels. But here was something new: here a true ‘TajMahal’ was built for the attacks – an APT platform with a vast number of plugins used (we’ve never seen so many used on one APT platform – by far) for all sorts of attack scenarios using various tools.

The platform consists of two parts: Tokyo and Yokohama. The former is the main backdoor, which also fulfils the function of delivery of the latter malicious program. The latter has very broad functionality: stealing cookies, intercepting documents from the printer queue, recording VoIP calls (including WhatsApp and FaceTime), taking screenshots, and much more. The TajMahal operation has been active now for at least five years. And its complexity would suggest that it’s been built with more than one target in mind; the rest remain for us to find…

Details of this APT-behemoth you can find here.

Read on…

Hi folks!

You’ll no doubt already know – but just in case, here’s me telling you – that each year we put on a mega international cybersecurity conference – SAS (Security Analyst Summit) – every late-winter/early-spring. Well, it’s spring already (though there was snow again last night in Moscow!) once again, so let me tell you about this year’s event… – woah – which is only three weeks away!…

This event is unique in a full three ways:

First, it’s at SAS where both KL’s top experts plus our world-renowned expert-guests report on their latest investigations, newest findings, and most curious other cyber-news.

Second, SAS always avoids the typical / typically boring hotels or conference centers in world capitals, instead always opting for totally non-boring exotic resort venues with lots of sun, sea, sand, surf, sangria… Singapore Slings, etc.

Third, there’s always one thing that can be counted on every year at SAS – the event is overflowing with fun, despite the seriousness of the cybersecurity theme!

SAS-2018 (Cancun)

It’s fair to say that SAS is best-known for the hot – often sensational – investigative reports shared at the event. Sometimes some folks don’t like this: they think we select findings based on geography or on possible attribution, or they’d prefer if we didn’t publicize such scandalous and potentially embarrassing findings (indicating probable government financing, cyber-espionage, cyber-sabotage, etc.) and should just sweep them under the rug instead. Er, nope. That’s not going to happen. Just in case you missed the memo: we share details of any cybercrime we find. Where it may originate from or what language it may speak: it doesn’t matter. Publicizing details of large cyber-incidents and targeted attacks is the only way to make the cyberworld – and that means the world itself – safer. It’s for this reason that SAS was the platform used to divulge findings on ‘Stuxnet’s cousin’ Duqu (which secretly collected information on European industrial systems), Red October (a cyber-spy carrying out espionage on diplomatic missions in Europe, the U.S., and former Soviet republics), and OlympicDestroyer (a sophisticated APT that attempted to sabotage the Olympic Games in South Korea in 2018). And I know that this year’s SAS won’t be any different: cyber-buzz causing a huge stir – coming right up!…

SAS-2016 (Tenerife)

SAS has been put on in Croatia, Cyprus, Malaga, Cancun, Tenerife, Puerto Rico, the Dominican Republic and Saint Martin (i.e., including some repeats at our fave venues).

This year, seeing that SAS is all grown-up (this will be the 11^th event), we thought a few organizational adjustments might be appropriate, and here they are:

First, this year SAS will be put on… in a metropolis! But it’s not your dull city in any way: it’s still beside the seaside and it happens to be a ‘garden city’, no less . Yep, this year it’ll be in Singapore folks. Yeh! I’m very happy about that. I have a more than just a soft-spot for Singapore ).

Second, we’ve decided to open up SAS to a wider audience than usual. Normally it’s an invite-only, exclusive world-cyber-expert get-together. This time though – in line with our transparency drive – we’re making part of the conference open to anybody who may wish to participate. And we call it SAS Unplugged. Like MTV Unplugged – only SAS ).

Presentations, training sessions, workshops from leading experts – all included. So students, cybersecurity rookies, in fact – cybersecurity old-hands too – anyone who has a great interest in fighting cyberbaddies – get registering! And be quick about it – already some of the training sessions are fully booked up.

PS: I’ve been permitted to give you a teaser about one of the confirmed presentations. It’s by one of our own experts, Sergey Lozhkin, and it’s for sure going to be a corker. Curiously, it’s about one of the oldest forms of cybercrime, but old doesn’t mean irrelevant. Just the opposite. For the crooks engaging in it today are earning billions of dollars a year from it! What is it? Financial fraud, plain and simple – actually, not so simple, as Sergey will tell us. He’ll also tell us how it has evolved over the years, what digital identity theft is, how much a digital identity costs on the Darknet, what a ‘carder’ is, and more…

PPS: I can’t wait. I enjoyed last year’s SAS ever so much. So here’s looking forward to an even better SAS this year!

Welcome to SAS-2019!…

21 years old – this used to be (and in some religions/countries still is) the age when a young person became an adult – aka came of age. A real ‘milestone’ as it were – a biggie; a special birthday, a jubilee…

Well guess who turned from being a minor into an adult just the other day?…

You guessed right: KL!

And a KL b-day – as probably everyone knows by now – means it’s time to party: with a capital ‘P’. All we needed was good weather to allow the party to really rock. Well this year we were in luck:

A monster b-day blowout, in addition to the good weather also needs a monster venue. Check!

What else is needed? I could list the ingredients; showing you the pics thereof is a lot more satisfying:

Read on: 50 inflatable unicorns…

St. Petersburg when the sun’s come out to play is to me the best city to be in in Europe. And I’m not alone in declaring such a bold sentiment – I’ve heard it from many others from many different countries too. But why ‘in Europe’? That’s just so as to be able to compare meaningfully. It’s difficult comparing Russia’s second city with, say, Hong Kong or Singapore, as they’re just so different on so many levels. But I digress. So, about StP!…

Read on: nostalgic!…

Many different cyber-professional events take place around the world every year. Out of all of them I have one special favorite – our own special one for cybersecurity analysts: SAS (Security Analyst Summit). And every year they just get better and better and bigger and bigger. This time we had 320 guests from 30+ countries – mostly from the Americas and Europe, but also seven experts from Australia, and participants from Singapore, Japan, Taiwan, Malaysia and Saudi Arabia. Representatives of large companies were in strong attendance as usual (from Microsoft, Google, Apple, Cisco, Sony, Honeywell, Cloudflare, Pfizer, SWIFT, Chevron, Citibank and others), but there were also folks from the cyber-police of different countries, plus government agencies and departments from the UK, Netherlands, Canada, France, China, South Korea, Switzerland, Austria, Romania and Kazakhstan. There were non-commercial and educational organizations (like, among others, the Electronic Frontier Foundation and the University of Texas, respectively). And a big thanks to our conference partners and sponsors, namely: Qintel, Avast, Telstra, Microsoft, ThreatBook, Talos, Security Week and Threatpost. In short, folks from all over and from diverse fields, demonstrating the degree of trust in and respect for our company.

Like me, SAS likes to travel the world, avoiding the large Congress centers of big boring cities, preferring instead stunning exotic locations with a warm climate and in the immediate vicinity of warm ocean.

SAS has been held in Croatia, Cyprus and Malaga on the Mediterranean; in Mexico’s Cancun in 2012 and 2015; on the Spanish island of Tenerife; and the Dominican Republic, Puerto Rico and St. Maarten in the Caribbean. And here we are once again back in Cancun for this, our 10^th SAS! Hooray!

It all began in the year 2009. 60 guests – 55 of which were KL staff! – each sharing their notes on research and experience in cybersecurity. Those humble beginnings quickly grew into large-scale industry events with more than 300 high-level delegates (only ~30% of which were from KL). This year’s event was extra special because of the jubilee, and the participants didn’t seem disappointed…

Read on…