Monthly Archives: August 2011

Great GReAT Guys: Aleks Gostev in the Spotlight.

I’m glad the first part of our In-the-Spotlight series featuring Costin G. Raiu received so much attention and positive feedback on both Twitter and Facebook.

My special guest today is Aleks Gostev, Chief Security Expert at KL and highly valued member of the company’s Global Research & Analysis Team (GReAT).

Aleks is a unique multi-disciplinary infosec guy – one of the world’s most prominent security experts, who regularly appears in the mass media in interviews or writing op-eds. He became involved in anti-malware research in 1996 when he founded an anti-virus expertise center in the Komi Republic – a large territory in the North-West of Russia. Since 1998 he’s been Project Coordinator of Wildlist Russia – an initiative aimed at collecting and analyzing data about malware outbreaks in the country.

We first met in 2002, and I recall I felt he was the right guy for the company from the word go. Our first chat went something like:

– Married?
– Yes.
– Birth date?
– Mine or the wife’s?

Nice! That convinced me to give him a job tout de suite, and frankly speaking I’ve never regretted it. Aleks’ first big assignment was dealing with the notorious Slammer (Helkern) worm, which caused a major Internet outage in South Korea and infected hundreds of thousands of computers worldwide. He managed the case perfectly: we were one of the first AV companies to report the outbreak and provide protection.

Aleks GostevShort Bio

Aleks founded and led the Global Research & Analysis Team (GReAT) from 2008 before moving to his current position as Chief Security Expert with the team in 2010. Aleks analyzes all aspects of information security, with a focus on new threats and global outbreaks. His responsibilities include deep investigation of new malware and expert positioning of Kaspersky Lab. He is also editor-in-chief of Securelist. Before joining the company in 2002 he held various IT and security related positions in both public and private organizations.

You can follow Aleks on Twitter (@codelancer) and read his personal blog at Securelist.

He also does lots of rock climbing, traveling and extreme sports:

Aleks Gostev at the South Pole

However, in this spotlight piece we will concentrate on Aleks’ expertise in cloud security.

Read more > The message to iCloud users

Hybrids Are Cool. Hybrids Are Awesome. But What about Hybrid Protection?

There’s been a lot talk for quite a while now surrounding how cloud technologies can help increase protection against malware. One tendency is to fall into the trap of considering the cloud as a silver bullet that can effectively solve all security related issues at once.

I agree that cloud-based protection certainly brings many advantages – both to end users and security vendors. Yes, it permits us to detect new threats much faster and deliver necessary updates to users. However, I don’t share the euphoria that is promoting this approach as a self-sufficient technique capable of tackling security threats by itself.

Protection needs to be multi-layered, with each layer complimenting the others, contributing to the overall security level and shielding computers in any environment – and in a well-balanced manner so as to maintain top computer performance.

Kaspersky cloud protection

There are three main issues that significantly limit the scope of cloud protection being used on its own.

Read more > The three key issues

50 There and Backs in 2011.

Last week I took my 50th flight of the year. I won’t reach my record for a year, of course, but this achievement nevertheless ain’t a bad one. I got my record last year – 100 flights.

The jubilee flight this year was on the route Moscow-Beijing in an Air China plane. Not to be confused with China Airlines! The former is based in Beijing (with a red dragon on its planes’ fins); the latter is based in Taiwan (with a pink flower on its fins).

Air China plane

I just didn’t feel like flying Air China again.

Read more > My preference for flying Moscow-Beijing

Shady RAT: Shoddy RAT.

Earlier last week Congresswoman Mary Bono Mack (CA-45), Chairman of the House Subcommittee on Commerce, Manufacturing and Trade, sent a letter to Dmitri Alperovitch, Vice President of Threat Research at McAfee, requesting further information on his recently published report “Revealed: Operation Shady RAT.” We conducted detailed analysis of the Shady RAT botnet and its related malware, and can conclude that the reality of the matter (especially the technical specifics) differs greatly from the conclusions made by Mr. Alperovitch …

More: Shady RAT: Shoddy RAT.. . .

A Blast from the Past. Part IV – The Very First International Partner Conference.

Here we are with the fourth installment of sentimental stories covering the history of our company.

Each time I write a post of this series what never ceases to amaze me is the journey we’ve made from a small niche player to one of the largest security vendors in the world. And I’ve nothing but admiration for all our users and partners and also the journalists and analysts who’ve supported us all along, giving us the impetus to keep going and do the job we do well.

One thing I’m pretty sure about is that we would never have succeeded without our partners. We started the business with a clear idea of building a truly dedicated and efficient partner network. We never tried to play the game in the different regional markets ourselves without knowing the rules.

Instead, from the very beginning, we relied on our partners: companies and individuals that know the rules inside out and understand all the little things that a software business – no matter how good its product – must get firmly on top of to get its product into the market effectively.

Read more > The first international partner conference in details

Facebook Doomsday on November 5?

The recent announcement by the Anonymous hacker group to take down Facebook on November 5 – Bonfire Night – has resulted in a series of online publications and sparked much hot debate.

The story surrounding this announcement seems to create more questions than provide answers.

First of all, the announcement is not all that recent. It went online a month ago, but surprisingly surfaced prominently in the media just earlier this week. However, the reason for this delay is not that important.

More interesting is whether this is a genuine announcement coming from Anonymous. Is it from some hackers pretending to be part of Anonymous? Or from some Anonymous members who are planning an operation of their own? Or is it just a hoax coming from an unknown party using the highly-publicized image of the hacker group for their own goals?

Too many questions – yeah, I know.

And here are the answers >

Home Sweet Home!

Just wanted to share some good news with you.

At the end of 2012 we’ll be moving to new office premises in the “Оlympia Park” business center located in the North-West part of Moscow. It’s not far from the Vodny Stadion metro station, sits on the bank of the Khimky reservoir, and is 15 minutes drive from Sheremetevo airport (that is of course with no traffic jams). Neighboring are a yacht club, hotel and other good stuff to help an international business along. Almost 30,000 square meters (~326,000 sq.ft.). Straight away a fantasy kicked in on where we’d install everything!

Olympia is still under construction, but already I just know that we’re going to like it there – a lot!

Here are a few photos from the building site:

Kaspersky Labs new building site

More sweet home photos >

Ni Hao Compulsory Internet IDs.

Innovations at Beijing airport (Terminal 2)

1. To get a log-in and password for Wi-Fi, you need to put your passport (or Chinese ID if you have one) into a special machine, which scans the main page, determines the full name of the owner and document number, and then prints out a user name and password. Looks like a forerunner to compulsory Internet IDs.

Here is a photo of the Wi-Fi vending machine

Wi-Fi vending machine in Beijing

Wi-Fi permission and two more innovations >

Great GReAT Guys: Costin G. Raiu in the Spotlight.

During my career I’ve given thousands of interviews. Really! There’ve been times when I’ve even had like a dozen or so interviews in a single day (and this still happens when I’m at CeBIT or taking part in our press tours) – enough chattering in a day to make one hoarse.

Not that I’m complaining. I love talking to journalists. I find they always give me the opportunity to think more and in slightly different ways about the things I considered to be all thought out already.

From the business perspective interviews are something that raises public awareness. But I always pursue the plain and simple goal of educating users about cyber threats and trying to spread the word on best practices of how to protect their computers.

The journalists don’t let me trick you: I avoid pushing products and instead talk exclusively about trends and countermeasures. Remember our motto, “We’re here to save the world”. Money is not an end in itself. We strive to do a great job protecting customers. Money is something that comes to you when you succeed in doing a great job.

Anyway, I’ve decided to indulge myself by being on the other side of the interview. I’ll start a series of posts interviewing key people at KL.

Today I have the pleasure of asking Costin Raiu all about the many interesting things in his life, his professional experience, and about his hobbies and other stuff, presenting him to the public in a very informal way.

Costin Raiu

Short bio

Costin joined Kaspersky Lab in the year 2000 as a leading antivirus researcher.

Since 2010 he has been leading the Global Research & Analysis Team (GReAT) – one of the company’s most important technological assets comprised of top-notch security researchers around the globe constantly analyzing new cyber threats and developing protection.

Prior to becoming Director of GReAT, Costin held the position of Chief Security Expert, overseeing research efforts in the EEMEA region. Costin specializes in malicious websites, browser security and exploits, e-banking malware, enterprise-level security and Web 2.0 threats.

Costin has extensive experience in antivirus technologies and security research. He is a member of the Virus Bulletin Technical Advisory Board, a member of the Computer AntiVirus Researchers’ Organization (CARO), and a reporter for Wildlist Organization International. Prior to joining Kaspersky Lab, Costin worked for GeCAD as one of their chief researchers and as a data security expert with the RAV antivirus developers group.

His hobbies include playing chess, high precision arithmetic, cryptography, chemistry, photography and science fiction literature.

You can follow Costin on Twitter (@craiu) and read his personal blog at Securelist.

Read more > How Costin became a security analyst