Monthly Archives: May 2020

Security analysts of the world – united (remotely)!

The world seems to be slowly opening back up – at least a little, at least in some places. Some countries are even opening up their borders. Who’d have thought it?

Of course, some sectors will open up slower than others, like large-scale events, concerts and conferences (offline ones – where folks turn up to a hotel/conference center). Regarding the latter, our conferences too have been affected by the virus from hell. These have gone from offline to online, and that includes our mega project the Security Analyst Summit (SAS).

This year’s SAS should have taken place this April in one of our favorite (for other K-events) host cities, Barcelona. Every year – apart from this one – it takes place somewhere cool (actually, normally quite hot:); for example, it was in Singapore in 2019, and Cancun, Mexico, in 2018. We’d never put on a SAS in Barcelona though, as we thought it might not be ‘fun’ or ‘exotic’ enough. But given that folks just kept on suggesting the Catalonian city as a venue, well, we finally gave in. Bit today, in May, we still haven’t had a SAS in Barcelona, as of course the offline, planned one there had to be postponed. But in its place we still had our April SAS – only on everyone’s sofa at home online! Extraordinary measures for extraordinary times. Extraordinarily great the event turned out to be too!

But we’re still planning on putting on the offline SAS in Barcelona – only later on, covid permitting. But I’m forever the optimist: I’m sure it will go ahead as planned.

It turns out there are quite few upsides to having a conference online. You don’t have to fly anywhere, and you can view the proceedings all while… in bed if you really want to! The time saved and money saved are really quite significant. I myself watched everything from a quiet corner of the flat (after donning my event t-shirt to get into SAS mode!). There were skeptics, however: an important element of any conference – especially such a friendly, anti-format one like SAS – is the live, human, face-to-face interaction, which will never be replaced by video conferencing.

I was really impressed with how things went. Kicking it off we had more than 3000 folks registered, out of which more than a thousand were actually watching it any one time over the three days – peaking sometimes above 2000. Of course most would have picked and chosen their segments to watch instead of watching it non-stop. The newly introduced training sessions, too, were well attended: around 700 for all of them – a good indicator folks found them interesting.

And for SAS@Home a special program had been prepared – and all in just two weeks! Why? Well, the heart of our conference is hardboiled, hardcore geekfest techy stuff: very detailed investigations and reports from the world’s top cybersecurity experts. But for SAS@Home the audience was to be bigger in number, and broader in audience profile – not just tech-heads; so we experimented – we placed an emphasis on a learning program, not in place of the detailed investigations and reports, but in addition to them.

And we seemed to have gotten the balance just right. There was the story of the Android Trojan PhantomLance in Google Play, which for several years attacked Vietnamese Android users. There were presentations on network security and zero-day vulnerabilities. On the second day there was the extraordinarily curious talk by our GReAT boss, Costin Raiu, about YARA rules, with a mini-investigation about chess as a bonus!

After that there was Denis Makrushkin on bug-hunting and web applications. And on the third day things got really unusual. It’s not every cybersecurity conference where you can hear about nuances of body language; or where – straight after that comes selecting methods of statistical binary analysis! But at SAS – par for the course ).

As per tradition, a huge thanks to everyone who helped put on the show: all the speakers, the organizers, the partners from SecurityWeek, the viewers, the online chatters, and the tweeters. And let’s not forget the flashmob we launched during SAS – quarantunities – dedicated to what folks have been getting up to during lockdown at home, including someone starting to cook every day, someone learning French, and someone else switching from life in the metropolis to that in the countryside.

In all, a great success. Unexpected format, but one that worked, and then some. Now, you’ll no doubt be tiring a little of all the positivity-talk of late about using the crisis and lockdown to one’s advantage. Thing is, in this instance, I can’t do anything but be positive, as it went so unbelievably well! Another thing: ‘We’ve had a meeting, and I’ve decided’ (!) that this online format is here to stay – even after covid!

Finally, one last bit of positivism (really – the last one, honest :). As our experts David Jacoby and Maria Namestnikova both pointed out during the final session, there are other positive things that have come out of quarantining at home: more folks are finding the time to stay fit with home exercise routines; there’s an emphasis being put on physical health generally (less rushing about and grabbing sandwiches and takeaways, etc.); folks are helping each other more; and levels of creativity are on the rise. Indeed, I’ve noticed all those things myself too. Nice. Positive. Eek ).

That’s all from me for today folks. And that’s all from SAS until we finally get to sunny Barcelona. Oh, and don’t forget…: another one for your diary for next year: SAS@home-2021!

PS: Make sure to subscribe – and click the bell for notifications!! – to our YouTube channel: we’ll be putting up there recordings of all sessions gradually. Yesterday the first one was published!…

Tasmanian nights – with views to delight.

NB: with this post – about a place I visited before the lockdown – I want to bring you some positivism, beauty, and reassurance that we’ll all get a chance to see great different places again. Meanwhile, I encourage you not to violate the stay-at-home regime. Instead, I hope you’re using this time for catching up on what you never seemed to find the time to do… ‘before’ :).

Up at dawn, and into day two of our walk along Three Capes Track

Just the other day, not far away, we were walking around blatantly sedimentary rocky landscapes, around about Remarkable Cave and Tessellated Pavement, while today’s rocky landscapes were blatantly of volcanic origin. These columns are the result of emissions of huge quantities of lava (of geologically ‘correct’ consistency), which gradually cool from up top, and form into a mosaic of cracks, which then extend below with further cooling – right through the full thickness of the material. Benard Cells they’re called, which used continuum mechanics to form. And the result today looks like this:

Read on…

Tasmania’s sensational sunsets and sunrises.

NB: with this post – about a place I visited before the lockdown – I want to bring you some positivism, beauty, and reassurance that we’ll all get a chance to see great different places again. Meanwhile, I encourage you not to violate the stay-at-home regime. Instead, I hope you’re using this time for catching up on what you never seemed to find the time to do… ‘before’ :).

Now let me see – where was I with my tales from the Tasmanian side? Ah yes – with the marvelous views, like these, from the comfort of a cozy sofa! ->

The views become all the more marvelous when there’s a sunset or sunrise. And that includes the views of the skies:

Read on…

Enter your email address to subscribe to this blog
(Required)

Cyber-yesteryear – pt. 1: 1989-1991.

Having written a post recently about our forever topping the Top-3 in independent testing, I got a bit nostalgic for the past. Then, by coincidence, there was the 20th anniversary of the ILOVEYOU virus worm: more nostalgia, and another post! But why stop there, I thought. Not like there’s much else to do. So I’ll continue! Thus, herewith, yet more K-nostalgia, mostly in a random order as per whatever comes into my head…

First up, we press rewind (on the 80s’ cassette player) back to the late 1980s, when Kaspersky was merely my surname ).

Part one – prehistorical: 1989-1991

I traditionally consider October 1989 as when I made my first real steps in what turned out to be my professional career. I discovered the Cascade virus (Cascade.1704) on an Olivetti M24 (CGA, 20M HDD) in executable files it had managed to infiltrate, and I neutralized it.

The narrative normally glosses over the fact that the second virus wasn’t discovered by me (out of our team) but Alexander Ivakhin. But after that we started to ‘woodpeck’ at virus signatures using our antivirus utility (can’t really call it a ‘product’) regularly. Viruses would appear more and more frequently (i.e., a few a month!), I would disassemble them, analyze them, classify them, and enter the data into the antivirus.

But the viruses just kept coming – new ones that chewed up and spat out computers mercilessly. They needed protecting! This was around the time we had glasnost, perestroika, democratization, cooperatives, VHS VCRs, Walkmans, bad hair, worse sweaters, and also the first home computer. And as fate would have it, a mate of mine was the head of one of the first computer cooperatives, and he invited me to come and start exterminating viruses. I obliged…

My first ‘salary’ was… a box of 5″ floppy disks, since I just wasn’t quite ready morally to take any money for my services. Not long afterward though, I think in late 1990 or early 1991, the cooperative signed two mega-contracts, and I made a tidy – for the times – sum out of both of them.

The first contract was installation of antivirus software on computers imported to the USSR from Bulgaria by a Kiev-based cooperative. Bulgarian computers back then were plagued by viruses, which made a right mess of data on disks; the viruses, btw, were also Bulgarian.

The second contract was for licensing antivirus technologies in a certain mega-MS-DOS-based system (MS Office’s ~equivalent back then).

What I spent my first ‘real’ money on?… I think it was a VCR. And a total waste of money that was. I never had the time for watching movies, let alone recording stuff and watching it again. My family weren’t big into videos either. Oof. (Btw: a good VCR back then cost… the same as a decent second-hand Lada!)

My ~second purchase was a lot more worthwhile – several tons of paper for the publication of my first book on computer viruses. Btw: just after this buy the Pavlov Reform kicked in, so it was just as well I’d spent all my rubles – days later a lot of my 50 and 100-ruble notes would have been worthless! Lucky!

My book was published in the spring of 1991. Alas, it hardly sold – with most copies gathering dust in some warehouse no doubt. I think so anyway; maybe it did sell: I haven’t found a copy anywhere since, and in the K archive we only have one copy (so if anyone has another copy – do let me know!). Another btw, btw: I was helped immensely by a certain Natalya Kasperskaya back then in the preparation of the book. She was at home juggling looking after two little ones and editing it over and over; however, I think it must have piqued her curiosity in a good way – she warmed to the antivirus project and went on to take a more active part.

That pic there is of my second publication. The single copy of the first one – just mentioned – is at the office, and since we’re taking this quarantine thing seriously, I can’t physically take a pic of it (.

Besides books, I also started writing articles for computer magazines and accepting occasional speaking opportunities. One of the clubs I was speaking at would also send out shareware on diskettes by post. It was on such diskettes that the early versions of our antivirus – ‘-V by doctor E. Kasperski’ (later known as ‘Kaspersky’:) appeared (before this, the only users of the antivirus were friends and acquaintances).

The main differences between my antivirus… utility and the utilities of others (there’s no way these could ever be called ‘products’) were, first: it had a proper user interface – in the pseudo-graphics mode of MS-DOS – which even (!) supported the use of a mouse. Second: it featured ‘resident guard’ and utilities for the analysis of system memory to search for hitherto unknown resident MS-DOS viruses (this was back before Windows).

The oldest saved version of this antivirus is the -V34 from September 12, 1990. The number ’34’ comes from the number of viruses found! Btw: if anyone has an earlier version – please let me know, and in fact any later versions too – besides -V.

The antivirus market back then didn’t exist in Russia, unless you can call Dmitry Lozinsky’s ‘Aidstest’ on a diskette for three rubles a market. We tried to organize sales via various computer cooperatives or joint ventures, but they never came to much.

So I had to settle into my role, in 1990-1991, as a freelance antivirus analyst, though no one had heard of such a profession. My family wasn’t too impressed, to say the least, especially since the CCCP was collapsing, and a pertinent question ‘discussed in kitchens’ [no one did cafes/restaurants/bars for their meet-ups and chit-chats back then: there weren’t many in the first place, and not many folks had the money to spend in them even if they had] would be something like: ‘where’s all the sugar gone from the shop shelves?’ Tricky, tough times they were; but all the more interesting for it!

To be continued!…

2 + 12 Earth Day answers.

A week or two ago, I posed 2 + 12 questions to you on the occasion of Earth Day. 

The first question was a rhetorical one: How will the world actually change as a result of global warming? 

There are various hypotheses, models, projections. For sure, sea levels are rising, but not only for the obvious reason that icebergs are melting. Yes, icebergs are melting, but so is the ice – several kilometers thick! – that covers (and presses down) places like Greenland and Antarctica, and this will cause these landmasses to slowly rise up – so much so that, for example, Greenland may join up with North America! Imagine that?! They’ll have to install a new Canadian-Danish border across the new landscape!

But we’ll probably only get an answer to this question in another two or three generations. That is, if the world doesn’t suddenly opt for another stint of ice age.

Swiftly moving on to question 2

How will nearly the whole world’s industry coming to a halt affect the growth of CO in the world’s atmosphere?

We’ll get an answer to this sooner. Most curious for me is – what if it doesn’t affect it at all? But of course I hope it does. Anyway – most of the various answers to this were already discussed.

All righty. Now we turn to questions of a less global nature: about ice, rocks, mysterious circles on the earth’s surface and about animals. Lets’ go!…

Where did the water come from to make the ice on the 80th parallel on Antarctica – some 700km from the shore? Water that then freezes into fields of ice – upon which cargo planes can land:

The hint was there for the taking on the photos: mountains!

Read on…

The Tasmanian Three Capes Track.

NB: with this post – about a place I visited before the lockdown – I want to bring you some positivism, beauty, and reassurance that we’ll all get a chance to see great different places again. Meanwhile, I encourage you not to violate the stay-at-home regime. Instead, I hope you’re using this time for catching up on what you never seemed to find the time to do… ‘before’ :).

Regular readers of this here blog of mine will know I’m a big fan of walking/hiking/trekking – whatever you want to call it – on paths/routes/tracks (whatever you want to call them!) in far flung places on this dear planet of ours. I carefully study the landscapes around me, reflect upon them – meditate upon them – photograph them, and then later bring it all together, put the impressions into text form, and come up with a blogpost like this one you’re reading now. I even had a list of my fave walking routes… ah yes – here it is.

Well, recently in Tasmania I procured myself a +1 to what are to me the most amazing specially-designated walking routes: it was the Three Capes Track (official site).

// Yes – as you’ll see on the official site there the track is currently closed due to corona; we were lucky to have walked it just in time: our guides told us how we were practically the last booked in to walk it before the closure. But that’s beside the point: one day things will return to (~) normal, and the track will be opened again for walkers.

It’s not a difficult route: a comfortable 50km doable in three and a half days, along its smooth, sturdy, well-signposted paths. Spending the night here is convenient too – in lodges along the way (for the peak season – November to February – these need to be booked in advance). The views are oh-my-gorgeous, easily earning a 5K rating, aka – KKKKK!

Here are the views of Tasman Island and the ‘Blade’ peninsula. And we’re heading in their direction…

Read on…

Announcing – The ‘Kaspersky Exploring Russia’ tourism accelerator.

There are plenty of reasons I love my company, but perhaps the most… refreshing – is that our K-folks often come up with all sorts of different, original ideas of things to do and at the right times and in the right places. Thus, some of our brightest K-sparks came up with this here idea:

// The other day, during an online conference with Latin America, the following – I believe, Brazilian – phrase (can’t recall the exact wording) was uttered: 

If the fisherman can’t go out to sea, he just gets on with fixing his nets!

The perfect anecdote for our current situation, no? I hope you’re fixing your nets. Meanwhile here at K – here’s how we’re fixing ours, among a few other ways…

Sat at home, many of us are dreaming of future vacations, I’m sure – but when will they be possible? And of course there’ll be those who’ve had to cancel trips, vacations, expeditions, weddings…  Me personally I had to call off more than a dozen trips or postpone them indefinitely. But imagine how things are for the tourism industry – airlines, hotels, agencies. No one could have expected, and thus made contingencies for, the force majeure of this year. But perhaps hardest hit will have been newcomers to the tourism business with a great startup idea, a business plan, and little else, and then… boom. All plans torpedoed.

Well we’ve decided to lend a helping hand to those newbies and their budding projects. So here’s introducing… our Kaspersky Exploring Russia tourism accelerator! This is a project designed to help cool, promising startups use their lockdown-at-home time usefully: to learn something new, to fine-tune their business ideas, to find investors, or simply to PR themselves. And after the pandemic, they’ll be able to go to the – by-then hungry famished?! – market with their new, turbo-charged projects (maybe they’ll be able to take care of a few of my exotic expeditions too)…

So, why ‘Exploring Russia’?

Read on…

ILOVEYOU – 20 years ago – to the day!

Ancient cybersecurity folks with more than 20 years’ experience in the industry will of course remember the infamous ILOVEYOU Love Letter email worm from the early 2000s. What they may not recall is that it was exactly 20 years ago when it first reared its ugly head.

20 years? What?! Yep: Two decades ago to the day this cyber-maggot paralyzed practically the whole world. Wanna know what the guy responsible for this global cyber-tragedy is doing now, and where? I’ll get to that a bit later…

But I’ll start with a summary of the events of 20 years ago, in case you missed them. First up: why ‘Love Letter’?

This cyber-vermin crawled into millions of folks’ email inboxes. The receiver got a ‘love letter’ from what looked to be a friend or acquaintance.

source

Curiosity killed the… email recipient: after the attached VBS was clicked, the malware basically took control and sent itself on behalf of the recipient to everyone in his/her address book. And in some kinda totally mental mega-exponential way managed to infect – in a matter of hours!! – practically the whole email-using planet!

This caused colossal damages (yes, the worm also damaged certain files) (damages: to the tune of several BILLION dollars!)). Curious fact: the code for e-mail distribution was swiped from another worm – Melissa – which a year earlier ran amok around the whole world too (Microsoft had to switch off its corporate email (in current terminology – self-isolated) in order to stop the spread of the worm).

There’s another interesting element of Love Letter: the worm would download from the internet a Trojan that stole the infected computers’ internet-access logins and passwords (this is back when access was mostly dial-up, costing a lot – using per-hour tariffs), and sent them to a given address.

Read on…

Tasmania’s devilish prison history.

NB: With this post, about a place I visited before the lockdown, I want to bring you some positivism, beauty, and also reassurance that we’ll all get the chance to see great different places again. Meanwhile, I encourage you not to violate the stay-at-home regime. Instead, I hope you’re using this time for catching up on what you never seemed to find the time to do… ‘before’ :).

And now for a bit about Tasmanian… prison history!

Since Britain would send its convicts to Australia, Tasmania received quite a few too. And it just so happens that here, on the Tasman Peninsula, the prisons were among the most strict, high-security and harsh – where the most hardened, twisted criminals of the evilest kind were sent. Eek.

Not that the peninsula was chosen randomly. It is attached to the mainland via two narrow necks of land (surrounded by endless ocean) – much easier to guard and keep jailbreaks in check. One of the necks – Eaglehawk Neck – even had a ‘Dog Line‘ across it: two dozen vicious dogs tethered up in a line across the Neck from shore to shore, and out above the sea on platforms (so escaping convicts couldn’t try dodge the dogs via the sea). Of course – as per the custom in Tasmania – it’s now a tourist attraction.

Old wooden buildings from the prison era are carefully maintained. Of course keeping them in a reasonable condition is helped out by the customary clement weather here.

My travel companion, OA, read up on the prison theme, and this is what he found out:

—8<—

The first prison on Van Diemen’s Land (the original name given – until 1856 – to what is today Tasmania) appeared in 1803, and in the following 50 years the British sent some 76,000 convicts there, which is nearly half of all those the British sent to Australia (~165,000).

The most famous prison of the island is the one in Port Arthur, which held only the most hardened of repeat offenders, and which became known as the prison it was impossible to escape from. The rugged lie of the land here was deemed ideal for a prison – there was practically nowhere to run away to, there was the Dog Line you mentioned, and there were plenty of guards too, placed well apart – who employed a somewhat advanced-for-the-times flag semaphore to communicate among themselves.

Nevertheless, a few escapes did occur. Perhaps the most audacious was the one in 1839, when a group of convicts took advantage of a thick fog to steal the ship of the prison commandant, Charles O’Hara Booth, and sail off! Passing the guards while already out to sea, one of the convicts even struck the usual proud, shoulders-back pose of Booth up on the bow of the ship – Booth often would use his vessel to inspect his prison from the sea.

The convicts remained on the run successfully for several weeks, sailing along the shores, stopping only to burgle farms. At one point they were stopped by law enforcement, but they made up a story that they were the search party looking for – themselves! More audaciousness! However, their luck was soon to run out: eventually they were caught – and later executed.

// Our guide told us a version in which they made it as far as Australia – 700km away, and that they weren’t executed but sent to other prisons; if they had been hanged they’d have become heroic martyrs.

Luckier was the fate of Martin Cash – a career criminal known best as the first man to ever swim the Eaglehawk Neck bay, despite it being rumored to contain sharks; and he did so twice! All his attempts at escape ended by his being eventually caught, but by some miracle he escaped the hangman’s noose. He even went on to dictate his autobiography, which became a bestseller in 1870.

But perhaps ‘the most infamous incident, simply for its bizarreness, was the escape attempt of one George ‘Billy’ Hunt. Hunt disguised himself using a kangaroo hide and tried to flee across the Neck, but the half-starved guards on duty tried to shoot him to supplement their meager rations. When he noticed them sighting him up, Hunt threw off his disguise and surrendered, receiving 150 lashes”! – Wikipedia.

Perhaps the most disturbing place in Port Arthur was the so-called Separate Prison – a panopticon modeled as per the theory of philosopher and social theorist Jeremy Bentham. Living in a single cell, each prisoner was deprived of all interaction with others and had to remain silent… always! Instead of their names they were given a number to go by. And they had to wear sack-masks over their heads the few times they were allowed out of their cells. Such a ‘humane’ system promised full repentance; in fact it just made the inmates physiologically very ill indeed. Rumor has it it was so unbearable they committed murders in order to be sentenced to death. Oh my ghastly.

These days Port Arthur and a few other Australian prison settlements have UNESCO World Heritage status!

—8<—

That’s all on the Tasmanian prison theme. But there’s still more to come on the Tasmanian general-theme; in fact – the most interesting bits of our Tasmanian tour. Stay tuned!…

All the pics from Tasmania are here.

Remarkable Cave and Tessellated Pavement.

NB: With this post, about a place I visited before the lockdown, I want to bring you some positivism, beauty, and also reassurance that we’ll all get the chance to see great different places again. Meanwhile, I encourage you not to violate the stay-at-home regime. Instead, I hope you’re using this time for catching up on what you never seemed to find the time to do… ‘before’ :).

We finally make it to the Tasman Peninsula. First on the tourism menu here – a remarkable cave. A remarkable cave that’s so remarkable it’s called… Remarkable Cave!

Indeed: remarkable. ‘The cave itself is a long tunnel eroded from the base of a collapsed gully’. Probably some 100 meters long.

Read on…