Thinking hard… in Prague.

Hi all!

Once upon a time long, long ago (in 1998 to be precise) some comrades and I, much in need of some rejuvenation on the basic ideas front, decided to take leave of the hustle and bustle of Moscow for a short while and get ourselves to a quiet place (so that nobody could disturb us) in a charming location. We needed to get away from it all, and to go back to basics – to discuss and hammer out blueprints for the future of our technologies, antivirus engines, how various antivirus subsystems effectively interact with one another, and other such fundamentally crucial topics.

So this is what we did…

First, we needed to get the venue right. What we were after was a place that was sufficiently comfortable (not some doss house with one bathroom per floor or something), but nothing more. We also needed a conference room that could seat six – that’s how many were heading out. Basically it needed to be reasonably economical, since back then we weren’t exactly flush with cash, to say the least. Thus: three-star it was to be.

We checked out various places in the Moscow region, but to no avail. So then we looked further afield. Eventually we decided that the most suitable place – out of those not too far from Moscow – was the Czech capital. So off we flew down there…

Kaspersky Lab Innovation Summit 2013

More: Prague brainstorm, 15 years later…

The phantom of the boot sector.

My power over you
grows stronger yet
(с) Andrew Lloyd Webber – Phantom Of The Opera

In the ongoing battle between malware and anti-malware technologies, there’s an interesting game that keeps getting played over and over – king of the castle.

The rules are simple: the winner is the one who loads itself into the computer memory first, seizes control of the ‘levers’, and protects itself from other applications. And from the top of the castle you can calmly survey all around and guard the order in the system (or, if you’re malicious, on the contrary – you can cause chaos, which goes both unnoticed and unpunished).

In short, the winner takes all, i.e., control over the computer.

Cybercriminals have long taken an unhealthy interest in boot sector – the ideal way to hide the fact that the computer is infected. And they use a special strain of malware – bootkits.

And the list of applications wanting to do the boot process first begins with (as the name might suggest) the boot sector – a special section of the disk that stores all the instructions for what, when and where to load. And, terror of terrors, even the operating system sticks to this list! No wonder cybercriminals have long taken an unhealthy interest in this sector, since abusing it is the ideal way to get first out of the blocks while completely hiding the fact that the computer is infected. And the cybercriminals are helped in this by a particular class of malware – bootkits.

How your computer loads

loading_comp_en

To find out what bootkits are and how we protect you against them – read on…

More: the prosperity, the fall and the return of bootkits…

Enter your email address to subscribe to this blog
(Required)

KL: Sweet Sixteen!

Yep, we’ve reached the age of consent folks! No more little 15, just sweet 16 :).

As per tradition, we celebrated our birthday in style – for the 15th time (no typo – see the ‘P.S.’ below). KLers from all over the globe descended on a spot in the countryside to the north of Moscow last Friday – which thankfully was a beautiful sunny day (not like last year’s washout:).

kaspersky-lab-16-barthday-party1Another year, another beer

More: I’ll let the pix do the talking…

Santorini: The ancient civilization time forgot, and a volcano wiped out.

Yia folks!

Fate saw to it that I recently found myself on the island of Santorini for a couple of days, which just so happens to be one of the most interesting and unusual places on the planet, and as such finds itself residing comfortably on my list of the top must-see places in the world.

For anyone hearing of Santorini for the first time, it’s a Greek island in the Aegean Sea, 100 kilometers north of Crete and around 200km southeast from Athens – here!

This was my third time on the island, so by now I know quite a bit about the place – and it’s all rather fascinating… so let me give you the inside story here, so you don’t have to trawl through site after site and still not get the real deal…

So, let’s start with the basics: Santorini is a volcano-island. (Yes, that is no doubt why I’ve just had my third trip there!) Or, to put it more precisely, it’s what remains of a volcanic caldera after it erupted thousands of years ago, plus a new, smaller volcano slowly rising up from the sea which now fills the caldera in the center of the archipelago. The walls of the crater are impressively tall – around 300 meters high and made up of black, grey, white and red volcanic rock. The effect is one of unearthly beauty, like being on another planet. A unique bit of topography.

Then there’s the multicolored beaches – civilized sandy ones (which you need to take a car/quad/motorbike to get to), and wild stony ones (only by boat or foot). There’s also the exquisite Greek food (fresh fish, lots of greens, tzatziki; but if you want steak – best wait till you’re back on the mainland), and multi-starred Metaxa… In short, a Mediterranean paradise :).

santorini3

More: The mystery of Atlantis…

Emulate to exterminate.

First, a bit of rewind/intro…:

100% guaranteed protection doesn’t exist. You probably know that perfectly well by now. Indeed, even the most reliable antivirus sometimes gets bypassed in professional attacks. That’s bad news enough already. What’s even worse news is that inferior antiviruses get bypassed a lot more frequently.

If they want, highly professional criminals can hack into anything; thankfully, such cyber-Moriatys are few and far between. For the most part, cyber-outrages are carried out by common-or-garden programmers who seem to get their right and wrong all mixed up – seduced by greed and thinking they can get away with it (ha!). These chancers usually don’t have sufficient criminal cyber-skills to pull off hacking the most advanced mega-defenses out there, but they are more than capable of getting into computers that are either not protected at all or which have colander-protection installed. And, alas, such comps in the world are twenty a penny.

The basic logic of it all is rather straightforward:

The stronger the protection – the stronger the defenses, obviously. At the same time, the more professional the attack – the stronger the defenses it can break.

Now, with 2.5 billion Internet users potential victims out there, this logic leads to the following economics:

Criminals don’t need to go to all the bother of coming up with super-mega skeleton keys for breaking into super-mega secure vaults (especially when what is often saved in such super-mega secure vaults can be some real creepy/weird/dangerous stuff it’s best not to know about). It’s much simpler – cheaper – to break into something more down-to-earth, like a neighbor’s network, since their defenses are bound to be much, much lighter, and their stashes more realizable.

So you get the picture: for the average hacker, there’s no point going to the trouble of preparing for and carrying out mega-professional attacks. Nor is there much sense in switching their criminal focus from Windows to Mac. It’s much more effective to ‘carpet-bomb’ – affecting as many victims as possible with non-pinpointed attacks that don’t take a lot of hassle or brains to carry out.

The better the protection – the less interesting it is for the bad guys. They won’t bother going to the trouble of breaking it, they’ll just find other – more vulnerable – victims elsewhere.

Now, let me tell you more about a feature that puts cybercrims off attacking particularly your comp, and has them decide to go elsewhere where the feature doesn’t reside. Yep, it’s time for another eye-opening excursion under the hood of our antivirus and to let you know more about how the letter K in your taskbar makes you a big turn-off to the cyber-trespassers – through protection from future threats with emulation.

emulator_alert_en

More: The nearly-perfect testing tube…

Kunst and Redwood.

Howdy all!

I’m not the world’s biggest fan of modern art, it has to be said; and I’m by far the most knowledgeable in this field… despite my regular visits to the Pompidou Center whenever I can fit them in. It’s just never all that clear to me when I stare at some modern kunst piece quite what the artist was depicting – or why. What was he/she trying to express, if anything? Other times – rarely – I do manage to ‘get it’, thankfully!

Djerassi Resident Artist Program Kunst3

I mention modern art as we got to see quite a bit of it just recently. A group of comrades and I found ourselves at the Djerassi Resident Artists Program in California – a real out-of-the-way place in the middle of nowhere where artists can come and stay to inject new vigor into their creativity, be it painting, sculpting, writing, music making or multimedia-ing.

Djerassi Resident Artist Program landscape

More: Modern, classical and natural art – simply, effortlessly pretty…

Two weeks, six hotels, several cows, and two red-eyes.

Privyet everyone – from Moscow!

This last fortnight has been non-stop darting about the globe for me. But now I’m back in pleasantly sunny Moscow and the pace has eased off just a little… which has given me some time to put fingers to keyboard and come up with this short summary of the previous two weeks.

In all, six cities were taken in: Washington, D.C., London, Munich, Tel Aviv, Jerusalem and Barcelona. Six hotels, six flights. Three conferences, seven speeches, dozens of interviews, and loads of very interesting meetings.

The last event was our European Partner Conference in Barcelona – at the stylish and hard-partying W Hotel on the shore of the warm Med with its nice long beach (must say, I’d never experienced the beach in Barca even though I’ve been here an untold number of times). We managed to take a dip in the sea and chill on the beach only after dusk as we had no time during the day. The beach was still in full tourist mode at night though, so the atmosphere was nice and vibrant. Advice: if ever in Barca, don’t miss out the beach.

Barcelona got some gorgeous beachesParty city + party beach = Barca

More: Three curious items…

Jerusalem Formula-1.

Shalom folks!

Last week I found myself in Israel, where a big fuss was being made over an event we were taking active part in: the Jerusalem Formula – Peace Road Show. In LOUD attendance were Scuderia Ferrari and Marussia F-1 racing cars, and also GT Ferrari Challenge, Le Mans prototype and DTM Audi cars. What a din that lot made!

Around 120,000 motorsport fans turned up to see the spectacle over two days. I imagine the labyrinth of streets in the Old City had mostly emptied while the racing was going on… but I didn’t see that so can’t confirm. This is what I saw:

DSC03435

More: the coolest ever opening of a new KL office…

A 3-D printer in a wet Bavaria.

Hallo ihr alle!

In London it was dry and sunny, but not far away in Central Europe they were completely washed out with heavy and persistent rain. And that included Bavaria: gray skies and seemingly endless intermittent precipitation – nothing like what you’d normally expect in June.

We were in Germany – just outside Munich – attending the annual 24 Hours Conference VIP-shindig organized by Deutsche Telekom – in a rather fine ancient chateau. This is a get-together where a very heterogeneous selection of delegates from lots of different countries representing lots of different industries discuss the most burning issues of the day and share their dreams for a better future for all. Like :).

Munich_Germany_24_hours_conference1

Of course, they had me in the room with ‘Security’ written on its large oak door. But while looking for this room we passed quite a few others with interesting ‘themes’ on their doors. One of the most intriguing ones was ‘3-D Printers’. I was more than just a little curious, so poked my head round the door. And lo and behold, there one stood – a 3-D printer – in the flesh!

Basically it’s a cube-shaped frame inside which a secured hose moves about emitting a thin stream of liquid plastic, which slowly builds up… whatever it’s programmed to – well, so long as they’re small plastic knick-knacks. You can see some such knick-knacks next to the printer in the photos:

Munich_Germany_24_hours_conference_3d_printer1

More: What industries would disappear first with the advent of high-quality 3-D printing?…