Okey-dokey – let’s chopper over the Gobi.

And now for more Gobi desert.

The Gobi is a huge desert consisting of several regions. It occupies Mongolia’s southern and south-western territory and a considerable part of central northern China. We only saw a small portion of it in southern Mongolia, but that was more than enough for our first visit. I can’t stress it enough: the Gobi is absolutely magical in gentle summer weather, and I highly recommend that everyone sees it with their own eyes. There are vast, infinite spaces. I want to say it’s where the horizon goes beyond the line of horizon’!

Read on…

Our fan club is a teenager already!

If ever I mention while chatting with someone that Kaspersky has a fan club, I immediately get asked: Why? How come an antivirus company has a fan club? Here are the why’s: because it’s been a long time since we just made antivirus protection; because our company is always actively doing fun and interesting stuff; and because people want to participate in what Kaspersky does even if they’re not employees. And, well, it’s just cool to have one.

All this tomfoolery began, it’s scary to recall, 13 years ago, back when we cranked out version 6, which was praised throughout the computer security industry. Almost daily we posted new builds on the forum, where dozens of volunteers would immediately grab this raw but very promising code, install it, and test how well it worked. I think the main motivator for them to participate was the feeling that the developers (the entire team, without exception, followed the forum) instantly incorporated any feedback from bug reports and feature wish-lists. Users liked that they could have a say in the look, behavior, and fate of a popular software product.

Users still have this power to shape our products even today. Every year, our R&D division tests new versions of our products, which have now become numerous and very diverse — there’s even a dozen mobile apps — and the volunteers from our fan club still participate in this testing process. Fans are interested in tinkering with the latest builds, testing new features, and catching bugs. That’s why they participate in these types of closed beta tests. Well, it’s also cool to have the chance to use new products a few months earlier than the rest of the world! Not that we settle for thanking our friends with mere pats on the back … but more on that below.

Read on…

Enter your email address to subscribe to this blog
(Required)

The King of Volcanos: Krenitsyn volcano, Kuril Islands.

Now we’re done with the northernmost Kuril islands, and it’s time to head south. On the right hand side, we see two islands Antsiferov and Makanrushi. I’ve not heard anything interesting about these two, which is why we pass them by without calling in; perhaps there is something worth seeing that I don’t know about. If anybody knows of something worth seeing on those islands, let me know and I’ll try and visit them next time I’m around this way.

Next on our Kurils route comes sunny Onekotan, a truly remarkable and delightful place! What makes it so special is the Krenitsyn volcano, the most beautiful volcano in the world, positioned at the island’s southern tip. No words or comments can match its beauty… This is the king of all volcanos! A stunning creation. Oh… and there I was trying to steer clear of “words or comments”. Even just looking at these pictures, it takes your breath away… Wow!

Read on…

Cyber-news: nuclear crypto mining.

Hi folks!

The i-news section is back with a bang after the summer holidays. Straightaway there’s some hot industrial cybersecurity news.

In case anybody missed my posts about how I spent this summer, here you go. Meanwhile, how some of the personnel at the South Ukraine Nuclear Power Plant spent their summer was reported in recent crime-related news. Ukraine’s Security Service (SBU) recently terminated cryptocurrency mining at the power plant’s restricted access facilities. This, erm, extra-curricular activity resulted in the leak of top-secret information about the power plant’s physical security. This is not only pretty depressing but also downright scary.

source

According to expert forecasts, the ICS market is set to reach $7 billion by 2024. Attacks on critical infrastructure are increasingly hitting the headlines. The recent Venezuela blackout, for example, immediately looked suspicious to me, and just a couple of days later it was announced that it was caused by a cyberattack.

This July, in collaboration with ARC Advisory Group, we published a lengthy report on the state of things in the industrial cybersecurity sphere. It’s a good read, with lots of interesting stuff in there. Here is a number for you to ponder on: in 2018, 52% of industrial cybersecurity incidents were caused by staff errors, or, in other words, because of the notorious human factor. Behind this number is a whole host of problems, including a shortage of professionals to fill key jobs, a lack of technical awareness among employees, and insufficient cybersecurity budgets. Go ahead and read the report – it’s free :)

Attention all those interested in industrial cybersecurity: you still have a few days (till August 30) to sign up for our annual Kaspersky Industrial Cybersecurity Conference 2019. This year, it’s being held from September 18-20 in Sochi, Russia. There’ll be presentations by over 30 international ICS experts, including yours truly. So, see you soon in sunny Sochi to talk about some serious problems and ways to deal with them!

Full-on Gobi experience!

My summer schedule has whirled into a frantic tornado. It’s only likely to ease up … at the end of October :) It was only 16 days ago that I returned from my trip to the Kurils, Sakhalin, Komandorski and Kamchatka, and since then I’ve been on a round trip to Malaysia, Mongolia and Kazakhstan. And now my suitcase is packed and I’m ready to fly again…

There are still about 5,000 photos “in the pipeline”. It’s scary to think when that backlog may get cleared up, especially considering the very interesting places in my upcoming world travel plans. They’re the kind of places that leave a lingering imprint in your memory – and photos on the internet. However, it’s now time to catch up on some old stuff.

There was one place on the planet that I had long been dreaming of visiting – the Gobi Desert in Mongolia. I’ll add some stories later. For now, I just want to post a selection of some of the very best photos. Here you go!

Endless wilderness…

Read on…

Sunny Severo-Kurilsk.

And here we are again on the northern Kuril island of Paramushir. Most of our group of intrepid tourists spent this sunny summer morning climbing the slopes of the Ebeko volcano in search of adventure and an adrenaline rush, while the others stayed in the town of Severo-Kurilsk at the base of the volcano. Actually, most of those who stayed behind had already jogged struggled to the top last time in the pouring rain. You can also follow that link to read my impressions of the northern Kuril weather and climate. Anyway, for the smaller part of our group that wet and windy climb five years ago was still fresh in the memory, and we decided to stay and enjoy the creature comforts of town life. Here I’ll be sharing their photos, especially as this remarkable town is likely to be too difficult and too expensive to visit for many.

And here you have sunny Severo-Kurilsk:

Read on…

A honeytrap for malware.

I haven’t seen the sixth Mission Impossible movie – and I don’t think I will. I sat through the fifth – in suitably zombified state (returning home on a long-haul flight after a tough week’s business) – but only because one scene in it was shot in our shiny new modern London office. And that was one Mission Impossible installment too many really. Nope – not for me. Slap, bang, smash, crash, pow, wow. Oof. Nah, I prefer something a little more challenging, thought-provoking and just plain interesting. After all, I have precious little time as it is!

I really am giving Tom Cruise and Co. a major dissing here, aren’t I? But hold on. I have to give them their due for at least one scene done really rather well (i.e., thought provoking and plain interesting!). It’s the one where the good guys need to get a bad guy to rat on his bad-guy colleagues, or something like that. So they set up a fake environment in a ‘hospital’ with ‘CNN’ on the ‘TV’ and have ‘CNN’ broadcast a news report about atomic Armageddon. Suitably satisfied his apocalyptic manifesto had been broadcast to the world, the baddie gives up his pals (or was it a login code?) in the deal arranged with his interrogators. Oops. Here’s the clip.

Why do I like this scene so much? Because, actually, it demonstrates really well one of the methods of detecting… unseen-before cyberattacks! There are in fact many such methods – they vary depending on area of application, effectiveness, resource use, and other parameters (I write about them regularly here) – but there is one that always seems to stand out: emulation (about which I’ve also written plenty here before).

Like in the film, the emulator launches the object being investigated in an isolated, artificial environment, which encourages it to reveal its maliciousness.

But there’s one serious downside to such an approach – the very fact that the environment is artificial. The emulator does its best to make that artificial environment as close to a real environment of an operating system, but ever-increasingly smart malware still manages to differentiate it from the real thing, and the emulator observes how the malware has recognized it, so then has to regroup and improve its ’emulation’, and on and on in a never-ending cycle, which regularly opens the window of vulnerability on a protected computer. The fundamental problem is that the functionality of the emulator tries its best to look like a real OS, but never quite does it perfectly to be the spitting image of a real OS.

On the other hand, there’s another solution to the task of behavioral analysis of suspicious objects – analysis… on a real operating system – one on a virtual machine! Well why not? If the emulator never quite fully cracks it, let a real – albeit virtual – machine have a go. It would be the ideal ‘interrogation’ – conducted in a real environment, not an artificial one, but with no real negative consequences.

Read on…

Paramushir: the island of gray ash and silent volcanic hiccups!

The next northern Kuril Island on our expedition was Paramushir. If you look southwest from Kamchatka you can’t miss it – dwarfing, and just to the left of, tiny Atlasova where we were the previous day. It’s more than 100km in length and up to 30km across. The whole of the island’s surface is covered in volcanism both old and new – and very active, with its main volcano having erupted as recently as in 2016. That volcano was Ebeko – whence came the towers of smoke and ash we saw back in 2018 over on Kamchatka while walking along the shore of the Sea of Okhotsk.

To climb up Ebeko on a clear day had been a dream of mine ever since we made it to the top in 2014 in horrendous conditions: cold, wet, windswept, and visibility down to next-to-nothing. But this year – just the opposite: warm, dry, windless, and visibility up to scores of kilometers. Hurray!

First – a bit of factual background on Ebeko. It’s a stratovolcano of a multi-faceted structure with several craters at the very top. In fact, the topology of the volcanic activity is so complex that one of the craters was found to be a separate, independent volcano. Not that that really matters. The main thing was that it was a clear sunny day; that meant one thing – we were off up Ebeko and it was going to be a heavenly experience!

This is where we were headed:

Read on…

Transparency @ Cyberjaya @ Putrajaya @ Malaysia.

Hi folks!

A quick time-out from my Kuril expedition tales, this post is from Malaysia from where I’ve just returned. We were in the country’s new planned city of Putrajaya, which is already the seat of the government after it was transferred there from the overcrowded Kuala Lumpur. Other important state functions are slowly but surely moving over to the new city too.

So what can I say? Two things spring to mind: this place is both very interesting and rather unique. It was founded only in 1995 on a green-field site between Kuala Lumpur and Kuala Lumpur International Airport. The Prime Minister’s office is already here; however, the Parliament, King’s residence and some ministries are still back in Kuala Lumpur.

Read on…