Security analysts of the world – united (remotely)!

The world seems to be slowly opening back up – at least a little, at least in some places. Some countries are even opening up their borders. Who’d have thought it?

Of course, some sectors will open up slower than others, like large-scale events, concerts and conferences (offline ones – where folks turn up to a hotel/conference center). Regarding the latter, our conferences too have been affected by the virus from hell. These have gone from offline to online, and that includes our mega project the Security Analyst Summit (SAS).

This year’s SAS should have taken place this April in one of our favorite (for other K-events) host cities, Barcelona. Every year – apart from this one – it takes place somewhere cool (actually, normally quite hot:); for example, it was in Singapore in 2019, and Cancun, Mexico, in 2018. We’d never put on a SAS in Barcelona though, as we thought it might not be ‘fun’ or ‘exotic’ enough. But given that folks just kept on suggesting the Catalonian city as a venue, well, we finally gave in. Bit today, in May, we still haven’t had a SAS in Barcelona, as of course the offline, planned one there had to be postponed. But in its place we still had our April SAS – only on everyone’s sofa at home online! Extraordinary measures for extraordinary times. Extraordinarily great the event turned out to be too!

But we’re still planning on putting on the offline SAS in Barcelona – only later on, covid permitting. But I’m forever the optimist: I’m sure it will go ahead as planned.

It turns out there are quite few upsides to having a conference online. You don’t have to fly anywhere, and you can view the proceedings all while… in bed if you really want to! The time saved and money saved are really quite significant. I myself watched everything from a quiet corner of the flat (after donning my event t-shirt to get into SAS mode!). There were skeptics, however: an important element of any conference – especially such a friendly, anti-format one like SAS – is the live, human, face-to-face interaction, which will never be replaced by video conferencing.

I was really impressed with how things went. Kicking it off we had more than 3000 folks registered, out of which more than a thousand were actually watching it any one time over the three days – peaking sometimes above 2000. Of course most would have picked and chosen their segments to watch instead of watching it non-stop. The newly introduced training sessions, too, were well attended: around 700 for all of them – a good indicator folks found them interesting.

And for SAS@Home a special program had been prepared – and all in just two weeks! Why? Well, the heart of our conference is hardboiled, hardcore geekfest techy stuff: very detailed investigations and reports from the world’s top cybersecurity experts. But for SAS@Home the audience was to be bigger in number, and broader in audience profile – not just tech-heads; so we experimented – we placed an emphasis on a learning program, not in place of the detailed investigations and reports, but in addition to them.

And we seemed to have gotten the balance just right. There was the story of the Android Trojan PhantomLance in Google Play, which for several years attacked Vietnamese Android users. There were presentations on network security and zero-day vulnerabilities. On the second day there was the extraordinarily curious talk by our GReAT boss, Costin Raiu, about YARA rules, with a mini-investigation about chess as a bonus!

After that there was Denis Makrushkin on bug-hunting and web applications. And on the third day things got really unusual. It’s not every cybersecurity conference where you can hear about nuances of body language; or where – straight after that comes selecting methods of statistical binary analysis! But at SAS – par for the course ).

As per tradition, a huge thanks to everyone who helped put on the show: all the speakers, the organizers, the partners from SecurityWeek, the viewers, the online chatters, and the tweeters. And let’s not forget the flashmob we launched during SAS – quarantunities – dedicated to what folks have been getting up to during lockdown at home, including someone starting to cook every day, someone learning French, and someone else switching from life in the metropolis to that in the countryside.

In all, a great success. Unexpected format, but one that worked, and then some. Now, you’ll no doubt be tiring a little of all the positivity-talk of late about using the crisis and lockdown to one’s advantage. Thing is, in this instance, I can’t do anything but be positive, as it went so unbelievably well! Another thing: ‘We’ve had a meeting, and I’ve decided’ (!) that this online format is here to stay – even after covid!

Finally, one last bit of positivism (really – the last one, honest :). As our experts David Jacoby and Maria Namestnikova both pointed out during the final session, there are other positive things that have come out of quarantining at home: more folks are finding the time to stay fit with home exercise routines; there’s an emphasis being put on physical health generally (less rushing about and grabbing sandwiches and takeaways, etc.); folks are helping each other more; and levels of creativity are on the rise. Indeed, I’ve noticed all those things myself too. Nice. Positive. Eek ).

That’s all from me for today folks. And that’s all from SAS until we finally get to sunny Barcelona. Oh, and don’t forget…: another one for your diary for next year: SAS@home-2021!

PS: Make sure to subscribe – and click the bell for notifications!! – to our YouTube channel: we’ll be putting up there recordings of all sessions gradually. Yesterday the first one was published!…

Security Analyst Summit – start watching tonight – from your sofa!

As many of you will know, every year we organize the mega security conference called Security Analyst Summit in an interesting (at least sunny, often sandy) location. The event is something different for the industry – never dull, never boring, never format-following. We bring together big-name speakers and guests in an exclusive invite-only format to discuss the very latest – loudest – cybersecurity news, investigations, stories, curiosities and so on. No politics! Only professional discussion of cybersecurity – but lightly, relaxed, friendly… awesomely! And we do it so well SAS is becoming one of the most important conferences in the industry. By way of example, here’s my write-up on last year’s event – in Singapore.

Now, this year’s event – our 12th! – should have opened today, April 28, in sunny Barcelona. But of course – for obvious reasons, that’s just not happening (.

However, we felt that to cancel SAS would be giving in; we couldn’t just drop it this year: how would world cybersecurity cope?! Accordingly, we decided to premiere this year’s SAS online; and not only that but… – for free (!), and for everyone and anyone who wants a taste! Soooo – here’s introducing: SAS@Home, and it’s starting later today (11am Eastern; 8am PST, 4pm London, 6pm Moscow), so hurry up and register! More than a thousand folks have already registered, so it looks like the new format isn’t putting people off. We’ll just have to see how this first online SAS goes; maybe in the future we’ll have two running parallel – online and offline!

Here’s a quick overview of the schedule:

Read on…

Flickr photostream

Instagram photostream

K FR = 15!

The celebrations to mark the 15th anniversary of our French office in Paris were lots of fun! But we start this story with a picture of the birthday cake from the 10th anniversary of our French office:

Why? To jog the memory – by going through my archives and photos I recalled all sorts of various stories. Like this hilarious one, which is probably hard to believe now. This is what happened.

It was back in the days when online banking was just getting started and serious cybercrime was only beginning to raise its ugly head; when people still had push-button Nokias and Sony Ericssons in their pockets and plane tickets were printed on paper (long sheets stitched together). It was November 2002, and me and a group of like-minded folks were about to head off to an important event in the Cote d’Azur area of France. It was late afternoon on Friday and we were due to fly on the Monday… Suddenly a letter falls into my box. // When an owl delivers a message it always means unexpected or sudden changes to plans, you know.

The letter contained a proposal for cooperation from the former director of one of our esteemed competitors. It turned out that this competitor of ours had rather blatantly broken their promises and basically dumped their local director who had built up their business in France. And, well, this director was now offering to go down the same path all over again and start a business with us.

It was a bit of a surprise to say the least! Fate doesn’t dish out opportunities like that very often. And we were already heading to France anyway! We absolutely had to meet! But to do so, we had to stay in Paris for an extra day and change our return tickets.

Nowadays you can change planes or hotels as much as you like, whenever you like. But back then it was a very different story because no one worked on weekends. The airline tickets had to be changed physically, not just in the database. Of course, it was all quite doable – you just had to go to an airlines office. And there just happened to be one on the way – we were flying via Paris and then onwards to Nice. And so, sometime in the middle of the day I arrived at the airline’s office on the Champs-Elysées. I got there literally 10-15 minutes before the lunch break(!) – yes, yes, then – and to this day – it was/is customary in France to close for lunch.

Lunch is sacred! Nobody in the office wanted to mess about with customers right before their break. They frowned a bit, but after realizing that I wasn’t going to leave and wait outside, they took my passport, credit card (I had to pay extra), tapped a few buttons on the keyboard and gave me a new ticket. I didn’t look too closely at the ticket (unfortunately), immediately jumped in a taxi and zoomed off to the station, because my Paris-Nice train was already panting and whistling and raring to go.

After that it was all business and press stuff. Oh yeah, I forgot to mention that there were a few of us. For example, my good old travelling buddy D.Z. was with us, and the former director of my company, my namesake N.K., all flew to the event. For some reason (I don’t remember why) we flew together, but then she flew somewhere else, and I went to the coast by train.

We got everything done that we needed to, all the meetings were successful, I was flying home in the morning, and N.K. had some other things to do and decided to take another flight later that day. I arrived at the airport check-in desk and handed over my passport and ticket. The employee at the desk read everything very attentively, then looked up at me and asked in surprise: “Natalya?”

Oops… – I couldn’t help thinking that it wasn’t a coincidence. I called N.K. and her ticket was correct – in her own name. Turns out those Mayan drummers at the Paris office had hurriedly (almost lunchtime!) printed off a ticket for me using N.K.’s name. I was in such a hurry to catch my train that I failed to notice the mistake.

It all ended well though. There was a bit of fussing around, some conferring and they eventually agreed it was their fault – and led me by the hand to the plane with a “dodgy” ticket. I’ve no idea how much fainting and confusion there was in our accounting department when they had to account for two “Natalyas” flying from Paris to Moscow just a few hours apart.

That’s just one of the many stories.

Read on…

Enter your email address to subscribe to this blog

Venice vs. November, floods and a biennale.

What’s that whooshing sound? Ah, it’s me rushing from Cancún to Venice, to attend a business event the next day :)

I got to thinking about my previous visits to Venice and how I usually arrived by car. In fact, I hadn’t flown into Venice airport for about 15 years! This time, they told me I shouldn’t be too surprised about their unusual new arrivals terminal. And it really was unusual – or, at least the parking lot:

That’s right! You can take a boat from Venice airport (which is on the mainland) straight to the islands on which Venice lies.

Read on…

Dear Father Christmas: I’d like a sandbox please!

Hi folks, or should that be – ho, ho, ho, folks? For some have said there is a faint resemblance… but I digress – already!

Of course, Christmas and New Year are upon us. Children have written their letters to Santa with their wish lists and assurances that they’ve been good boys and girls, and Rudolph & Co. are just about ready to do their bit for the logistical miracle that occurs one night toward the end of each year. But it’s not just the usual children’s presents Father Christmas and his reindeer will be delivering this year. They’ll also be giving out something that they’ve long been getting requests for: a new solution for fighting advanced cyberattacks – Kaspersky Sandbox! Let me tell you briefly about it…

Basically it’s all about emulation. You know about emulation, right? I’ve described it quite a few times on these here blog pages before, most recently earlier this year. But, just in case: emulation is a method that encourages threats to reveal themselves: a file is run in a virtual environment that imitates a real computer environment. The behavior of a suspicious file is studied in a ‘sandbox’ with a magnifying glass, Sherlock-style, and upon finding unusual (= dangerous) actions the object is isolated so it does no more harm and so it can be studied more closely.

Analyzing suspicious files in a virtual environment isn’t new technology. We’ve been using it for our internal research and in our large enterprise projects for years (I first wrote about it on this here blog in 2012). But it was always tricky, toilsome work, requiring constant adjustment of the templates of dangerous behaviors, optimization, etc. But we kept on with it, as it was – and still is – so crucial to our work. And this summer, finally, after all these years, we got a patent for the technology of creating the ideal environment for a virtual machine for conducting quick, deep analysis of suspicious objects. And a few months ago I told you here that we learned how to crack this thanks to new technologies.

It was these technologies that helped us launch the sandbox as a separate product, which can now be used direct in the infrastructure of even small companies; moreover, to do so, an organization doesn’t need to have an IT department. The sandbox will carefully and automatically sift the wheat from the chaff – rather, from cyberattacks of all stripes: crypto-malware, zero-day exploits, and all sorts of other maliciousness – and without needing a human analyst!

So who will really find this valuable? First: smaller companies with no IT dept.; second: large companies with many branches in different cities that don’t have their own IT department; third: large companies whose cybersecurity folks are busy with more critical tasks.

To summarize, what the Sandbox does is the following:

  • Speedy processing of suspicious objects;
  • Lowering load on servers;
  • Increasing the speed and effectiveness of reactions to cyberthreats;
  • As a consequence of (i)–(iii) – helping out the bottom line!

So what we have is a useful product safeguarding the digital peace-of-mind of our favorite clients!

PS: And the children who behave and listen to their parents will of course be writing letters to Santa toward the end of 2020, too. Sure, they’ll be getting their usual toys and consoles and gadgets. But they’ll also be getting plenty of brand-new super-duper K-tech too. You have more word for it!…

Yours sincerely,

Father Christmas

Hi Cancun – for the last time!

“Buenos tardes!” said the hospitable Yucatán native. And then, smilingly, ushered us toward a particular line for passport control – which took a full 90 minutes for us to get to the front of!

“Buenos noches!”, we answered, while muttering other phrases under our breath I shouldn’t repeat here. But it got worse: out of a full 30+ passport control windows only six (6!) were working! And it was clear the border control staff wasn’t in any way speeding up its work given this avia-logisitical collapse. But then, it turned out, upon our asking if this was indeed a one-off collapse, that this happens all the time: several flights arrive around the same time all the time. So, like, they’re fully aware of the problem, but do nothing about it! I mean, they should be happy for all the dollars all these (many!) tourists arriving in Mexico every day will be spending, but they treat them with contempt! At one point I thought there could be some kind of revolt and lynchings; indeed a fight did break out in the next line to us (I think with tourists from Canada): someone got punched in the face for jumping the line!

Actually, we love(d) Cancun: since 2011 we’ve put on a full 12 (!) business events here – including the one I’m about to tell you about! Good infrastructure, safe, ocean, beaches, sun, tequila, and venues able to handle 500+ guests for large conferences (like our Security Analyst Summit (SAS), which, incidentally, took place here a full three times, in 2012, 2015 and 2018). And what else do we ask of a destination for our bashes? For all our guests to NEVER have to wait in lines at the airport for hours after a long flight. But this clearly is unattainable. Therefore, accordingly, this is the LAST event of ours in Cancun. Buenos huegos. No, better…: Buenos &!#*%!!

The basic ingredients for the format were present, as per: first work hard – then play hard! But the world is changing, audiences are changing too, and then there are all the geopolitical cataclysms that come in waves – which we sometimes even try to surf ). Accordingly, we made a few changes to the basic format.

Read on

Bonjour, Monsieur President!

Hi folks!

I was in Paris the other week and, though cold and wet and windy, our welcome was the warmest it could have been!

Why were we there? For the Paris Peace Forum, the annual event where folks from governments, business and other organizations come together to discuss and try and come up with ways to make the world better. And one of the hottest topics there, of course, was cybersecurity – and that’s why were extended a very enthusiastic invite. And since we support all kinds of initiatives throughout the world advocating international cooperation so as to create a digital world that’s secure against all cyber-badness, we sent our RSVP back practically tout de suite.

Read on…

3000% growth.

We do reeeaaally interesting work.

We protect users, build a new secure future, and chase cyber-villains the world over. At the same time, the ‘landscape’ is constantly changing, meaning there’s never a single moment we might get bored.

Yes, ‘digital’ these days penetrates even the most unlikely, remote and conservative areas of activity of Homo sapiens, and, alas, the greasy fingers of the computer underground and also the cyber-war-mongers are right there with it up to no good. In the early 2000s, I’d joke up on stages around the world about ‘smart’ [sic] refrigerators one day DDoS’ing coffee machines. Fast forward 15 years, and it’s a reality. So you can see why, in the 30 years I’ve been doing this, I’ve never once been bored ).

Threats are changing – and so is our business. For example, did you know that last year sales of our industrial infrastructure solutions increased by 162%? And total growth of our NON-antivirus segment amounted to 55%? Or that we’re the only major cybersecurity company to create our own specialized operating system based on secure architecture? And that we’re already implementing it with gusto in diverse fields such as the Internet of Things, telecoms and the automotive industry? Or how many interesting projects our Growth Center helped survive their crucial first months of life? For example: our Polys blockchain platform for online voting; protection against drones; and the Verisium IoT system for genuine-product authentication?

But it’s not just our technologies and products that are changing. Our traditional business models are changing too. ‘Box moving’ and retail business are being swallowed up by ‘digital’, enterprise projects are becoming all the more customized (attracting large broad-competency system integrators), and the SMB segment is practically migrating en masse up into the cloud.

And then there’s the cosmic rise of our xSP business – sales of cyber-protection for subscribers of most anything that’s online, be they services of telecoms or internet providers; online banking, insurance, and financial services… even games communities. And this is a very promising market segment, simply because, as per the ancient (!) truism, ‘who owns the traffic owns the customer’. What’s more, customers get a useful service at a special price, the operator takes its margin, and we take our profit. Everybody wins ). So, now do you ‘get’ the title to this post?…

…In six years, our xSP business has grown a full 3000%, and is now worth more than $30 million! That’s around 10% of our global B2C sales! Oh my gross-sales-figures! We work with more than 500 partners around the world on xSP, including such large global and regional operators as Telecom Italia, Orange, Sony Network Communications, Linktel, UOL, and IIJ. What we do is offer a ‘tasty’ margin, gladly make white label versions of our products, integrate them with the automation platforms (for example, CloudBlue (aka – Odin) and the NEC Cloud Brokerage Suite), conduct joint marketing activities, and set up the technical support. But it’s not just a ‘trick’ we use to get more profit: if our technologies and products at bottom weren’t the best in the world – as proven repeatedly, constantly, in independent tests – I’m not sure xSPs would be giving us so much business.

Still on xSPs, just recently we had our Kaspersky xSP Summit in Rome. This is our annual event for partners, and this year we had guests from 32 countries in attendance, including from Brazil, Germany, Italy, Japan, Russia, South Korea and the U.S.A. We summed up the year, chatted, talked about future technologies and products, discussed the prospects for joint projects, brainstormed, and exchanged practical experience. In short – business as usual, plus a recharge of the batteries for the next 12 months up until the next summit.

Read on…

The Black Sea resort of Sochi – the perfect setting for a conference on industrial cybersecurity.

After a spot of globetrotting – Beirut > Tianjin – it was time to head somewhere a bit closer to home: Sochi! Wey-hey – here come a few days working in a resort town. For it was here where we had our recent industrial cyber-event…

Since the temperatures in Moscow were taking their usual descent toward 0°C, it was most pleasant to know I’d still be in a t-shirt-weather-place after Lebanon-China. Woah – mid-20s – perfect! Our connection was in Moscow – Sheremetyevo – and it was damp and dark and +8°C outside – but we didn’t go outside. It was six in the morning, there was no one about, and we were through a tunnel/walkway, past passport control and to Terminal F in no time at all. Nothing like what my regular travel companion, D.Z., recently experienced (hours of waiting, lengthy lines, almost missing his connection onward). But I digress…

Anyway, we get to Sochi. Sun: out. The number of our guests: 320! Where from? – all over the globe! Event? – our Industrial Cybersecurity Conference 2019! (btw – here in Sochi for the second year running; the first one was just perfect, so we figured – let’s repeat it!).

Read on…

Our fan club is a teenager already!

If ever I mention while chatting with someone that Kaspersky has a fan club, I immediately get asked: Why? How come an antivirus company has a fan club? Here are the why’s: because it’s been a long time since we just made antivirus protection; because our company is always actively doing fun and interesting stuff; and because people want to participate in what Kaspersky does even if they’re not employees. And, well, it’s just cool to have one.

All this tomfoolery began, it’s scary to recall, 13 years ago, back when we cranked out version 6, which was praised throughout the computer security industry. Almost daily we posted new builds on the forum, where dozens of volunteers would immediately grab this raw but very promising code, install it, and test how well it worked. I think the main motivator for them to participate was the feeling that the developers (the entire team, without exception, followed the forum) instantly incorporated any feedback from bug reports and feature wish-lists. Users liked that they could have a say in the look, behavior, and fate of a popular software product.

Users still have this power to shape our products even today. Every year, our R&D division tests new versions of our products, which have now become numerous and very diverse — there’s even a dozen mobile apps — and the volunteers from our fan club still participate in this testing process. Fans are interested in tinkering with the latest builds, testing new features, and catching bugs. That’s why they participate in these types of closed beta tests. Well, it’s also cool to have the chance to use new products a few months earlier than the rest of the world! Not that we settle for thanking our friends with mere pats on the back … but more on that below.

Read on…