Bonjour, Monsieur President!

Hi folks!

I was in Paris the other week and, though cold and wet and windy, our welcome was the warmest it could have been!

Why were we there? For the Paris Peace Forum, the annual event where folks from governments, business and other organizations come together to discuss and try and come up with ways to make the world better. And one of the hottest topics there, of course, was cybersecurity – and that’s why were extended a very enthusiastic invite. And since we support all kinds of initiatives throughout the world advocating international cooperation so as to create a digital world that’s secure against all cyber-badness, we sent our RSVP back practically tout de suite.

Read on…

3000% growth.

We do reeeaaally interesting work.

We protect users, build a new secure future, and chase cyber-villains the world over. At the same time, the ‘landscape’ is constantly changing, meaning there’s never a single moment we might get bored.

Yes, ‘digital’ these days penetrates even the most unlikely, remote and conservative areas of activity of Homo sapiens, and, alas, the greasy fingers of the computer underground and also the cyber-war-mongers are right there with it up to no good. In the early 2000s, I’d joke up on stages around the world about ‘smart’ [sic] refrigerators one day DDoS’ing coffee machines. Fast forward 15 years, and it’s a reality. So you can see why, in the 30 years I’ve been doing this, I’ve never once been bored ).

Threats are changing – and so is our business. For example, did you know that last year sales of our industrial infrastructure solutions increased by 162%? And total growth of our NON-antivirus segment amounted to 55%? Or that we’re the only major cybersecurity company to create our own specialized operating system based on secure architecture? And that we’re already implementing it with gusto in diverse fields such as the Internet of Things, telecoms and the automotive industry? Or how many interesting projects our Growth Center helped survive their crucial first months of life? For example: our Polys blockchain platform for online voting; protection against drones; and the Verisium IoT system for genuine-product authentication?

But it’s not just our technologies and products that are changing. Our traditional business models are changing too. ‘Box moving’ and retail business are being swallowed up by ‘digital’, enterprise projects are becoming all the more customized (attracting large broad-competency system integrators), and the SMB segment is practically migrating en masse up into the cloud.

And then there’s the cosmic rise of our xSP business – sales of cyber-protection for subscribers of most anything that’s online, be they services of telecoms or internet providers; online banking, insurance, and financial services… even games communities. And this is a very promising market segment, simply because, as per the ancient (!) truism, ‘who owns the traffic owns the customer’. What’s more, customers get a useful service at a special price, the operator takes its margin, and we take our profit. Everybody wins ). So, now do you ‘get’ the title to this post?…

…In six years, our xSP business has grown a full 3000%, and is now worth more than $30 million! That’s around 10% of our global B2C sales! Oh my gross-sales-figures! We work with more than 500 partners around the world on xSP, including such large global and regional operators as Telecom Italia, Orange, Sony Network Communications, Linktel, UOL, and IIJ. What we do is offer a ‘tasty’ margin, gladly make white label versions of our products, integrate them with the automation platforms (for example, CloudBlue (aka – Odin) and the NEC Cloud Brokerage Suite), conduct joint marketing activities, and set up the technical support. But it’s not just a ‘trick’ we use to get more profit: if our technologies and products at bottom weren’t the best in the world – as proven repeatedly, constantly, in independent tests – I’m not sure xSPs would be giving us so much business.

Still on xSPs, just recently we had our Kaspersky xSP Summit in Rome. This is our annual event for partners, and this year we had guests from 32 countries in attendance, including from Brazil, Germany, Italy, Japan, Russia, South Korea and the U.S.A. We summed up the year, chatted, talked about future technologies and products, discussed the prospects for joint projects, brainstormed, and exchanged practical experience. In short – business as usual, plus a recharge of the batteries for the next 12 months up until the next summit.

Read on…

Flickr photostream

Instagram photostream

The Black Sea resort of Sochi – the perfect setting for a conference on industrial cybersecurity.

After a spot of globetrotting – Beirut > Tianjin – it was time to head somewhere a bit closer to home: Sochi! Wey-hey – here come a few days working in a resort town. For it was here where we had our recent industrial cyber-event…

Since the temperatures in Moscow were taking their usual descent toward 0°C, it was most pleasant to know I’d still be in a t-shirt-weather-place after Lebanon-China. Woah – mid-20s – perfect! Our connection was in Moscow – Sheremetyevo – and it was damp and dark and +8°C outside – but we didn’t go outside. It was six in the morning, there was no one about, and we were through a tunnel/walkway, past passport control and to Terminal F in no time at all. Nothing like what my regular travel companion, D.Z., recently experienced (hours of waiting, lengthy lines, almost missing his connection onward). But I digress…

Anyway, we get to Sochi. Sun: out. The number of our guests: 320! Where from? – all over the globe! Event? – our Industrial Cybersecurity Conference 2019! (btw – here in Sochi for the second year running; the first one was just perfect, so we figured – let’s repeat it!).

Read on…

Enter your email address to subscribe to this blog

Our fan club is a teenager already!

If ever I mention while chatting with someone that Kaspersky has a fan club, I immediately get asked: Why? How come an antivirus company has a fan club? Here are the why’s: because it’s been a long time since we just made antivirus protection; because our company is always actively doing fun and interesting stuff; and because people want to participate in what Kaspersky does even if they’re not employees. And, well, it’s just cool to have one.

All this tomfoolery began, it’s scary to recall, 13 years ago, back when we cranked out version 6, which was praised throughout the computer security industry. Almost daily we posted new builds on the forum, where dozens of volunteers would immediately grab this raw but very promising code, install it, and test how well it worked. I think the main motivator for them to participate was the feeling that the developers (the entire team, without exception, followed the forum) instantly incorporated any feedback from bug reports and feature wish-lists. Users liked that they could have a say in the look, behavior, and fate of a popular software product.

Users still have this power to shape our products even today. Every year, our R&D division tests new versions of our products, which have now become numerous and very diverse — there’s even a dozen mobile apps — and the volunteers from our fan club still participate in this testing process. Fans are interested in tinkering with the latest builds, testing new features, and catching bugs. That’s why they participate in these types of closed beta tests. Well, it’s also cool to have the chance to use new products a few months earlier than the rest of the world! Not that we settle for thanking our friends with mere pats on the back … but more on that below.

Read on…

Transparency @ Cyberjaya @ Putrajaya @ Malaysia.

Hi folks!

A quick time-out from my Kuril expedition tales, this post is from Malaysia from where I’ve just returned. We were in the country’s new planned city of Putrajaya, which is already the seat of the government after it was transferred there from the overcrowded Kuala Lumpur. Other important state functions are slowly but surely moving over to the new city too.

So what can I say? Two things spring to mind: this place is both very interesting and rather unique. It was founded only in 1995 on a green-field site between Kuala Lumpur and Kuala Lumpur International Airport. The Prime Minister’s office is already here; however, the Parliament, King’s residence and some ministries are still back in Kuala Lumpur.

Read on…

Starmus 2019 – stars of the stars.

So, what else did we get up to in Zurich, besides beer-and-bathe by/in the river? We got ourselves to perhaps my fave annual festival – STARMUS, which – oh my galaxy! – is already in its fifth year! Space, universes, stars, black holes; man’s space projects; plus assorted other jaw-dropping reports on scientific research from all over the planet and beyond; plus a traditional mega-music concert of impressive caliber (alas, which we traditionally miss).

Check out some of the speakers at this year’s event:

Read on…

Birthday number 22.

This year we celebrated the company’s 22nd birthday a little earlier than usual (but closer to the official birthday – see here for a brief history lesson). It was earlier because the road beckoned me once again to a very interesting place. But more on that later.

Here and just about everywhere further down, the photos are courtesy of Roman Rudakov.

We worked well over the year (for example, we earned $726 million (+4% on 2017), were number 1 in tests for protection and speed, were twice named as the best cybersecurity solution by Gartner Peer Insights) -> so we pushed the boat out for our birthday, because, well, those who are good at their work are good at everything else they do too :)

Read on…

Me, myself and INTERPOL.

How I would love to just visit Singapore as a tourist! To stay here for a week, wander around the city … But not running, running, gunzo-shigoto-arbeiten, meetings-presentations-more meetings and other work-trabajo-labor and so on in various other languages. Alas, not this time. It was more like this…

You wake up in the morning after the Starmus conference and realize that you can only dream of a bit of peace and quiet. From a sweltering Switzerland we immediately head (you could say without regaining consciousness) east for an equally hot Singapore. That’s where the INTERPOL World 2019 exhibition/conference is being held. It’s an event that brings together representatives of state, non-government and private sectors from INTERPOL member countries.

I talk a lot about the importance of international cooperation between law enforcement agencies and private cybersecurity organizations. Cybercrime knows no geographical boundaries, which is why it’s necessary to act together to fight it. It’s just that there’s a bit of a worldwide problem nowadays with this “together” thing. So, any real, ongoing initiatives aimed at international cooperation are worth their weight in gold! And we’re proud of our many years of work with INTERPOL. Since 2014, we’ve been a strategic partner, signed our first cooperation agreement and supported the opening in Singapore of the Digital Crime Center as part of the special IGCI (INTERPOL Global Complex for Innovation) unit dealing with cybercrime investigations. This center is where the technical side of INTERPOL’s investigations are conducted.

And, so, on July 3 in Singapore, we extended the cooperation agreement with INTERPOL for five years. Good work chaps!

Read on…

Cyber-news from the dark side – ver. SAS-2019.

Hi folks!

Herewith, the next in my series of occasional iNews, aka cyber-news from the dark side updates – this one based on some of the presentations I saw at our annual Security Analyst Summit in Singapore last month.

One of the main features of every SAS is the presentations given by experts. Unlike other geopolitically-correct conferences, here the analysts up on stage share what they’ve discovered regarding any cyberthreat, no matter where it may come from, and they do this based on principle. After all, malware is malware and users need to be protected from all of it, regardless of the declared virtue of the intentions of those behind it. Just remember the boomerang effect.

And if certain media outlets blatantly lie about us in response to this principled position, so be it. And it’s not just our principles they attack – for we practice what we preach: we’re way ahead of the competition when it comes to the numbers of solved cyberespionage operations. And we’re not planning on changing our position in any way to the detriment of our users.

So here are a few synopses of the coolest investigations talked about at SAS by the experts behind them. The most interesting, most shocking, most scary, most OMG…

1. TajMahal

Last year, we uncovered an attack on a diplomatic organization from Central Asia. Of course, that an organization like that is interesting to cybercriminals should come as no surprise. The information systems of embassies, consulates and diplomatic missions have always been of interest to other states and their spy agencies or generally any bad guys with sufficient technical ability and financial wherewithal. Yes, we’ve all read spy novels. But here was something new: here a true ‘TajMahal’ was built for the attacks – an APT platform with a vast number of plugins used (we’ve never seen so many used on one APT platform – by far) for all sorts of attack scenarios using various tools.

The platform consists of two parts: Tokyo and Yokohama. The former is the main backdoor, which also fulfils the function of delivery of the latter malicious program. The latter has very broad functionality: stealing cookies, intercepting documents from the printer queue, recording VoIP calls (including WhatsApp and FaceTime), taking screenshots, and much more. The TajMahal operation has been active now for at least five years. And its complexity would suggest that it’s been built with more than one target in mind; the rest remain for us to find…

Details of this APT-behemoth you can find here.

Read on…

Finally, SAS in Singapore – the venue it couldn’t ignore!

Hi folks!

You’ll no doubt already know – but just in case, here’s me telling you – that each year we put on a mega international cybersecurity conference – SAS (Security Analyst Summit) – every late-winter/early-spring. Well, it’s spring already (though there was snow again last night in Moscow!) once again, so let me tell you about this year’s event… – woah – which is only three weeks away!…

This event is unique in a full three ways:

First, it’s at SAS where both KL’s top experts plus our world-renowned expert-guests report on their latest investigations, newest findings, and most curious other cyber-news.

Second, SAS always avoids the typical / typically boring hotels or conference centers in world capitals, instead always opting for totally non-boring exotic resort venues with lots of sun, sea, sand, surf, sangria… Singapore Slings, etc.

Third, there’s always one thing that can be counted on every year at SAS – the event is overflowing with fun, despite the seriousness of the cybersecurity theme!

SAS-2018 (Cancun)

It’s fair to say that SAS is best-known for the hot – often sensational – investigative reports shared at the event. Sometimes some folks don’t like this: they think we select findings based on geography or on possible attribution, or they’d prefer if we didn’t publicize such scandalous and potentially embarrassing findings (indicating probable government financing, cyber-espionage, cyber-sabotage, etc.) and should just sweep them under the rug instead. Er, nope. That’s not going to happen. Just in case you missed the memo: we share details of any cybercrime we find. Where it may originate from or what language it may speak: it doesn’t matter. Publicizing details of large cyber-incidents and targeted attacks is the only way to make the cyberworld – and that means the world itself – safer. It’s for this reason that SAS was the platform used to divulge findings on ‘Stuxnet’s cousin’ Duqu (which secretly collected information on European industrial systems), Red October (a cyber-spy carrying out espionage on diplomatic missions in Europe, the U.S., and former Soviet republics), and OlympicDestroyer (a sophisticated APT that attempted to sabotage the Olympic Games in South Korea in 2018). And I know that this year’s SAS won’t be any different: cyber-buzz causing a huge stir – coming right up!…

SAS-2016 (Tenerife)

SAS has been put on in Croatia, Cyprus, Malaga, Cancun, Tenerife, Puerto Rico, the Dominican Republic and Saint Martin (i.e., including some repeats at our fave venues).

This year, seeing that SAS is all grown-up (this will be the 11th event), we thought a few organizational adjustments might be appropriate, and here they are:

First, this year SAS will be put on… in a metropolis! But it’s not your dull city in any way: it’s still beside the seaside and it happens to be a ‘garden city’, no less . Yep, this year it’ll be in Singapore folks. Yeh! I’m very happy about that. I have a more than just a soft-spot for Singapore ).

Second, we’ve decided to open up SAS to a wider audience than usual. Normally it’s an invite-only, exclusive world-cyber-expert get-together. This time though – in line with our transparency drive – we’re making part of the conference open to anybody who may wish to participate. And we call it SAS Unplugged. Like MTV Unplugged – only SAS ).

Presentations, training sessions, workshops from leading experts – all included. So students, cybersecurity rookies, in fact – cybersecurity old-hands too – anyone who has a great interest in fighting cyberbaddies – get registering! And be quick about it – already some of the training sessions are fully booked up.

PS: I’ve been permitted to give you a teaser about one of the confirmed presentations. It’s by one of our own experts, Sergey Lozhkin, and it’s for sure going to be a corker. Curiously, it’s about one of the oldest forms of cybercrime, but old doesn’t mean irrelevant. Just the opposite. For the crooks engaging in it today are earning billions of dollars a year from it! What is it? Financial fraud, plain and simple – actually, not so simple, as Sergey will tell us. He’ll also tell us how it has evolved over the years, what digital identity theft is, how much a digital identity costs on the Darknet, what a ‘carder’ is, and more…

PPS: I can’t wait. I enjoyed last year’s SAS ever so much. So here’s looking forward to an even better SAS this year!

Welcome to SAS-2019!…