We’ve a tradition at K of every year going to the banya with friends organizing a conference to which we invite our favorite and most valued partners and industry colleagues. It’s a global event to which folks fly in from literally all over the world – from the Americas to Australia (unlike our smaler scale regional and functional conferences).

The tradition started way back in 1999 (a year I reviewed not long ago), and it had a good long run of 10 years until, in 2009, we split it up into smaller, bite-sized, regional conferences, since the global get-together was getting just too big. Thus were born separate conferences for: the Americas, Europe, the Middle East and Africa, Asia-Australia, and Russia and neighboring states.

Back to the global conference – the first one was held in Moscow. The following year – in St. Petersburg, next – Cyprus, then Barcelona, Malta, and on and on in other coastal towns around the Mediterranean. Then appetites grew and took us to Caribbean islands, Rio de Janeiro and more exoticnesses. For more on these and other global gatherings – go here.

Several years afteAnd f the global conference was split up into regional ones, we kinda a missed it; so the obvious happened – we brought it back! (while keeping the regionally-focused ones too). For the reinstated biggies, we decided to have the world’s largest country as the theme and backdrop (well, why not?!). In 2017 it was in Moscow (where, as mentioned, the very first global partner conference was held in 1999 – what goes around comes around:); in 2018 – St. Petersburg; and in 2019 – Sochi. Curiously, 20 years ago these venue-cities simply wouldn’t have been able to host such large events; today – easily, and I’d recommend them to anyone.

Which brings us to this year…

Usually our traditional global partner conferences gather around 100-150 distributors and global partners – in-person. This year we were planning on (as is also a tradition!) spreading our wings a bit: to have it at the motorsport racetrack in Valencia. Alas – 2020 being… 2020, put paid to that! Still, tiresome, bothersome ubiquitous quarantine – it’s no reason not to have our global bash. We simply adjusted it: offline > online, rather – a hybrid of the two (yes, we do keep up with the times:). The original plan was for ~100 guests from 35 countries. In the end? 1800 from around 150 countries! // “Don’t underestimate the power of the global online event, Luke” :)

On the agenda for this hybrid global conference: my cyber-immunity concept; how the world is moving from the era of plastic to the cyber-era; our partner and product ecosystem; how our business has withstood the corona storm; and traditional reviews and forecasts from the cyber-ninjas in GReAT regarding the threat landscape.

Read on…

Just when things were starting to look up, it seems there’s a second wave of that ******* (censored) virus washing over the world. In Moscow the Mayor is gently (for now) pushing businesses to have their workers stay at home, schools are preparing for Zoombie Zoom lessons again, and our HQ is still practically empty (especially R&D). So it looks like we’ll rarely be going out, and when we do – carrying on donning the masks and gloves, maintaining the social distancing, and fist-bumping nodding our greetings, at least during the fall and the winter. Hmmm: which is best – corona during summer, or winter? That’s a tricky one. But I’d best not dwell: it hardly helps ).

‘One day, we’ll look back on 2020, and hardly believe it happened!’ Probably. Hopefully. Surely?…

We’ll be stunned by how it put the whole world swiftly ‘on its ass’, and all the awful effects it had on humanity. However, here, today – since I’m always one to see the glass as half-full rather than half-empty – I’m going to concentrate on some of the positive that’s coming out of the corona pandemic – at least from the point of view of a company like ours. There are the new skills and new capabilities we’ve had to forge while working from home and given closed borders while being a global company. For seven months already no one’s been flying hardly anywhere. Our offices are mostly empty. And we haven’t been having our conferences and dinners and fun with our partners and customers. But still the business is getting done – and done so well in fact that targets are being exceeded! So, like, how? Here’s how…

1. R&D. Practically everyone’s working from home! And working better than before – if judging by (i) the increased speed of the introduction of new functionality in our products; (ii) the increased speed of reworking code; and (iii) the efficiency of our development having grown by 15%. Woah! Keep a look out for announcements of our new products, especially the enterprise and industrial control systems ones. Some K-folks (not many) are back in the office, mostly because as yet the ‘digital economy’ isn’t quite fully digital yet: many a manual signature is still needed on many a form and other bit of paper, alas. Otherwise they’d all be ‘at the dacha’ too!

2. GReAT and Threat Research experts are all working remotely, enabled by our AI humachine intelligence, which automatically catches 99.999% of our daily malware haul; i.e., a huge bunch of suspicious files that we receive from all sorts of different sources, but mostly from our cloud-based KSN; therefore, a huge thanks to all our users who are plugged into our cloud! With your help we’re shoulder to shoulder with our users creating bulletproof cyber-protection from all breeds of modern-day cyber-weaponry. What’s more, we’re doing so constantly, automatically, and online.

Btw: every day our haul amounts to literally millions of files (all different kinds, including much garbage), from which we pick out around 400,000 (four hundred thousand!) new maliciousnesses daily. Like – every day! Like, even today! And given the bio-virus quarantine conditions all around the world, it’s a good job we do catch them since most of us much are spending a lot more time online than a year ago.

3. Interaction with partners and customers. This is the most interesting. With unabashed pride in our company and our K-team, I can announce: we were able to turn the difficulties of today’s coronavirus period to good use and in our favor! We didn’t simply learn how to work effectively with our partners and customers online, but we managed to do that work even better than before! So, we don’t only save the world from cyber-pandemics, we also turn evil into good ).

These days we now do practically everything online: meetings, discussions, learning, presentations – and even remote installation and servicing of our products, including our industrial line. I’d say here that we really have shone here, or as, Tina Turner once sang, we’re ‘simply the best’, but I won’t: don’t want to jinx our ongoing online mega-successes! And as a practical example of our mega online-ism I want to tell you about our annual conference for resellers from Russia and FSU Russian-speaking countries.

// Brief nostalgia: our very first conference for Russian resellers was held way back in 2007, not far from Moscow. Since then they (the conferences!) have ‘spread their wings’ somewhat, having taken place in: Montenegro, Jordan, Georgia, Turkey, the UAE, Oman… They’ve always been great, and always been in fun, hot locations. Now, of course, such sunny locations abroad are mostly out of the question. So we decided this time to have the event in Moscow, and make it a ‘hybrid’ online-offline conference (similar to the one we had in September in Sochi).

Here’s the recipe for preparing for a business show (in this case – for our resellers, but it can be used for other conference-shows) in COVID-19-era conditions. Ingredients:

• A minimum of physically-present participants;
• Maximum information;
• Teamwork;
• A professional technical (filming, etc.) team for online broadcasting;
• Midori Kuma!

Objectives:

• Bring to the event as many professional audience members and participants as possible, including an online audience;
• Deliver the message that the remote work due to the coronavirus didn’t have a negative impact on the business, it’s rather made us learn how to operate under new conditions and we’ve managed to increase the effectiveness;
• Engage our partner-resellers with something new and helpful that can help them (a) develop their own business, and (b) give their customers better quality services. Basically – a ‘talk-show’ for a mass audience.

So there you have it: the recipe for success. Wait. Something’s missing. Ah yes. Photos!…

Read on…

A few days ago, a momentous, landmark event took place. It was in a seaside city – a ‘regular’ one, where it gets dark of a night (unlike others I can think of:) ->

The momentous event was – drum roll, cymbal…….. our first post-quarantine conference! In sunny ~Sochi!

And here’s my first post-quarantine event badge! ->

https://instagram.com/p/CE2Co5NF3Xv

Read on…

The world seems to be slowly opening back up – at least a little, at least in some places. Some countries are even opening up their borders. Who’d have thought it?

Of course, some sectors will open up slower than others, like large-scale events, concerts and conferences (offline ones – where folks turn up to a hotel/conference center). Regarding the latter, our conferences too have been affected by the virus from hell. These have gone from offline to online, and that includes our mega project the Security Analyst Summit (SAS).

This year’s SAS should have taken place this April in one of our favorite (for other K-events) host cities, Barcelona. Every year – apart from this one – it takes place somewhere cool (actually, normally quite hot:); for example, it was in Singapore in 2019, and Cancun, Mexico, in 2018. We’d never put on a SAS in Barcelona though, as we thought it might not be ‘fun’ or ‘exotic’ enough. But given that folks just kept on suggesting the Catalonian city as a venue, well, we finally gave in. Bit today, in May, we still haven’t had a SAS in Barcelona, as of course the offline, planned one there had to be postponed. But in its place we still had our April SAS – only on everyone’s sofa at home online! Extraordinary measures for extraordinary times. Extraordinarily great the event turned out to be too!

But we’re still planning on putting on the offline SAS in Barcelona – only later on, covid permitting. But I’m forever the optimist: I’m sure it will go ahead as planned.

It turns out there are quite few upsides to having a conference online. You don’t have to fly anywhere, and you can view the proceedings all while… in bed if you really want to! The time saved and money saved are really quite significant. I myself watched everything from a quiet corner of the flat (after donning my event t-shirt to get into SAS mode!). There were skeptics, however: an important element of any conference – especially such a friendly, anti-format one like SAS – is the live, human, face-to-face interaction, which will never be replaced by video conferencing.

I was really impressed with how things went. Kicking it off we had more than 3000 folks registered, out of which more than a thousand were actually watching it any one time over the three days – peaking sometimes above 2000. Of course most would have picked and chosen their segments to watch instead of watching it non-stop. The newly introduced training sessions, too, were well attended: around 700 for all of them – a good indicator folks found them interesting.

And for SAS@Home a special program had been prepared – and all in just two weeks! Why? Well, the heart of our conference is hardboiled, hardcore geekfest techy stuff: very detailed investigations and reports from the world’s top cybersecurity experts. But for SAS@Home the audience was to be bigger in number, and broader in audience profile – not just tech-heads; so we experimented – we placed an emphasis on a learning program, not in place of the detailed investigations and reports, but in addition to them.

And we seemed to have gotten the balance just right. There was the story of the Android Trojan PhantomLance in Google Play, which for several years attacked Vietnamese Android users. There were presentations on network security and zero-day vulnerabilities. On the second day there was the extraordinarily curious talk by our GReAT boss, Costin Raiu, about YARA rules, with a mini-investigation about chess as a bonus!

After that there was Denis Makrushkin on bug-hunting and web applications. And on the third day things got really unusual. It’s not every cybersecurity conference where you can hear about nuances of body language; or where – straight after that comes selecting methods of statistical binary analysis! But at SAS – par for the course ).

As per tradition, a huge thanks to everyone who helped put on the show: all the speakers, the organizers, the partners from SecurityWeek, the viewers, the online chatters, and the tweeters. And let’s not forget the flashmob we launched during SAS – quarantunities – dedicated to what folks have been getting up to during lockdown at home, including someone starting to cook every day, someone learning French, and someone else switching from life in the metropolis to that in the countryside.

In all, a great success. Unexpected format, but one that worked, and then some. Now, you’ll no doubt be tiring a little of all the positivity-talk of late about using the crisis and lockdown to one’s advantage. Thing is, in this instance, I can’t do anything but be positive, as it went so unbelievably well! Another thing: ‘We’ve had a meeting, and I’ve decided’ (!) that this online format is here to stay – even after covid!

Finally, one last bit of positivism (really – the last one, honest :). As our experts David Jacoby and Maria Namestnikova both pointed out during the final session, there are other positive things that have come out of quarantining at home: more folks are finding the time to stay fit with home exercise routines; there’s an emphasis being put on physical health generally (less rushing about and grabbing sandwiches and takeaways, etc.); folks are helping each other more; and levels of creativity are on the rise. Indeed, I’ve noticed all those things myself too. Nice. Positive. Eek ).

That’s all from me for today folks. And that’s all from SAS until we finally get to sunny Barcelona. Oh, and don’t forget…: another one for your diary for next year: SAS@home-2021!

PS: Make sure to subscribe – and click the bell for notifications!! – to our YouTube channel: we’ll be putting up there recordings of all sessions gradually. Yesterday the first one was published!…

As many of you will know, every year we organize the mega security conference called Security Analyst Summit in an interesting (at least sunny, often sandy) location. The event is something different for the industry – never dull, never boring, never format-following. We bring together big-name speakers and guests in an exclusive invite-only format to discuss the very latest – loudest – cybersecurity news, investigations, stories, curiosities and so on. No politics! Only professional discussion of cybersecurity – but lightly, relaxed, friendly… awesomely! And we do it so well SAS is becoming one of the most important conferences in the industry. By way of example, here’s my write-up on last year’s event – in Singapore.

Now, this year’s event – our 12^th! – should have opened today, April 28, in sunny Barcelona. But of course – for obvious reasons, that’s just not happening (.

However, we felt that to cancel SAS would be giving in; we couldn’t just drop it this year: how would world cybersecurity cope?! Accordingly, we decided to premiere this year’s SAS online; and not only that but… – for free (!), and for everyone and anyone who wants a taste! Soooo – here’s introducing: SAS@Home, and it’s starting later today (11am Eastern; 8am PST, 4pm London, 6pm Moscow), so hurry up and register! More than a thousand folks have already registered, so it looks like the new format isn’t putting people off. We’ll just have to see how this first online SAS goes; maybe in the future we’ll have two running parallel – online and offline!

Here’s a quick overview of the schedule:

Read on…

The celebrations to mark the 15th anniversary of our French office in Paris were lots of fun! But we start this story with a picture of the birthday cake from the 10th anniversary of our French office:

Why? To jog the memory – by going through my archives and photos I recalled all sorts of various stories. Like this hilarious one, which is probably hard to believe now. This is what happened.

It was back in the days when online banking was just getting started and serious cybercrime was only beginning to raise its ugly head; when people still had push-button Nokias and Sony Ericssons in their pockets and plane tickets were printed on paper (long sheets stitched together). It was November 2002, and me and a group of like-minded folks were about to head off to an important event in the Cote d’Azur area of France. It was late afternoon on Friday and we were due to fly on the Monday… Suddenly a letter falls into my box. // When an owl delivers a message it always means unexpected or sudden changes to plans, you know.

The letter contained a proposal for cooperation from the former director of one of our esteemed competitors. It turned out that this competitor of ours had rather blatantly broken their promises and basically dumped their local director who had built up their business in France. And, well, this director was now offering to go down the same path all over again and start a business with us.

It was a bit of a surprise to say the least! Fate doesn’t dish out opportunities like that very often. And we were already heading to France anyway! We absolutely had to meet! But to do so, we had to stay in Paris for an extra day and change our return tickets.

Nowadays you can change planes or hotels as much as you like, whenever you like. But back then it was a very different story because no one worked on weekends. The airline tickets had to be changed physically, not just in the database. Of course, it was all quite doable – you just had to go to an airlines office. And there just happened to be one on the way – we were flying via Paris and then onwards to Nice. And so, sometime in the middle of the day I arrived at the airline’s office on the Champs-Elysées. I got there literally 10-15 minutes before the lunch break(!) – yes, yes, then – and to this day – it was/is customary in France to close for lunch.

Lunch is sacred! Nobody in the office wanted to mess about with customers right before their break. They frowned a bit, but after realizing that I wasn’t going to leave and wait outside, they took my passport, credit card (I had to pay extra), tapped a few buttons on the keyboard and gave me a new ticket. I didn’t look too closely at the ticket (unfortunately), immediately jumped in a taxi and zoomed off to the station, because my Paris-Nice train was already panting and whistling and raring to go.

After that it was all business and press stuff. Oh yeah, I forgot to mention that there were a few of us. For example, my good old travelling buddy D.Z. was with us, and the former director of my company, my namesake N.K., all flew to the event. For some reason (I don’t remember why) we flew together, but then she flew somewhere else, and I went to the coast by train.

We got everything done that we needed to, all the meetings were successful, I was flying home in the morning, and N.K. had some other things to do and decided to take another flight later that day. I arrived at the airport check-in desk and handed over my passport and ticket. The employee at the desk read everything very attentively, then looked up at me and asked in surprise: “Natalya?”

Oops… – I couldn’t help thinking that it wasn’t a coincidence. I called N.K. and her ticket was correct – in her own name. Turns out those Mayan drummers at the Paris office had hurriedly (almost lunchtime!) printed off a ticket for me using N.K.’s name. I was in such a hurry to catch my train that I failed to notice the mistake.

It all ended well though. There was a bit of fussing around, some conferring and they eventually agreed it was their fault – and led me by the hand to the plane with a “dodgy” ticket. I’ve no idea how much fainting and confusion there was in our accounting department when they had to account for two “Natalyas” flying from Paris to Moscow just a few hours apart.

That’s just one of the many stories.

Read on…

What’s that whooshing sound? Ah, it’s me rushing from Cancún to Venice, to attend a business event the next day :)

I got to thinking about my previous visits to Venice and how I usually arrived by car. In fact, I hadn’t flown into Venice airport for about 15 years! This time, they told me I shouldn’t be too surprised about their unusual new arrivals terminal. And it really was unusual – or, at least the parking lot:

That’s right! You can take a boat from Venice airport (which is on the mainland) straight to the islands on which Venice lies.

Read on…

Hi folks, or should that be – ho, ho, ho, folks? For some have said there is a faint resemblance… but I digress – already!

Of course, Christmas and New Year are upon us. Children have written their letters to Santa with their wish lists and assurances that they’ve been good boys and girls, and Rudolph & Co. are just about ready to do their bit for the logistical miracle that occurs one night toward the end of each year. But it’s not just the usual children’s presents Father Christmas and his reindeer will be delivering this year. They’ll also be giving out something that they’ve long been getting requests for: a new solution for fighting advanced cyberattacks – Kaspersky Sandbox! Let me tell you briefly about it…

Basically it’s all about emulation. You know about emulation, right? I’ve described it quite a few times on these here blog pages before, most recently earlier this year. But, just in case: emulation is a method that encourages threats to reveal themselves: a file is run in a virtual environment that imitates a real computer environment. The behavior of a suspicious file is studied in a ‘sandbox’ with a magnifying glass, Sherlock-style, and upon finding unusual (= dangerous) actions the object is isolated so it does no more harm and so it can be studied more closely.

Analyzing suspicious files in a virtual environment isn’t new technology. We’ve been using it for our internal research and in our large enterprise projects for years (I first wrote about it on this here blog in 2012). But it was always tricky, toilsome work, requiring constant adjustment of the templates of dangerous behaviors, optimization, etc. But we kept on with it, as it was – and still is – so crucial to our work. And this summer, finally, after all these years, we got a patent for the technology of creating the ideal environment for a virtual machine for conducting quick, deep analysis of suspicious objects. And a few months ago I told you here that we learned how to crack this thanks to new technologies.

It was these technologies that helped us launch the sandbox as a separate product, which can now be used direct in the infrastructure of even small companies; moreover, to do so, an organization doesn’t need to have an IT department. The sandbox will carefully and automatically sift the wheat from the chaff – rather, from cyberattacks of all stripes: crypto-malware, zero-day exploits, and all sorts of other maliciousness – and without needing a human analyst!

So who will really find this valuable? First: smaller companies with no IT dept.; second: large companies with many branches in different cities that don’t have their own IT department; third: large companies whose cybersecurity folks are busy with more critical tasks.

To summarize, what the Sandbox does is the following:

• Speedy processing of suspicious objects;
• Lowering load on servers;
• Increasing the speed and effectiveness of reactions to cyberthreats;
• As a consequence of (i)–(iii) – helping out the bottom line!

So what we have is a useful product safeguarding the digital peace-of-mind of our favorite clients!

PS: And the children who behave and listen to their parents will of course be writing letters to Santa toward the end of 2020, too. Sure, they’ll be getting their usual toys and consoles and gadgets. But they’ll also be getting plenty of brand-new super-duper K-tech too. You have more word for it!…

Yours sincerely,

Father Christmas

“Buenos tardes!” said the hospitable Yucatán native. And then, smilingly, ushered us toward a particular line for passport control – which took a full 90 minutes for us to get to the front of!

“Buenos noches!”, we answered, while muttering other phrases under our breath I shouldn’t repeat here. But it got worse: out of a full 30+ passport control windows only six (6!) were working! And it was clear the border control staff wasn’t in any way speeding up its work given this avia-logisitical collapse. But then, it turned out, upon our asking if this was indeed a one-off collapse, that this happens all the time: several flights arrive around the same time all the time. So, like, they’re fully aware of the problem, but do nothing about it! I mean, they should be happy for all the dollars all these (many!) tourists arriving in Mexico every day will be spending, but they treat them with contempt! At one point I thought there could be some kind of revolt and lynchings; indeed a fight did break out in the next line to us (I think with tourists from Canada): someone got punched in the face for jumping the line!

Actually, we love(d) Cancun: since 2011 we’ve put on a full 12 (!) business events here – including the one I’m about to tell you about! Good infrastructure, safe, ocean, beaches, sun, tequila, and venues able to handle 500+ guests for large conferences (like our Security Analyst Summit (SAS), which, incidentally, took place here a full three times, in 2012, 2015 and 2018). And what else do we ask of a destination for our bashes? For all our guests to NEVER have to wait in lines at the airport for hours after a long flight. But this clearly is unattainable. Therefore, accordingly, this is the LAST event of ours in Cancun. Buenos huegos. No, better…: Buenos &!#*%!!

The basic ingredients for the format were present, as per: first work hard – then play hard! But the world is changing, audiences are changing too, and then there are all the geopolitical cataclysms that come in waves – which we sometimes even try to surf ). Accordingly, we made a few changes to the basic format.

Read on

Hi folks!

I was in Paris the other week and, though cold and wet and windy, our welcome was the warmest it could have been!

https://www.instagram.com/p/B4w0CzfgVYo/

Why were we there? For the Paris Peace Forum, the annual event where folks from governments, business and other organizations come together to discuss and try and come up with ways to make the world better. And one of the hottest topics there, of course, was cybersecurity – and that’s why were extended a very enthusiastic invite. And since we support all kinds of initiatives throughout the world advocating international cooperation so as to create a digital world that’s secure against all cyber-badness, we sent our RSVP back practically tout de suite.

Read on…