In the early 2000s I’d get up on stage and prophesize about the cyber-landscape of the future, much as I still do today. Back then I warned that, one day, your fridge will send spam to your microwave, and together they’d DDoS the coffeemaker. No, really.

The audience would raise eyebrows, chuckle, clap, and sometimes follow up with an article on such ‘mad professor’-type utterances. But overall my ‘Cassandra-ism’ was taken as little more than a joke, since the more pressing cyberthreats of the times were deemed worth worrying about more. So much for the ‘mad professor’…

…Just open today’s papers.

Any house these days – no matter how old – can have plenty of ‘smart’ devices in it. Some have just a few (phones, TVs…), others have loads – including IP-cameras, refrigerators, microwave ovens, coffee makers, thermostats, irons, washing machines, tumble dryers, fitness bracelets, and more. Some houses are even being designed these days with smart devices already included in the specs. And all these smart devices connect to the house’s Wi-Fi to help make up the gigantic, autonomous – and very vulnerable – Internet of Things, whose size already outweighs the Traditional Internet which we’ve known so well since the early 90s.

Connecting everything and the kitchen sink to the Internet is done for a reason, of course. Being able to control all your electronic household kit remotely via your smartphone can be convenient (to some folks:). It’s also rather trendy. However, just how this Internet of Things has developed has meant my Cassandra-ism has become a reality.

Source

Read on: The phantom ransomware menace…

The other day, Innopolis – the hi-tech town just outside the city of Kazan, Tatartstan, 800 kilometers directly to the east of Moscow – became a “world center of industrial systems’ cybersecurity”.

I was here early this year marveling at the speed of its development and ambitiousness of its plans, all the while turning over its future prospects in my mind.

First of all, let me get all gushing in singing praises: I take my hat off to the determination and persistence of the local authorities, the assuredness of the partners and sponsors, and also the professionalism of the contractors and everyone else who played a part in making Innopolis a reality.

Innopolis was built from nothing in just three years according to a hi-tech concept for hi-tech companies: here there’s excellent infrastructure for both living and doing business, a special economic zone, university, and an international airport not far away.

The year-round conveniences and also the prices here are so attractive it could make you think about dropping everything and moving to Tatarstan at once! In the winter there’s downhill skiing, in summer there’s the golf course, in fall there’s mushroom picking in the surrounding forest, and all year round there’s fishing on the Volga. A 50m² one-bedroom apartment costs a mere 7000 rubles (~$110) to rent and a two-bedroom apartment costs just 10,000 rubles (~$160), which has a lift going down to the underground parking, which incidentally also costs next to nothing – 1000 rubles per month (~$16). Also: the gym + swimming pool costs just 15,000 rubles a year (~$240)!

Moreover, everything is brand spanking new, shiny, modern, stylish and hi-tech – a far cry from its humble, rural/provincial surroundings.

There’s only one thing that spoils things: Innopolis is surrounded by ugly vacant lots and construction sites. Still – no omelet without the proverbial eggs – and it’s obvious that it’s not going to stay that way forever. It looks like it’ll soon either be built up with more swish residential buildings or just made pretty with landscaping, lawns or something else pleasing to the eye.

So, as you can see, it’s no wonder there’s a long line to get here to live/study/work.

Read on: One Small Step into Giant Industrial Security…

We’ve been ‘saving the world’ for, hmmm, now let me see, a good 19 years already! Actually it’s several years longer than that, but 19 years ago was when we registered KL as a (UK) company.

Alas, ‘saving the world’ once and for all and forever just ain’t possible: cyberthreats are evolving all the time, with the cyber-miscreants behind them forever finding new attack vendors across the digital landscape, meaning that landscape will never be 100% safe. However, hundreds of millions of folks all around the world, on different devices and in different life situations, each day have the possibility to protect their privacy and data, safely use online stores and banking, and protect their kids from digital filth, cyber-perverts and con-artists.

And on our side – the ones doing the protecting – there’s plenty of raison d’être for our experts: each photo rescued from ransomware, every blocked phishing site, each shut down botnet, and every cyber-bandit sentenced to prison: each one = cause for professional satisfaction and pride. It means all the hard work wasn’t for nothing; we really are doing good.

In the struggle against cyber-filth, cyber-perverts and cyber-crooks, we’ve got for you a range continually improved tools.

Read on: Sharper than a Valerian steel sword…

It’s just the way it is: the human being is a lazy creature. If it’s possible not to do something, we don’t do it. However, paradoxically this is a good thing, because laziness is… the engine of progress! What? How so? Well, if a job’s considered too hard or long-winded or complex for humans to do, certain lazy (but conscientious) humans (Homo Laziens?: ) give the job to a machine! In cybersecurity we call it optimization.

Analysis of millions of malicious files and websites every day, developing ‘inoculations’ against future threats, forever improving proactive protection, and solving dozens of other critical tasks – all of that is simply impossible without the use of automation. And machine learning is one of the main concepts used in automation.

Automation has existed in cybersecurity right from the beginning (of cybersecurity itself). I remember, for example, how back in the early 2000s I wrote the code for a robot to analyze incoming malware samples: the robot put the detected files into the corresponding folder of our growing malware collection based on its (the robot’s) verdict regarding its (the file’s!) characteristics. It was hard to imagine – even back then – that I used to do all that manually!

These days however, simply giving robots precise instructions for tasks you want them to do isn’t enough. Instead, instructions for tasks need to be given imprecisely. Yes, really!

For example, ‘Find the human faces on this photograph’. For this you don’t describe how human faces are picked out and how human faces differ from those of dogs. Instead what you do is show the robot several photographs and add: ‘These things here are humans, this is a human face, and these here are dogs; now work the rest out yourself’! And that, in a nutshell, is the ‘freedom of creativity’ that calls itself machine learning.

Image source

Read on: ML + CS = Love…

I think the recent article in the New York Times about the boom in ‘artificial intelligence’ in Silicon Valley made many people think hard about the future of cybersecurity – both the near and distant future.

I reckon questions like these will have been pondered on:

• Where’s the maniacal preoccupation with ‘AI’, which now only exists in the fantasies of futurologists going to lead to?
• How many more billions will investors put into ventures which, at best, will ‘invent’ what was invented decades ago, at worst – will turn out to be nothing more than inflated marketing… dummies?
• What are the real opportunities for the development of machine learning cybersecurity technologies?
• And what will be the role of humans experts in this brave new world?

Sometimes when I hang around with A.I. enthusiasts here in the valley, I feel like an atheist at a convention of evangelicals.

Jerry Kaplan, computer scientist, author, futurist and serial entrepreneur (inc. co-founder of Symantec)

What’s going on now in the field of ‘AI’ resembles a soap bubble. And we all know what happens to soap bubbles eventually if they keep getting blown up by the circus clowns (no pun intended!): they burst.

Now, of course, without bold steps and risky investments a fantastical future will never become a reality. But the problem today is that along with this wave of widespread enthusiasm for ‘AI’ (remember, AI today doesn’t exist; thus the inverted commas), startup-shell-companies have started to appear.

A few start-ups? What’s the big deal, you might ask.

The big deal is that these shell-startups are attracting not millions but billions of dollars in investment – by riding the new wave of euphoria surrounding ‘AI’ machine learning. Thing is, machine learning has been around for decades: it was first defined in 1959, got going in the 70s, flourished in the 90s, and is still flourishing! Fast forward to today and this ‘new’ technology is re-termed ‘artificial intelligence’; it adopts an aura of cutting-edge science; it gets to have the glossiest brochures; it gets to have the most glamorously sophisticated marketing campaigns. And all of that is aimed at the ever-present human weakness for belief in miracles – and in conspiracy theories about so-called ‘traditional’ technologies. And sadly, the cybersecurity field hasn’t escaped this new ‘AI’ bubble…

Read on: Too much AI will kill you…

As always for this ‘column‘, I’ll be giving you a round-up of some of the most eek recent items of cybersecurity news, which might not have made the headlines but which are no less eek for that. And as usual, it’s all mostly bad news. There are still a few reasons to be optimistic though – but only a few. Eek!

Uh-oh Cyber-News Item No. 1: The Future’s Arrived.

A screenshot from Blade Runner

Many authors like to fantasize about how things will be in the future. Often, science fiction writers come up with deep philosophical reflections upon man and his place in the Universe. There’s Russia’s Strugatsky brothers, there’s Philip K. Dick, and there’s Arthur C. Clarke (plus his ‘translator’ to the silver screen Stanley Kubrick), for example. And very often such deep philosophical reflection is rather bleak and scary.

Other times, the reflection is a little less deep and philosophical, but no less likely to one day lead to reality – in fact, oftentimes more so. This is where I make appearances!…

So. Back in the first decade of this century, during my presentations your humble servant liked to tell fun ‘scare’ stories about what could happen in the future. Example: a coffeemaker launches a DDoS attack on the fridge, while the microwave works out the factory PINs of the juicer so it can then show text-adverts on its digital display.

Fast forward less than a decade and such ‘sci-fi’ is coming true…

Read on: Computer worms rising from the dead…

Artificial intelligence… Two words which together conjure up so much wonder and awe in the imagination of programmers, sci-fi fans and perhaps just about anyone with an interest in the fate of the world!

Thanks to man’s best friend the dog R2-D2, the evil Skynet, the fantastical 2001: A Space Odyssey, post-apocalyptical androids dreaming of electric sheep, and maybe also Gary Numan, everyone is pretty well familiar with the concept of artificial intelligence (AI). Yep, books, the big screen, comics, er… mashed potato advertisements – AI is in all of them in a big way. It also features heavily in the marketing materials of recently-appearing and exceptionally-ambitious cybersecurity companies. In fact, there’s probably only one place today where you can’t find it. Thing is, that single place happens to cover practically everything that makes up this world and all the life in it: the not-so-insignificant sphere called ‘real everyday life‘.

Source

It’s common knowledge that since the days of Alan Turing and Norbert Wiener (that is, around the mid-20^th century) computers have come on in leaps and bounds. They learned how (rather, they were taught how) to play chess – and better than humans. They fly planes, now also cars on the roads. They write newspaper articles, catch malware and do tons of other useful – and often not so useful – things. They pass the Turing test to prove possession of intelligent behavior equivalent to a human. However, a chatterbot simulating a 13-year-old capable of nothing else – that is just an algorithm plus a collection of libraries. It is not artificial intelligence. Not convinced? Then I advise you simply look up the definition of AI, then that of an algorithm, and then look at the differences between the two. It’s not rocket computer science.

We are currently witnessing yet another wave of interest in AI across the world. Which number this wave is I’ve lost track of…

Read on: People that don’t know what they’re talking about…

Hi all!

On a bit of a roll here on the survival-of-the-fittest-in-IT theme. Wasn’t planning a trilogy… it just kinda happened. Sort of…

…Sort of, as, well, the specific problem of parasites in the IT Security world I’ll be writing about today has been at the back of my mind for a long time already. This Darwinism talk seemed the perfect opportunity to finally let rip. You’ll see what I mean…

Today folks: parasites. But not those we’re fighting against (the ‘very’ bad guys); those who claim are also fighting the very bad guys (philosophical question: who’s worse?).

The IT industry today is developing at a galloping pace. Just 10-15 years ago its main themes were desktop antiviruses, firewalls and backups; today there’s a mass of new different security solutions, approaches and ideas. Sometimes we manage to stay ahead of the curve; sometimes we have some catch-up to do. And there are other times we fall into a stupor from astonishment – not from new technologies, innovations or fresh ideas, but from the barefaced brazenness and utter unscrupulousness of our colleagues in the security industry.

But first, let me explain how events have been developing.

There’s a very useful service called the VirusTotal multiscanner. It aggregates around 60 antivirus engines, which it uses to scan files and URLs folks send it for malware checking, and then it returns the verdict.

Example: Joe Bloggs finds a suspicious application or office document on a hard drive/USB stick/the Internet. Joe’s own antivirus software doesn’t flag it as containing a malware, but Joe is the paranoid type; he wants to make really sure it’s not infected. So he heads over to the VirusTotal site, which doesn’t have just one antivirus solution like he does, but ~60. It’s free too, so it’s a no brainer. So Joe uploads the file to VirusTotal and gets instant info on what all the different AVs think about it.

First of all, to clarify: both the folks at VirusTotal and those at VirusTotal’s owners Google are firmly on the ‘good guys’ side. They have no connection with parasites whatsoever. VirusTotal is run by a very professional team, which has for years been fulfilling the task at hand extremely effectively. (Still need convincing? How about VirusTotal winning the MVP award last year at the Security Analyst Summit (SAS)?) Today VirusTotal is one of the most important sources of new malware samples and malicious URLs; and also a very cool archeological tool for researching targeted attacks.

Recognizing VirusTotal for enduring contribution to security research #SaveTheWorldMVP #TheSAS2015 pic.twitter.com/lZTjN30Xwg

— J. A. Guerrero-Saade (@juanandres_gs) February 16, 2015

The problem lies with a handful of shady users of the multiscanner who, alas, are becoming more and more unblushingly unabashed in how they conduct themselves.

Read on: Things getting interesting… for wrong reasons

Hi folks!

As promised, herewith, more on the connection between evolution theory and how protection against cyberthreats develops.

To date, what precisely brings about mutations of living organisms is unknown. Some of the more unconventional experts reckon it’s the work of viruses, which intentionally rearrange genes (yep, there’s who really rules the world!). But whatever the case may be, similar mutation processes also occur in IT Security – sometimes with the help of viruses too.

In line with the best traditions of the principle of the struggle for existence, security technologies evolve over time: new categories of products appear, others become extinct, while some products merge with others. Regarding the latter for example, integrity checkers were a major breakthrough in the mid-90s, but nowadays they’re a minor part of endpoint solutions. New market segments and niches appear (for example, Anti-APT) to complement the existing arsenals of protective technologies – this being a normal process of positive symbiosis for good. But all the while nasty parasites crawl out of the woodwork to warm themselves in the sun. C’est la vie – as it’s always been, and there’s nothing you can do about it.

In the struggle for market share in IT Security there regularly appear prophets prophesizing a sudden end to ‘traditional’ technologies and – by happy chance – simultaneous (‘just in time!’) invention of a bullshit product revolutionary panacea (with generous discounts for the first five customers).

But this isn’t something new: any of you remember anti-spyware? In the early 2000s a huge bubble of products to get rid of spyware grew up from nothing. Much BS was fired the consumer’s way about the inability of ‘traditional antivirus’ to cope with this particular problem, but right from the beginning it was all just made up.

But the market has grown used to and tired of such prophets, and these days monetizing ‘panaceas’ requires a lot more investment and snake oil marketing efforts.

Read on: David and Don Draper Against Goliath…

“It is not the strongest of the species that survives but the most adaptable to change.”
– Charles Darwin

It’s been a while since I’ve opined on these here cyber-pages on my favorite topic – the future of IT Security, so here’s making up for that. Get ready for a lot of words – hopefully none too extraneous – on the latest Infosec tech, market and tendencies, with a side dish of assorted facts and reflections. Popcorn at the ready – off we go…

I’ll be writing here about ideal IT Security and how the security industry is evolving towards it (and what’s happening along that evolutionary road towards it), and how all that can be explained with the help of Mr. Darwin’s theory of evolution. How natural selection leads certain species to dominate, while others fall by the wayside – left for the paleontologists in years to come. Oh, and what is symbiosis, and what are parasites.

I’ll start with some definitions…

Almost-Perfection in an Imperfect World.

Perfect protection – 100% security – is impossible. The IT Security industry can and should of course aim for perfection, in the process creating the best-protected systems possible, but each inching nearer 100% costs exponentially more – so much more that the cost of protection winds up being greater than the cost of potential damage from the harshest of scenarios of a successful attack.

Accordingly, it’s logical to give the following definition of realistic (attainable) ideal protection (from the viewpoint of potential victims): Ideal protection is that where the cost to hack our system is greater than the cost of the potential damage that could be caused. Or, looking at it from the other side of the barricades: Ideal protection is that where the cost of a successful attack is greater than the gain attackers would receive.

Of course, there’ll be times when how much an attack may cost doesn’t matter to the attackers; for example, to state-backed cyberwar-mongers. But that doesn’t mean we just give up.

So how do we develop a security system that provides realistic (attainable) ideal (maximum) protection?

Modern defenders vs traditional: think about adversaries not incidents, by @johnlatwc #TheSAS2016 pic.twitter.com/gss5MITuO1

— Eugene Kaspersky (@e_kaspersky) February 8, 2016

Read on: The survival of IT’s fittest…