Nota Bene

Costin Raiu, one of our top generals in the war against malware, recently published an interesting post on the ten most significant events in the security field in 2011. I liked it; and the idea of a top-ten; so much so I decided to come up with my own. It mostly matches Costin’s report, but somehow this is a slightly different view. It’s not just regarding the past year – it’s a little broader: tendencies in the security market and about security in general. An “unofficial”, non-hoity-toity view of the important stuff – both that’s with us now, or that will be soon…

And so here’s my top-ten:

1. Hacktivism
2. Militarization of the Internet and Cyber Weapons
3. Social Networks and Politics
4. The Duqu Cyber-Bomb
5. Widely Publicized Hacks and Industrial Espionage
6. Certification Authorities: the Beginning of the End
7. Cybercrime: as Romantic as Sewage
8. Android Malware
9. Mac Malware
10. Intel Taking Over McAfee – Intel-ligent Move or Epic McFail?

Read More: And now in detail…

Howdy all!

A couple of Fridays back our friendly international team plus special guests had our annual Christmas & New Year work do! It wasn’t a Much Ado about Nothing. It was a Much Ado about ROCK! This year our luau took place in a brand spanking new Moscow venue called Kazakova Hall, which opened only in September just off the busy Kutuzovsky Prospekt (getting there turned out to be a bit of a ‘mare – one minus). The place was basically an abandoned factory – a second minus; still, to some I think it was a plus – especially for our foreign employees :)

Anyway, all the rest was one big fat funking plus! The shindig was called “Rock the New Year!” with real bikers, bikes, and Bigfoots supporting the entourage of the rocker party. Around 1500 guests partied the night away, including 200 guests from our regional offices.

See more: The program details and some nice shots!

For quite a while now we’ve had a bit of an annual tradition in the run-up to the New Year festivities – every December we summarize all the security goings-on of the last 12 months, and then prophesize a bit about what’s in store in the coming year. This year we did our roundup and predictions – covering all sorts of, regrettably, frightening stuff – at a press conference in Moscow last Monday. It was a pretty stylish event – with a hospital theme as you can see from the pic below. But I won’t go over all that again here. Here’s the original text used at the press conference, and here’s a link to the pdf summary.

Here, let me outline the main points in our review/prognosis.

More: Internet access from workplace and Internet passportization …

More: The Salt of the Incas’ Earth. . .

Hi everyone!

If you’ve been following these posts for any length of time at all, you’ll have gathered that I travel a lot. A real a lot! So much so that towards the end of the year I even have to put the brakes on a bit and simply say “nyet” to my colleagues who want me here, there and everywhere – otherwise I’d be ejected from the list of proud Russian citizens who pay Russian taxes :) However, at least once a year I indulge myself with a sightseeing-only trip. Yep, no business at all. Well, except for the teambuilding with the guys who help me getting there.

More: More stunning Machu Pictures!

And so I continue with series on some of the lesser-known, fruitiest features to be found in our products. This time I’ll be concentrating on whitelisting – a completely different approach to malware protection, which at the moment is included in KIS, PURE, and the new generation of our corporate products.

So why did I choose this seemingly techie term that could frighten off a respectable non-overly-techie reader from the very beginning?

The answer is quite simple:  in a way whitelisting is pretty much revolutionary for the industry – based on a totally new paradigm, which goes far beyond traditional pattern-based technology. As a result this a great opportunity for the anti-malware industry to be one step ahead in the battle with cyber-criminals, and for you – to be better protected against unknown threats. And in fact whitelisting is not that techie – see for yourself below!

So, what is whitelisting?

A list written in correction fluid? Such a thing may exist, erm, I guess. But no, KL’s whitelisting is something a little different.

More: A technology that brings some fresh air to the anti-malware industry …

– or why have we decided to withdraw from the Business Software Alliance (BSA).

Hi all!

Recently the US blogosphere has become increasingly alarmed by the new Anti-Piracy Act – Stop Online Piracy Act or SOPA. Discussions of the topic are, to put it mildly, quite frank, with comments like: “These idiots are coming for your internet” (read here).

What is SOPA?

It is support for and development of something that is currently very relevant – the protection of intellectual property. Ladies and gentlemen, this really is important! “Thou shalt not steal,” as the Bible says! An author – or more often than not, a team – spends sleepless nights writing a book, composing music, shooting a film, creating software or testing software packages. Doesn’t that deserve a financial reward? Yes or no? Think before you answer – someone could well ask the same question about your profession… So?

More: A vinyl-age law for Internet? …

What is the difference between a nuclear missile and malware?

It’s not a trick question – malware can seize control of a missile, but a missile can’t be used to destroy malware. With the right tools a missile can be diverted by malware, but no amount of firepower can divert rogue software once it is active.

Unlike traditional weaponry, malware can replicate itself ad infinitum. And while a missile can often be controlled in some way, malware tends to attack indiscriminately: nobody knows who it will harm, which corners it will worm its way into. On the inscrutable trajectories of the web, as soon as some black hat launches a malicious program to make some quick cash anything can happen. It’s impossible to calculate what effect it will have, what might be affected by accident and how it could even boomerang back to harm its creators. People tend to make mistakes in everything they do – and writing code, malicious or otherwise, is no exception. There are numerous examples of this kind of “collateral damage” – read my previous post about the fortunes of the Internet .

At least we are now seeing some joint efforts to combat cybercriminals.

The security industry is tightening the screws on them, and the big boys like Microsoft are getting involved. Other different non-commercial and intergovernmental organizations are joining in as well. Governments are beginning to understand that the Internet can be a highway to hell, and are waking up to the need to do something about it. So we are seeing some progress.

However, I’m more concerned about another side of Internet security. The tricks of a cybercriminal will seem trifling compared to a large-scale cyberwar on the web. Yes, you read it correctly – a web cyberwar! This is where things start getting much more complicated and murky.

These are the facts.

More > The military is gradually turning the Internet into one big minefield

Hi everyone,

I’m back again, this time delivering you an experience from Zhuhai, China (literally “Pearl Sea”, 珠海) – one of the seven tracks of the recently launched Intercontinental La Mans Cup series. As luck would have it I was invited to the race on my way to a business meeting (and didn’t regret it one bit!).

Although the Zhuhai race carries the proud Le Mans 24 name, it is more of a cover version of the real thing. It’s not that much of an endurance race – it runs for just six hours – but it still has the same teams, drivers, cars, rules etc. But not quite the same crowds of enthusiastic spectators…yet. Numbers were low, compared with both Le Mans events and with Chinese motorsports in general, but I think it’s only a matter of time before China, as it already has in many other fields, overtakes the established leaders. And this particular event has something else going for it: in Chinese there are plenty of hieroglyphs for “Le Mans” :)

More > 6 hours in 7 pictures (and a link)

Hi everyone,

You won’t believe it, but I’m in Dubai… again!

This time we held our annual European Partner Conference at the Jumeirah Zabeel Saray hotel, on the beach of the iconic Palm Jumeirah. More than 100 partners from all over Europe worked hard for two days – and played hard at Ferrari World in neighboring Abu-Dhabi.

“I was supposed to travel to a small Muslim country, but here I see no less than Manhattan!” said one guy in the party, blinking in amazement. “Dubaihattan,” I corrected him.

More > Dubaihattan views. And sunrise too.