Nota Bene

Hi folks!

As promised, herewith, more on the connection between evolution theory and how protection against cyberthreats develops.

To date, what precisely brings about mutations of living organisms is unknown. Some of the more unconventional experts reckon it’s the work of viruses, which intentionally rearrange genes (yep, there’s who really rules the world!). But whatever the case may be, similar mutation processes also occur in IT Security – sometimes with the help of viruses too.

In line with the best traditions of the principle of the struggle for existence, security technologies evolve over time: new categories of products appear, others become extinct, while some products merge with others. Regarding the latter for example, integrity checkers were a major breakthrough in the mid-90s, but nowadays they’re a minor part of endpoint solutions. New market segments and niches appear (for example, Anti-APT) to complement the existing arsenals of protective technologies – this being a normal process of positive symbiosis for good. But all the while nasty parasites crawl out of the woodwork to warm themselves in the sun. C’est la vie – as it’s always been, and there’s nothing you can do about it.

In the struggle for market share in IT Security there regularly appear prophets prophesizing a sudden end to ‘traditional’ technologies and – by happy chance – simultaneous (‘just in time!’) invention of a bullshit product revolutionary panacea (with generous discounts for the first five customers).

But this isn’t something new: any of you remember anti-spyware? In the early 2000s a huge bubble of products to get rid of spyware grew up from nothing. Much BS was fired the consumer’s way about the inability of ‘traditional antivirus’ to cope with this particular problem, but right from the beginning it was all just made up.

But the market has grown used to and tired of such prophets, and these days monetizing ‘panaceas’ requires a lot more investment and snake oil marketing efforts.

Read on: David and Don Draper Against Goliath…

Quite a flight the other day night for us – 11 hours up in the air!

Looking at the flightpath got me thinking… I wonder why our trajectory was so straight. If we were to fly via southern Siberia it would have been shorter, thus quicker – probably by around two hours. Is it that Turkish Airlines don’t want to pay the Russian overflight fees? Or is it geopolitical? These musings led to further questions on this topic:

1. On the Seoul–Istanbul route how many kilometers would you save if you were to fly in a northerly arc, and how many minutes or hours would you save?
2. How much would the fee be for a Boeing 777 to cross Russia from the border with northeastern Mongolia and Novorossiysk (on the opposite side of the Black Sea to Turkey)?
3. Or is it all geopolitical based on ‘principle’?

Anyone know the answers?

Read on: Anyway, what does it matter really?…

“It is not the strongest of the species that survives but the most adaptable to change.”
– Charles Darwin

It’s been a while since I’ve opined on these here cyber-pages on my favorite topic – the future of IT Security, so here’s making up for that. Get ready for a lot of words – hopefully none too extraneous – on the latest Infosec tech, market and tendencies, with a side dish of assorted facts and reflections. Popcorn at the ready – off we go…

I’ll be writing here about ideal IT Security and how the security industry is evolving towards it (and what’s happening along that evolutionary road towards it), and how all that can be explained with the help of Mr. Darwin’s theory of evolution. How natural selection leads certain species to dominate, while others fall by the wayside – left for the paleontologists in years to come. Oh, and what is symbiosis, and what are parasites.

I’ll start with some definitions…

Almost-Perfection in an Imperfect World.

Perfect protection – 100% security – is impossible. The IT Security industry can and should of course aim for perfection, in the process creating the best-protected systems possible, but each inching nearer 100% costs exponentially more – so much more that the cost of protection winds up being greater than the cost of potential damage from the harshest of scenarios of a successful attack.

Accordingly, it’s logical to give the following definition of realistic (attainable) ideal protection (from the viewpoint of potential victims): Ideal protection is that where the cost to hack our system is greater than the cost of the potential damage that could be caused. Or, looking at it from the other side of the barricades: Ideal protection is that where the cost of a successful attack is greater than the gain attackers would receive.

Of course, there’ll be times when how much an attack may cost doesn’t matter to the attackers; for example, to state-backed cyberwar-mongers. But that doesn’t mean we just give up.

So how do we develop a security system that provides realistic (attainable) ideal (maximum) protection?

Modern defenders vs traditional: think about adversaries not incidents, by @johnlatwc #TheSAS2016 pic.twitter.com/gss5MITuO1

— Eugene Kaspersky (@e_kaspersky) February 8, 2016

Read on: The survival of IT’s fittest…

I hardly ever take the subway/metro/underground, no matter where I am in the world. My usual MO is~: plane – car – hotel (or home) – car – office – car – hotel (or home) – car – plane… I do use those trains that ferry folks between airport terminals quite a bit, but city metros – nope.

But just the other day in Seoul someone suggested we take a ride on the metro. The nearest station was just 200-300 meters from our hotel, so we thought why not?!

What can I say? Well, though I’ve been spoiled by having Moscow’s monumental metro on under my doorstep, I can still say that Seoul’s ‘Metropolitan Subway’ really is quite something. New and modern-looking, neat, tidy, comfortable, and massive. Though opened only in 1974 it’s more than twice the size of Moscow’s ever-expanding metro, and one-and-a-half the size of London’s Tube. Whoa. The Koreans sure can dig :).

Read on: Third busiest in the world!…

This time in Japan, there were no Top-100isms, no day trips, no walks… no time-off. It was all conferences, meetings, interviews and other assorted shigoto (仕事), that is, work.

Before coming over to the land of the rising sun this time, I was hoping the tempo would be less hectic than usual, with more freedom for relaxed beholding of historical and natural landscapes, meditative evening strolls, cherry blossoms and so on. Right. The further into the trip, the further I seemed to get away from any chance of seeing things like Mount Fuji or Aogashima, and deeper into ‘all shigoto, shigoto, shigoto‘. Which is also good, of course, but… well, look what happened to Jack!

The only bit of micro-tourism I did get in was a quick march along my favorite route outside/round the grounds of the Tokyo Imperial Palace.

https://www.instagram.com/p/BFYZh7AuiSA/

Read on: Tokyo by night…

This is a first…

Early this morning I got to see a full panoramic view of Tokyo from a high up in a skyscraper-hotel!

Normally you only get to see one side of the city; however, this time my travel companion A. Sh. was on a different floor on the other side of the building. Out of my window we could see financial skyscrapers and Mount Fuji in the distance on the horizon, while out of his we saw the rest of Tokyo. Being so high up also had its benefits of course. Especially when the hotel management leave binoculars in every room on special plates :).

Read on: And if you look very carefully, you see…

Privyet droogs!

When asked where I live in the world, I always answer Moscow. However, I only live here something like four or five months a year (the rest of the time (I’m on the road on business). And in those four or five months a year I see little of the city besides the well-trodden (by me) routes between my flat, the office, and all three of MOW‘s international airports. Occasionally I’ll go downtown for this or that occasion like the dentist’s, our Christmas/New Year bash, or the clinic for my booster shot against yellow fever (needed for certain Latin American countries and Africa). But apart from that, I hardly ever see the place. Who’d have thought it? Me – practically a non-stop business traveler-cum-tourist – and I never get round to being a tourist in the city I live in?! Odd. So at the weekend I decided to change this state of affairs. Accompanied by two other Moscow-dwelling fellow ‘tourists’ who I’ve traveled a lot with far and wide, it was time to ‘do’ Moscow – at least, some of it – in a six-hour quick march…

We started out at Sparrow Hills, and finished up at Molochnyy Pereulok, or Dairy Lane:

Read on: A very special weekend…

Just a quick read of the news these days and you can find yourself wanting to reach for… a Geiger counter. I mean, some of the news stories are just so alarming of late. Or am I overreacting? Let’s see…

Uh-oh News Item No. 1: Apocalypse Averted – for Now. 

Photo courtesy of Wikipedia

It was reported that the IT system of Unit B of the Gundremmingen Nuclear Power Plant in Swabia, Bavaria, southwestern Germany – right on the 30-year anniversary to-the-day of the Chernobyl disaster (!) – had been infected by some malware. However, it was also reported that there’s no reason to worry at all as no danger’s being posed whatsoever. All’s ok; we can all sleep soundly; everything’s under control; the danger level couldn’t be lower.

After sighing a ‘pheewwwww’ and mopping one’s brow, you read further…

… And as you do, you get a few more details of the incident. And it does indeed seem all is ok: the background radiation level, after all, didn’t go up – that’s the main thing, surely. Right? But then you read further still…

And you find out that the (Internet-isolated) system that was infected happens to be the one that controls the movement of nuclear fuel rods. It’s here you stop, rub the eyes, and read that again slowly…

WHAAAAT?

Read on: Cyber-Spy-Novel-Worthy …

Hurray!

We’ve launched our KICS (Kaspersky Industrial CyberSecurity), the special cyber-inoculation against cyber-disease, which protect factories, power plants, hospitals, airports, hotels, warehouses, your favorite deli, and thousands of other types of enterprises that use industrial control systems (ICS). Or, put another way, since it’s rare for an enterprise today to manage without such systems, we’ve just launched a cyber-solution for millions of large, medium and small production and service businesses all around the world!

So what’s this KICS all about exactly? What’s it for? First, rewind…

Before the 2000s a cyberattack on an industrial installation was a mere source of inspiration for science fiction writers. But on August 14, 2003 in northeastern USA and southeastern Canada, the science fiction became a reality:

Oops

Because of certain power grid glitches, 50 million North Americans went without electricity – some for several hours, others for several days. Many reasons were put forward as to the reasons behind this man-made catastrophe, including unkempt trees, a bolt of lightning, malicious squirrels, and… a side-effect from a cyberattack using the Slammer (Blaster) computer worm.

Read on: Hacked in 60 seconds…

Another week, another avia-triangle; this time: Moscow – London – Jerusalem – Moscow. As per – as per: conference, speech, meetings with partners and customers. It was all work, work, work… but for one smidgen of tourism: a visit to the Knesset.

The Knesset, folks, is Israel’s parliament – probably one of the most active, heterogeneous, scandal-ridden parliaments on the planet. 120 members of the most varied political stances and religions and degrees of tolerance and liberality; to some, the world’s most unabashed political reality show: a heady brew of the mosaic, much like Israeli society as a whole… but that’s another story – and one widely covered on the Internet. Here though, I’ll try to retell a few stories and incidents that have occurred here, as told me by folks who saw them happen. But more about that later…

Alas, we didn’t catch any live action of an actual session while here as we were in town on a non-working day. In fact we didn’t even get to see inside the Plenum Hall, as everyone was preparing for the upcoming Passover festival. Practically everything was closed for cleaning and polishing so that everything was sparkling for the important Jewish commemoration. Even the bar in the hotel closed at 9pm!

Read on: canteen, committees and… balls…