Woodpecker Summit 2012.

The main occasion of our recent series of events in Cancun was the Security Analyst Summit (SAS) – the supreme congress of KL’s most distinguished virus analysts (woodpeckers; why woodpeckers? – see the full story here) and invited external security experts, who come together to boast about their achievements; exchange ideas, opinions and experiences; and, of course, do some informal networking.

Security Analyst Summit

The idea of the woodpecker summit goes back years. Its inception came in 1997 in Prague. We decided to reject the status quo – the usual boring model of what a summit should be about – and rethink the whole idea from scratch. What we came up with was a mostly informal get-together in comfortable surroundings in a distant, original location to discuss our technological breakthroughs. And one such breakthrough happens to have been the basic blueprint of our antivirus engine – named after the Czech capital where it was ‘born’. Clearly something was working with the summit format.

There followed rather a long break, but then in the early 2000s the tradition was kick-started again and these micro-conferences (in which only our employees took part at first) started being held sometimes several times a year. Since then there’ve been 15 of them.

Then in 2009 this tradition was updated and expanded – to version 2.0: transformed into much bigger, non-KL-exclusive, annual “woodpecker summits” in warm climes and with a serious intention to make the summits the main yearly event of the industry. Our latest – the fourth – was in the sunny Mexican resort of Cancun – coming across, I think, as a serious pronouncement of our present status. We had some 100+ attendees from 14 countries, great presentations and plenty of awesome team building. More details are in the guest post below from our Senior Virus Analyst, Yury Namestnikov:

Read more: SAS 2012 unleashed …

A Break Well Deserved – Mayan Style.

With three events (Security Analyst Summit, international press tour, and IT-security industry analysts’ conference) in Cancun over and done with (which completed the last leg of more than three weeks on the road at conferences, etc., etc., etc. all around the world), and the very last guests all having left, a little nostalgia was already setting in for the great times we had in the place… everything was just so very positive, interesting and fun – especially the evenings; extra-specially the Mexican Yucatan nights – yee-ha!

So let me tell you a little about the three ‘best bits’ – what you really must see in Yucatan if you ever get the chance to visit the place.

First – Chichen Itza (the Mayan pyramids); second – Cenote Ik-Kil (for swimming); and third – Rio Secreto (underground caves); not necessarily in that order. All must-visits!

A few pieces of advice: in Rio Secreto it’s better to leave your camera outside the cave – otherwise it’ll just get ruined down there from being submerged in water. But not to worry – every group of visitors to the caves is accompanied by a photographer who knows exactly how to keep his camera dry above water level. There are three different routes in Rio Secreto – all taking approximately 90 minutes to complete – at first by foot, then up to one’s knees in water, then swimming, then… just anyway, anyhow, as best you can :)

Indeed, a massive ‘big up’ to Rio Secreto . And I recommend buying one of the CDs with photos at the exit – the CDs contain great pics of both underground and surface scenes, plus ones of all the wildlife to be found in the caves.

For Chichen Itza you need to take camera equipment, bathing suit, plus towel – that’s about all you need for a great day’s chillage there.

It goes without saying that all the touristy spots are lined with densely packed stalls hawking the inevitable mass consumption tat. “Onnly van dullaar, senyor!”

The pics below show where the Mayas played their ancient version of basketball. Legend has it that one of the teams in the final after the game would be sacrificed for the gods. Which team wound up dead after the match – the winning or losing one – is not known: scholarly opinion is divided on this.

Swimming in Cenote Ik-Kil is one of the most magical swims in the world! The purest water, at the perfect temperature, at the bottom of a kind of deep sinkhole with long dangling plants hanging from high above. I really recommend it. One problem though is that it’s tricky taking good photos there – it’s quite dark below and very light above L.

That’s all folks! And now, for several days I’m going to be in full offline regime, somewhere here:

View from the plane

The rest of the photos are here.

 

Flickr photostream

Instagram photostream

Enter your email address to subscribe to this blog

The Black Box.

Filtering out spam may not seem such a big deal – after all, even a kid knows the difference between a Viagra advert and a normal message! In the security world things are much more complicated as we have to create something akin to artificial intelligence that is capable of doing the job automatically, on the fly.

That’s no easy task and entails all sorts of demands in terms of efficiency, reliability, compatibility and so on. And you no doubt know where things stand with AI – there are plenty who claim to have got it figured, but there’s nothing really to show for it (or if there is, they’re doing a good job of keeping it a secret).

Anti-spam security is no easier a task than anti-malware protection. And may even be more difficult (or maybe I just understand more about viruses…). The spam industry is a multi-billion dollar business and tens of thousands of skilled bloodsuckers are behind the huge variety of junk that is sent out. And these parasites show great ingenuity when it comes to linguistics and other stuff to make spam reach your inbox.

On the face of it, a spammer’s work looks fairly easy – write a spam message, test it against several of the most popular anti-spam filters and spawn via a botnet.  But few customers realize that a spam message’s lifecycle is just half an hour to an hour long. 90% of a mass mailing will never reach its intended recipients – spam filters, activated with an update or triggered by statistics, will intercept it.

And it’s that black box – the thing that withstands the worst things that email traffic throws at it and keeps your inbox clean – that I want to discuss here.

First of all, a bit of background. Since 2002 our anti-spam solution (KAS) has got through four generations of engine and we’re now developing a fifth. A single blog post would hardly suffice to recount everything. Basically, KAS has acquired lots of bits and bobs over the last 10 years. It boasts over 10 methods of spam analysis alone. That’s why I’ll start with our new ‘Möbius‘ technology – just in time for its debut in the latest version of KAS for Exchange Server.

Kaspersky Security 8.0 for Microsoft Exchange Servers

Read more: Anti-spam bottleneck and how we solved it …

The Red Snowmobile.

I give you the new model of the Red Snowmobile!

Italy (and most of Europe) is buried under snow and frozen solid. It meant that the brand new Ferrari F1 car was unveiled online this year – the guests just couldn’t get there, myself included. I’m enjoying the photos of a severe Italian winter from the airport in Cancún.

// you can come up with your own captions :)

Cars and the climate collide….

And here’s a video of the presentation:

You can find out more about our partnership with Scuderia Ferrari at a dedicated webpage or follow the updates on Facebook and Twitter.

The Big Euro Freeze & The Munich Security Conference.

A big hello from Munich!

More news, and this time I’d call it ‘The big Euro freeze’.

Europe is slowly icing over as a result of Siberian freezing weather blasting across the continent. Eastern Europe (Romania and Bulgaria) has been buried under meters of snow, the cold in Germany is bitter; in France it’s biting; England has also had its fair share and has cancelled a number of flights. I can only guess what is happening in Scandinavia and Poland. In Munich today it’s -9C, and it’s supposed to get down to -19C tonight, but the Bavarians are undaunted!

The photos are not mine, seeing as how I was at the Munich Security Conference all day. I’m a newbie here – I’ve never been involved at this level before (well, if you discount the London Conference on Cyberspace and Davos), but everything seemed to go well! I was on the roundtable, a few meetings and interviews. Here is my observations of the proceedings.

Read more: Big geopolitical players talk cyber security

DDoS – a Nasty SOB, but Curable – with KDP.

Hi everyone!

The Russian parliamentary elections late last year and the ensuing mass protests against their alleged falsification have brought about a sharp increase in the level of polarization of viewpoints being bandied about on Russian-language social networks and online media.

Simultaneously with all this, plenty of the Russian online media were visited by a ghost – the ghost of DDoS (Distributed Denial of Service Attack) – in early December 2011. This led to brazen hacker attacks, with one after another Russian website going down, and several attacks occurring simultaneously. Some were organized using traditional criminal bot networks, but behind them, it sure seems to me, stood marginal political groups, since the victims of the attacks were the sites both of opposition groups (including the Communist Party) and also of the ruling United Russia party.

A second DDoS attack – in mid-December – was more sophisticated. To date we still don’t have any reliable information about its origin – that is, not technically (how they actually pulled off the DDoS), and not the people who ordered it. And I’m not sure we’ll ever get to the bottom of it.

But I won’t get bogged down here with theory.

Read more: Let me get straight to DDoS in action …

A Nasty Little Thing Called Spam.

So, what do you think happens 250 billion times a day? Well, OK, it’s a rhetorical question, especially if you paid attention to the title.  But every day, in total, 250 billion spam e-mails are sent to inboxes all over the world. It sounds like a lot, but let’s be honest, does that number really shock you?

Next, try to define what you think of as spam. Most people assume it’s about Viagra, Nigerian letters and other pathetic, lame scams which jam up your inbox and slow down your daily business. But here’s the thing: spam is far more than just unsolicited ads. That Viagra offer is just the tip of the iceberg, while spam as a phenomenon is a crucial part of a huge cybercrime ecosystem. And the apparent “innocence” of spam is the illusion that I will be debunking here.

The technical foundations of the cybercrime ecosystem are botnets. These are huge clusters of computers infected with special Trojans (bots) that allow cyber crooks to remotely control these computers without their owners even knowing about it. That’s why experts also call botnets zombie networks – the computers are modified to obey cyber criminals’ commands as if they are zombies. Sometimes botnets can consist of millions of computers. For example, the notorious Kido (Conficker) botnet contained 7 million bots while TDSS had around 4.5 million bots.

How do they make money from botnets? The economics is quite simple here. Cyber crooks monetize the botnets in several ways including DDoS attacks, advertising services, phishing, data theft, etc. The picture looks something like this:

Spam moneitizing through botnet

Read more: So, what is the big deal about spam?

A Business Mecca Through The Eyes Of A Tourist.

Davos (and if you’re really with it, the stress will be on the second syllable).

What do people who follow the news know about this place? Yes, only from the news! Davos…forum, economics, politics, anti-globalization, police. The place bursts to life like a geyser on Kamchatka – not very often, but when it does, you know about it.

Davos

Well, I was here too. For the first two days as a tourist, then things get a bit more serious…

Read more: It’s a small mountain hamlet!