NOTES, COMMENT AND BUZZ FROM EUGENE KASPERSKY – OFFICIAL BLOG
February 27, 2024
Hi folks – from Austria!…
But I wasn’t here to just look out of windows at the dreary Euro-weather. I was here on business – lots of it; first and foremost – to personally receive this! ->
…For, when your company is awarded none other than “Product of the Year”, by none other than AV-Comparatives, not getting yourself down to Tirol to receive it in person is simply out of the question!…
January 25, 2024
Ladies and gents, girls and boys!
Here’s something that needs celebrating (to brighten up these dull and dreary wintry days). The independent testing lab AV-Comparatives has released its Summary Report 2023 in which it “highlights the high-scoring [consumer anti-virus] products” it tested throughout last year. A total of 16 security solutions were rigorously put through their paces in several different tests – including of their ability to protect against malware and advanced threats, of performance (low-system impact), absence of false alarms, and so on and so forth. And out of all 16 there was only one winner – the only product that secured top marks in all 16 of the tests. Can you guess who?! Ok, it’s hardly a toughie since it’s me who’s telling you, but… yes: it was our Kaspersky Standard – named Product of the Year 2023! Hurray!
Ooh – that’ll go nicely in our shiny awards cabinet here at HQ. Oh – wait: is there any room left?!
What’s especially satisfying is that the testers heaped praise not only on the product’s technical capabilities, but also its interface. So it wasn’t for nothing we added plenty more top-notch functionality while seriously overhauling how it all looks. Nice.
Btw – for more than two decades already we’ve been constantly under AV-Comparatives’ microscope – unlike some of our competitors who only select the tests they’d do well in. Which brings me on to another win for us: we’ve garnered the most awards from AV-Comparatives out of all tested vendors across various categories – totaling a full 57 awards (two of which were for low impact on system performance)!
But wait. There’s yet more good news!…
October 13, 2021
Being a developer of cybersecurity: it’s a tough job, but someone’s got to do it (well!).
Our products seek and destroy malware, block hacker attacks, do update management, shut down obtrusive ad banners, protect privacy, and a TONS more… and it all happens in the background (so as not to bother you) and at a furious pace. For example, KIS can check thousands of objects either on your computer or smartphone in just one second, while your device’s resource usage is near zero: we’ve even set the speedrunning world record playing the latest Doom with KIS working away in the background!
Keeping things running so effectively and at such a furious pace has, and still does require the work of hundreds of developers, and has seen thousands of human-years invested in R&D. Just a millisecond of delay here or there lowers the overall performance of a computer in the end. But at the same time we need to be as thorough as possible so as not to let a single cyber-germ get through ).
Recently I wrote a post showing how we beat demolished all competition (10 other popular cybersecurity products) in testing for protection against ransomware – today the most dangerous cyber-evil of all. So how do we get top marks on quality of protection and speed? Simple: by having the best technologies, plus the most no-compromise detection stance, multiplied by optimization ).
But, particularly against ransomware, we’ve gone one further: we’ve patented new technology for finding unknown ransomware with the use of smart machine-learning models. Oh yes.
The best protection from cyberattacks is multi-level protection. And not simply using different protective tools from different developers, but also at different stages of malware’s activity: penetration, deployment, interaction with the command center, and launch of the malicious payload (and this is how we detect the tiniest of hardly-noticeable anomalies in the system, analysis of which leads to the discovery of fundamentally new cyberattacks).
Now, in the fight against ransomware, protective products traditionally underestimate final stage – the stage of the actual encryption of data. ‘But, isn’t it a bit late for a Band-Aid?’, you may logically enquire ). Well, as the testing has shown (see the above link) – it is a bit too late for those products that cannot roll back malware activity; not for products that can and do. But you only get such functionality on our and one other (yellow!) product. Detecting attempts at encryption is the last chance to grab malware red-handed, zap it, and return the system to its original state!
Ok, but how can you tell – quickly, since time is of course of the essence – when encryption is taking place?
October 5, 2021
What’s the No. 1 most unpleasant pain in the xxx thorn in the side of the modern-day cyber-world in terms of damage, evil sophistication, and headline-grabbing the world over? Can you guess?…
Ah, the title of this post may have given it away, but yes, of course, it’s ransomware (aka cryptomalware, but I’ll stick with the simpler, less tongue-twisting, and professional term ‘ransomware’).
So: ransomware. Bad. How bad?…
Well, it’s actually so bad, and has been so consistently bad for years, so deeply embedded in all things digital, and has so overwhelmed so many large organizations (even indirectly being followed by human deaths), which (large organizations) have forked out so much money to pay ransoms for, that the world’s news media has become almost indifferent to it. It’s stopped being headline news, having been transformed into an every-day casual event. And that’s what’s most worrying of all: it means the cyber-scumbags (apologies for such a strong language, but it’s really the best way to describe these folks) are winning; cyber-extortion is becoming a seemingly inevitable reality of today’s digital world and it seems there’s nothing can be done about it.
And they’re winning for three reasons:
Third (I’ll start at the end): the ‘big boys’ are still playing their schoolyard geopolitical games, which blocks national cyber-polices exchanging operational information for coordinated searching, catching, arresting and charging of ransomware operators.
Second: users aren’t prepared – resilient – enough to respond to such attacks.
And first (most important): not all washing powders are the same anti-ransomware technologies are equally effective – by a long way.
Often, ‘on the tin’, anti-ransomware technologies featured in cybersecurity solutions are claimed to be effective. But in practice they don’t quite do exactly what it says on the tin, or – if they do, consistently. And what does this mean? That users are scandalously unprotected against very professional, technically sophisticated ransomware attacks.
But don’t just take my word for it. Check what the trusted German testing institute – AV-TEST – say. They’ve just published complex research on the ability of cybersecurity products to tackle ransomware. They paid no attention whatsover to marketing claims (à la ‘this deodorant is guaranteed to last for 48 hours’), and didn’t just use widely-know in-the-wild ransomware samples. They besieged several of the top cybersecurity solutions in real ‘battlefield’ conditions, firing at them all sorts of live-ammunition ransomware artillery that’s actually out there today. As mentioned, no in-the-wild samples, but those technically capable of weaponizing a ransomware attack. And what did they find? On the whole – something thoroughly shocking and scary:
June 30, 2017
Last week, Kaspersky Lab was in the spotlight again in another ‘sensational’ news stream.
I say ‘again’ as this isn’t the first time we’ve been faced with allegations, ungrounded speculation and all sorts of other made-up things since the change of the geopolitical situation a few years ago. With the U.S. and Russia at odds, somehow, my company, its innovative and proven products as well as our amazing employees are repeatedly being defamed, given that I started the company in Russia 20 years ago. While this wasn’t really a problem before, I get it– it’s definitely not popular to be Russian right now in some countries.
For some reason the assumption continues to resonate that since we’re Russian, we must also be tied to the Russian government. But really, as a global company, does anyone seriously think we could survive this long if we were a pawn of ANY government? Our whole business is based on one thing – besides expertise – and that’s trust. Would we really risk our whole business by undermining our trustworthiness?
Especially given that the best non-Kaspersky Lab security researchers (hackers) are constantly scouring our code/products to find and report vulnerabilities. In fact, we even have a public bug bounty program, where we pay researchers to examine our products and search for any issues or possible security concerns. If there was anything suspicious or nefarious to find, they would have publicly shouted it to the roof tops by now.
Read on: Five destructive repercussions of a technology sanctions game…
May 2, 2017
Last fall, in our domestic market we turned to the Federal Antimonopoly Service with a complaint against Microsoft regarding its anti-trust legislation violations.
Despite the long silence on the airwaves, the matter was in fact slowly but surely being addressed. And don’t pay any attention to inaccurate reports about not filing similar claims with the EU Commission: that was off the back of an interview I gave in Germany in which it looks like a fact or two went astray – perhaps lost in translation. We are definitely not planning on ‘temporarily backing off’ filing our competition complaint with the EU Commission.
And anyway, instead of reading reports it’s always better hearing it from the horse’s mouth, as they say… So here I am with real news and confirmed details and plans that I can share at the moment compromising neither ethical nor legal norms.
Ok. Let’s begin…
First off, as was expected, Microsoft disagrees with our claims. ‘We did not create conditions…’, ‘we have not infringed…’, and even: ‘we do not dominate…’ But facts are stubborn things, and despite the formal denials, Microsoft has, in fact, taken a few crucial steps toward rectifying the situation. And it looks like our actions might have helped encourage Microsoft to do so. Of course, there’s still more that needs to be done, but this is at least a good start toward ensuring that consumers have the chance to choose the best cybersecurity solution for them specifically.
It appears Microsoft took a two-pronged approach: (i) formal denials (which is logical); and (ii) specific (although small) practical steps to meet both users and independent software developers half-way.
I’ll leave out the formal denials here, but in this post I want to tell you a bit about those ‘practical steps’ that were recently taken by Microsoft. Let’s have a look at three notable examples thereof:
Example No. 1: The Alarming Windows Defender PC Status Page.
One of the claims we made against Microsoft regarded the misleading Windows Defender PC status page, pictured below:
The good news is that Microsoft has changed the previously displayed status page in a recent update, addressing several of the confusing and misleading elements we described.
So, what was the original status page for and what were our objections?
December 7, 2016
Recently, sharp-eyed users congratulated me with a ‘billion’ items in the Kaspersky Security Network. Thank you! Although, I need to explain what that ‘billion’ is.
First of all, don’t worry. This is not a billion something or other you don’t want on your computer; no, it’s something different, and it’s a little complicated. So let me start with some basic definitions.
Read on: How to get as close as poss to the ideas cybersecurity…
November 10, 2016
Hi Folks!
Meet David, the magnificent masterpiece sculpted by Michelangelo at the start of the 16th century. A photo of his face with that curious furrowed brow featured on our very first anti-cyber-vermin security product at the beginning of the 1990s. Some thought the pic was of me! I still don’t see why; I mean, have you EVER seen my face clean-shaven… and as white as a sheet? )
The choice of David for the retail box was far from random: we found we were kindred spirits – both very much underdogs. KL was a small young company from nowhere throwing down the gauntlet to global cyber-malice in an established international security market; David was the small young guy throwing down the gauntlet to the giant Goliath.
Throughout the years the boxes have changed, but one thing that hasn’t is our… Davidness.
Fate threw plenty of obstacles in our path that could have easily seen us off, but we persevered, hurdled those obstacles – often alone – and became stronger.
To everyone’s amazement we gave users the best protection in the world and became one of the leaders in the global market. We took it on ourselves to fight patent trolls practically alone, and are still successfully fighting them. (Most others prefer to feed them instead.) And despite the rise in parasites and BS-products, we continue to increase investment in true cybersecurity technologies (including true machine learning) for the protection of users from the cyberthreat avant-garde.
Thus, with just a ‘sling and stones’ we slowly but surely keep on killing Goliath ‘saving the world’: regardless of the geopolitical situation, and from any sort of cyberattacks – regardless of their origin or purpose.
And now, fate has brought us a new challenge. And not only us: this is also a challenge for all computer users and the entire ecosystem of independent developers for Windows.
October 4, 2016
We’ve been ‘saving the world’ for, hmmm, now let me see, a good 19 years already! Actually it’s several years longer than that, but 19 years ago was when we registered KL as a (UK) company.
Alas, ‘saving the world’ once and for all and forever just ain’t possible: cyberthreats are evolving all the time, with the cyber-miscreants behind them forever finding new attack vendors across the digital landscape, meaning that landscape will never be 100% safe. However, hundreds of millions of folks all around the world, on different devices and in different life situations, each day have the possibility to protect their privacy and data, safely use online stores and banking, and protect their kids from digital filth, cyber-perverts and con-artists.
And on our side – the ones doing the protecting – there’s plenty of raison d’être for our experts: each photo rescued from ransomware, every blocked phishing site, each shut down botnet, and every cyber-bandit sentenced to prison: each one = cause for professional satisfaction and pride. It means all the hard work wasn’t for nothing; we really are doing good.
In the struggle against cyber-filth, cyber-perverts and cyber-crooks, we’ve got for you a range continually improved tools.
September 9, 2016
I think the recent article in the New York Times about the boom in ‘artificial intelligence’ in Silicon Valley made many people think hard about the future of cybersecurity – both the near and distant future.
I reckon questions like these will have been pondered on:
Sometimes when I hang around with A.I. enthusiasts here in the valley, I feel like an atheist at a convention of evangelicals.
Jerry Kaplan, computer scientist, author, futurist and serial entrepreneur (inc. co-founder of Symantec)
What’s going on now in the field of ‘AI’ resembles a soap bubble. And we all know what happens to soap bubbles eventually if they keep getting blown up by the circus clowns (no pun intended!): they burst.
Now, of course, without bold steps and risky investments a fantastical future will never become a reality. But the problem today is that along with this wave of widespread enthusiasm for ‘AI’ (remember, AI today doesn’t exist; thus the inverted commas), startup-shell-companies have started to appear.
A few start-ups? What’s the big deal, you might ask.
The big deal is that these shell-startups are attracting not millions but billions of dollars in investment – by riding the new wave of euphoria surrounding ‘AI’ machine learning. Thing is, machine learning has been around for decades: it was first defined in 1959, got going in the 70s, flourished in the 90s, and is still flourishing! Fast forward to today and this ‘new’ technology is re-termed ‘artificial intelligence’; it adopts an aura of cutting-edge science; it gets to have the glossiest brochures; it gets to have the most glamorously sophisticated marketing campaigns. And all of that is aimed at the ever-present human weakness for belief in miracles – and in conspiracy theories about so-called ‘traditional’ technologies. And sadly, the cybersecurity field hasn’t escaped this new ‘AI’ bubble…
