Tag Archives: features
Buzzwords of the 21st century. They come; some go – some stay. Example of the latter: synergy. Remember that one? It used to be bandied about in practically every business presentation given some 15 years ago (apart from mine; no thank you!). And do you recall the Y2K bug? Oh my goodness – that was 18 years ago already :). That too came and went (after having turned out to be much ado about nothing). Out of those that come and stay, there’s… hmmm… leverage, wellness, proactive, paradigm… But I digress.
Back to what I want to talk about today…: specifically tech buzzwords. Which ones spring to mind? Artificial intelligence? Big data? The internet of things? Quantum computing? Or maybe the uber-buzzy cryptocurrencies and bitcoins? These are among the most popular according to Google, too, btw.
Not all buzzwords are silly/nonsense/marketing hype/investor-and-consumer deceiving… sophistry (is that a buzzword? Sure sounds it, but…:). Blockchain is one example. For example, our business incubator is nurturing several blockchain ideas that will change the world for the better in their niches.
But that’s not what this post is about. Today I want to share my thoughts on the influence of cryptocurrencies on global cybersecurity and how we help users protect themselves from new threats. I’ll also fantasize a little about the future of free internet services and options for monetization of software.
Along with the snow and ice (at least in my home city), December brings with it an unbearable desire to take stock of the past 12 months, to be amazed at what’s been achieved, and to make plans for the future. Then, after a brief pause for festive fun and frolics, it’s time to get back at it (and them!) once again.
Now, to me, one of the most impressive KL projects of the year – among a whole host of them – was the global launch of our free antivirus. In just several months this product has demonstrated curiously extraordinary success, and it’s that success I want to tell you about here today.
Kaspersky FREE was pilot-launched almost two years ago after an intense public discussion about its functionality. For a year and a half we kept a close eye on how the product worked, also on the user feedback thereon, the effectiveness of the protection, competition with our paid products, and so on… and it all confirmed – we were doing things just right! Then, six months ago, we had the global rollout of our freebie!
Half a year: is that a short or a long time? Well, on an uninhabited island it’s a long time, I guess. But for a popular antivirus it’s no time at all. Still, what can you get done in such a short time? Turns out quite a bit, if you put your mind to it…
First off: back to the title of this post: 7.2 million.
7.2 million is the total number of installations of FREE up until December 1, 2017. Around four million of those are active users, which is a real good result for such a new product. In just November FREE was downloaded nearly 700,000 times: around 23,000 times a day. But what’s even more curiously surprising is the loyalty of the users of FREE: some 2.5 times higher than the trial versions of our paid products: 76% of users who install FREE stay with us for several months of more. Woah. That’s a nice fat figure for Christmas ).
Now a little about the effectiveness of FREE…
Although the product is loaded with just the basic essentials of protection (for £39.99 you can get the full suite of protective whistles and bells, including VPN, Password Manager, Parental Control, mobile device protection, etc.), it works on the same anti-malware engine as our other consumer products. In 2017 FREE protected its users from almost 250 million cyberattacks, 65 million detections of which occurred thanks to our cloud-based KSN. In just a year the product detected 17.5 million unique malicious programs and ~50 million malicious websites/pages. No wonder then that FREE is regularly and deservedly in among the top ratings in tests and reviews all around the world with enviable regularity.
There are three more things I think will be interesting to you, dear reader.
To protect or not to protect virtual machines – that was the question, asked by many. But the answer’s been the same all along: to protect.
The more crucial question is how to protect.
I’ve already written on these here cyber-pages a fair bit about the concept of agentless antivirus for VMware. But technologies don’t stand still; they keep moving forward. As virtualization develops and more and more organizations see its obvious advantages, more varied applications for its use appear, bringing greater and more specific demands in terms of protection.
Obviously there’s a dedicated security approach specifically for virtual desktops, another type of protection tailored for databases, and yet another for websites, and so on. Then there’s the fact that agentless antivirus is not the only way to go as regards protection, and also that VMware is not the only virtualization platform, even though it’s the most popular.
So what are the alternatives for virtualization security?
So, just briefly, a bit of ‘previously, on… EK’s blog‘, since this has all been gone into in sufficient detail before (here)…
This approach entails having a dedicated virtual machine with the antivirus engine installed on it. This machine does the malware scanning on the rest of the virtual infrastructure by connecting to the rest of the virtual machines using native VMware vShield technology. vShield also interacts with the antivirus’s system management so it knows the settings and applied policies, when to turn protection on and off, how to optimize, and so on.
The Internet and mobile devices and related gadgetry have brought so much incredibly useful stuff into our lives that sometimes it’s hard to imagine how on earth anyone managed without it before. You know, purchasing airline tickets and checking in, online shopping and banking, multi-device data sharing, keeping the kids occupied on the backseat of the car with a film on their tablets (in my youth you just sat there or played I Spy). But I digress, and so early on in this post…
Alas, along with all the good and helpful stuff to make life easier, the Internet’s brought us other stuff – bad stuff that’s harmful and dangerous. Malware, spam, hard-to-trace cybercrims, cyberweapons, etc., etc. There’s also Internet fraud, which is what I’ll be writing about in this post, or – more to the point – how to combat it.
But let’s start with the basics: who suffers from Internet fraud?
Consumers? Well, yes, but not much compared with businesses: the brunt of the cost of online fraud is taken by banks, retailers, and in fact any online operators.
A few figures to illustrate the scope of Internet fraud:
- In 2012 in the United States alone, direct losses from online fraud came to $ 3.5 billion;
- Those losses were made up of about 24 million fraudulent online orders;
- Almost 70 million orders were cancelled due to suspicion of foul play.
All rather alarming.
In the meantime, are online operators generally taking any measures against fraud?
Of course they are. Plenty!
Today I’d like to talk about the future. About a not-so-glamorous future of mass cyber-attacks on things like nuclear power stations, energy supply and transportation control facilities, financial and telecommunications systems, and all the other installations deemed “critically important”. Or you could think back to Die Hard 4 – where an attack on infrastructure plunged pretty much the whole country into chaos.
Alas, John McClane isn’t around to solve the problem of vulnerable industrial systems, and even if he were – his usual methods of choice wouldn’t work. So it comes down to KL to save the world, naturally! We’re developing a secure operating system for protecting key information systems (industrial control systems (ICS)) used in industry/infrastructure. Quite a few rumors about this project have appeared already on the Internet, so I guess it’s time to lift the curtain (a little) on our secret project and let you know (a bit) about what’s really going on.
But first – a little bit of background about vulnerable industrial systems, and why the world really needs this new and completely different approach of ours.
In just a dozen or so years the computer underground has transformed itself from hooliganistic adolescent fun and games (fun for them, not much fun for the victims) to international organized cyber-gangs and sophisticated state-sponsored advanced persistent threat attacks on critical infrastructure. That’s quite a metamorphosis.
Back in the hooliganistic era, for various reasons the cyber-wretches tried to infect as many computers as possible, and it was specifically for defending systems from such massive attacks that traditional antivirus software was designed (and did a pretty good job at). These days, new threats are just the opposite. The cyber-scum know anti-malware technologies inside out, try to be as inconspicuous as possible, and increasingly opt for targeted – pinpointed – attacks. And that’s all quite logical from their business perspective.
So sure, the underground has changed; however, the security paradigm, alas, remains the same: the majority of companies continue to apply technologies designed for mass epidemics – i.e., outdated protection – to tackle modern-day threats. As a result, in the fight against malware companies maintain mostly reactive, defensive positions, and thus are always one step behind the attackers. Since today we’re increasingly up against unknown threats for which no file or behavioral signatures have been developed, antivirus software often simply fails to detect them. At the same time contemporary cyber-slime (not to mention cyber military brass) meticulously check how good their malicious programs are at staying completely hidden from AV. Not good. Very bad.
Such a state of affairs becomes even more paradoxical when you discover that in today’s arsenals of the security industry there do exist sufficient alternative concepts of protection built into products – concepts able to tackle new unknown threats head-on.
I’ll tell you about one such concept today…
Now, in computer security engineering there are two possible default stances a company can take with regard to security: “Default Allow” – where everything (every bit of software) not explicitly forbidden is permitted for installation on computers; and “Default Deny” – where everything not explicitly permitted is forbidden (which I briefly touched upon here).
As you’ll probably be able to guess, these two security stances represent two opposing positions in the balance between usability and security. With Default Allow, all launched applications have a carte-blanche to do whatever they damn-well please on a computer and/or network, and AV here takes on the role of the proverbial Dutch boy – keeping watch over the dyke and, should it spring a leak, frenetically putting his fingers in the holes (with holes of varying sizes (seriousness) appearing regularly).
With Default Deny, it’s just the opposite – applications are by default prevented from being installed unless they’re included on the given company’s list of trusted software. No holes in the dyke – but then probably no excessive volumes of water running through it in the first place.
Besides unknown malware cropping up, companies (their IT departments in particular) have many other headaches connected with Default Allow. One: installation of unproductive software and services (games, communicators, P2P clients… – the number of which depends on the policy of a given organization); two: installation of unverified and therefore potentially dangerous (vulnerable) software via which the cyber-scoundrels can wriggle their way into a corporate network; and three: installation of remote administration software, which allows access to a computer without the permission of the user.
Re the first two headaches things should be fairly clear. Re the third, let me bring some clarity with one of my EK Tech-Explanations!
Not long ago we conducted a survey of companies in which we posed the question, “How do employees violate adopted IT-security rules by installing unauthorized applications?” The results we got are given in the pie-chart below. As you can see, half the violations come from remote administration. By this is meant employees or systems administrators installing remote control programs for remote access to internal resources or for accessing computers for diagnostics and/or “repairs”.
There’s an old Russian saying: As you start the New Year – that’s how you’ll spend the rest of it.
And this year started rather well for us: First, we were awarded Product of the Year by the Austrian testing lab AV-Comparatives; second, we broke the record on the number of points from Germany’s AV-Test.org; and third, we secured the top grade from Virus Bulletin in the UK. But after that pleasant start to the year things just got better, with the number of medals on our lapel going up and up and up! There were top marks in comparative testing of our proactive protection by Matousec; we were No. 1 in testing of our Application Control function by West Coast Labs; and we also secured excellent results in testing of our mobile security product (pdf) by PCSL. But we didn’t stop at serial-wins with our personal products; we also tore up the competition with our corporate ones; for example, in the August round of testing by AV-Test.org both KIS and KES were awarded 17 and 16 points, respectively – both higher than all the other competing solutions.
So, as you can see, in the first eight months of 2012 we’ve had rather a lot of good news. But never enough good news for me to forget to praise our ever faithful and pioneering AV lab (which praise I think it appreciates – so expect more victorious bulletins from the malware front soon!).
On this backdrop of positivity and optimism, the more deeper-delving observer might remark, “ok, your antivirus technologies come top-of-the-class across-the-board, but what about your NON-antivirus technologies – the important whistles and bells that add to a solution’s completeness and thus overall usefulness – like for example anti-spam?” All-righty: that’s what I’ll address in this post.
Just recently the results of Virus Bulletin’s VBSpam testing were released in which our new Kaspersky Linux Mail Security (KLMS) – unexpectedly for our competitors but quite expectedly for us – was among the winners – actually second – with an outstanding result of a 93.93% spam catch rate and 0.01% false positives. “Who wants to come second?” might come the refrain from those used to nothing but first place for KL. But in answer I’d say, “I do!” Here’s why…
To think of all the yummy stuff the Internet has brought us, though interesting, would probably be a waste of time: by the time you’d have finished totting up all the scrumptiousness you remember, just as much new scrummyness would have appeared. But there is one particular Internet-delicacy concept that, due to its importance and value, should really never be overlooked, even in just a “Best Hits” of the Internet. This concept deserves closer consideration. And this concept is crowdsourcing.
I won’t go into loads of detail – you can get that at the other end of the Wikipedia link above (incidentally, Wikipedia is also a crowdsourcing project :) or via a search engine. Here, let me briefly go through the idea:
The WWW permits large numbers of folks from all over the world to very quickly all get together and combine efforts to solve some kind of difficult task or other. The result is collective intelligence, backed up by gigahertz, gigabytes and terabytes of computers and communication channels. Technically, its all about the sharing and allocation of computing power. For example, I remember well how at the end of the nineties many at night connected their comps to SETI@Home – a non-commercial project that searched for radio signals of extraterrestrial civilizations. The project is still going, with 1.2 million participants and a total processing power running up to 1.6 petaflops.
Perhaps surprisingly, you’ll generally find network crowdsourcing being applied in practically every sphere of life. And security is no exception. Recent examples: the international brainstorming that went into solving the Duqu Framework, and into trying to crack the mystery of the encrypted Gauss payload. (For the former, by the way, we received a rather flattering write-up on darkreading.com.) Still, these cases aren’t really the best examples of crowdsourcing at work…
The best example is probably to be found in the way we (KL) successfully process 125,000 samples of malware every day (up from 70,000 late last year). Of course, robots and other technologies of automation and data-flow analysis help, but the most important ingredient to make it all work – the statistical food – is furnished by you! Yes, you! The system’s a big you-scratch-my-back, I’ll-scratch-yours gig in which our users help both us and one another in the business of preventing cyber break-ins around the world, and in particular of tackling unknown threats. And everyone helps anonymously and voluntarily after having clearly expressed a willingness to take part; and none of it affecting computer performance!
The new version of KIS is attracting quite a bit of buzz in the media: in the two weeks since its global premiere it has been receiving gushing review after gushing review. Just about all of them go into plenty of detail covering all the ins and outs of the product, and specific features have been covered here on this blog of mine – for example posts about automatic protection from vulnerabilities and making secure payments.
But KIS has one more delicious layer of features; however, they can’t be used yet, and will only become applicable in the (nearest) future (we really mean it when we say Be Ready for What’s Next, you know!). These futuresque featuresques are undeservedly not getting the limelight. I’m talking about KIS support for Windows 8.
So what are these technologies, how do they fit in with Win8, and what are the benefits for users?
I’ll start with the most obvious: the new Windows 8 interface. I haven’t had a test-drive myself, but I’ve heard lots of good things about it and read flattering reviews. The fully redesigned interface is really not bad looking at all, and that goes for the desktop version and the tablet-touchscreen-mobile incarnation. I’m looking forward to its release and the reactions of users…
At the same time it has to be said that this new kid on the block has significantly increased the proverbial pain in the neck for third-party software developers: in order to cater to the whole spectrum of user preferences it was deemed necessary to have two interfaces – the classic one we’re all used to, and the new go-faster-stripes one. In response, we’ve been one of the first in the antivirus industry to develop a special application that transfers the antivirus management features to the new Windows 8 interface. The application is free of charge, and you can download and install it from the Windows Store.