Finally, summer’s arrived. Took it’s time! But I’m not sure it’s the blessing it normally is, since we’re all still sat at home working remotely. Sure, there have been ‘easings’ here and there around the world, but we here at K are in no rush to… rush things. I think that goes for other IT companies too that will be working from home till at least fall, while some have signaled they’re on for staying home until the end of the year. And of course business trips are still being cancelled, as are exhibitions and conferences and Olympic Games and Cannes Festival and a whole load of other large-scale events. Some countries still have closed borders too.
So yep: we’re all still cooped up, not getting out much, and getting a bit stir crazy with the cabin fever. At least that’s how things are for many, I’m sure. There are others who are taking advantage of all the extra time and getting more exercise than ever, the devils! I’m somewhere in-between. Sometimes tired of Groundhog Every-Day, but staying busy. And that includes dusting off and delving into my archives to dig up some old photos, which lead to fond memories (plus reminders of how quickly the world is changing), which lead to… my next cyber-yesteryear post!
Yes, this series combines cyber-nostalgia, plus various personal and business insights I’ve picked up along the cyber-way, which I hope will be useful to some, or just interesting to others. Accordingly, I continue here today with part four, and I continue my tales, begun in part three, about CeBIT…
CeBIT – we loved it to bits! It was just sooo new and different and massive and…
Just in case you missed the firsttwo, this is the third episode of my cyber-yesteryear chronicles. Since I’m in lockdown like most folks, I have more time on my hands to be able to have a leisurely mosie down cyberseKurity memory lane. Normally I’d be on planes jetting here, there and everywhere for business and tourisms – all of which normally takes up most of my time. But since none of that – at least offline/in person – is possible at the moment, I’m using a part of that unused time instead to put fingers to keyboard for a steady stream of personal / Kaspersky Lab / cyber-historical nostalgia: in this post – from the early to mid-nineties.
Typo becomes a brand
In the very beginning, all our antivirus utilities were named following the ‘-*.EXE’ template. That is, for example, ‘-V.EXE’ (antivirus scanner), ‘-D.EXE’ (resident monitor), ‘-U.EXE’ (utilities). The ‘-‘ prefix was used to make sure that our programs would be at the very top of a list of programs in a file manager (tech-geekiness meets smart PR moves from the get go?:).
Later, when we released our first full-fledged product, it was named ‘Antiviral Toolkit Pro’. Logically, that should have been abbreviated to ‘ATP’; but it wasn’t…
Somewhere around the end of 1993 or the beginning of 1994, Vesselin Bontchev, who’d remembered me from previous meet-ups (see Cyber-yesteryear – pt. 1), asked me for a copy of our product for testing at the Virus Test Center of Hamburg University, where he worked at the time. Of course, I obliged, and while zip-archiving the files I accidentally named the archive AVP.ZIP (instead of ATP.ZIP), and off I sent it to Vesselin unawares. Some time later Vesselin asked me for permission to put the archive onto an FTP server (so it would be publically available), to which I obliged again. A week or two later he told me: ‘Your AVP is becoming really rather popular on the FTP!’
‘What AVP?’, I asked.
‘What do you mean ‘What AVP’? The one you sent me in the archive file, of course!’
‘WHAT?! Rename it right away – that’s a mistake!’
‘Too late. It’s already out there – and known as AVP!’
And that was that: AVP we were stuck with! Mercifully, we (kinda) got away with it – Anti-Viral toolkit Pro. Like I say – kinda ). Still, in for a penny, in for a pound: all our utilities were renamed by dropping the ‘-‘ prefix and putting ‘AVP’ in its place – and it’s still used today in some of the names of our modules.
First business trips – to Germany for CeBIT
In 1992, Alexey Remizov – my boss at KAMI, where I first worked – helped me in getting my first foreign-travel passport, and took me with him to the CeBIT exhibition in Hannover in Germany. We had a modest stand there, shared with a few other Russian companies. Our table was half-covered with KAMI transputer tech, the other half – our antivirus offerings. We were rewarded with a tiny bit of new business, but nothing great. All the same, it was a very useful trip…
Our impressions of CeBIT back then were of the oh-my-grandiose flavor. It was just so huge! And it wasn’t all that long since Germany was reunified, so, to us, it was all a bit West Germany – computer-capitalism gone bonkers! Indeed – a cultural shock (followed up by a second cultural shock when we arrived back in Moscow – more on that later).
Given the enormity of CeBIT, our small, shared stand was hardly taken any notice of. Still, it was the proverbial ‘foot in the door’ or ‘the first step is the hardest’ or some such. For it was followed up by a repeat visit to CeBIT four years later – that time to start building our European (and then global) partner network. But that’s a topic for another day post (which I think should be interesting especially for folks beginning their own long business journeys).
Btw, even as far back as then, I understood our project was badly in need of at least some kind of PR/marketing support. But since we had, like, hardly two rubles to rub together, plus the fact that journalists had never heard of us, it was tricky getting any. Still, as a direct result of our first trip to CeBIT, we managed to get a self-written piece all about us into the Russian technology magazine ComputerPress in May 1992: home-grown PR!
Fee-fi-fo-fum, I smell the dollars of Englishmen!
My second business trip was in June-July of the same year – to the UK. One result of this trip was another article, this time in Virus Bulletin, entitled The Russians Are Coming, which was our first foreign publication. Btw – in the article ’18 programmers’ are mentioned. There were probably 18 folks working at KAMI overall, but in our AV department there were just the three of us.
Herewith, I continue my tales from the cyber-old-school side. You’ve already had the first installment – about when I caught my very first fish virus, about our first antivirus utility, and about when I decided to go it alone to become a member of a profession that didn’t really exist back then (as a freelance antivirus analyst).
So, after a few weeks as a freelancer – which was basically a few weeks of doing not much at all as I couldn’t find any customers – I decided I needed to get a regular day job again with a company. So what I did was organize a ‘tender’ between three private companies that had offered me work.
One of them (KAMI) deserves a separate post of its own, so here I’ll just go over its main features. It was a rather large, and very multifaceted import-export-and-a-bit-of-everything-else company, which had a computer department that eventually broke off from KAMI to become independent. Its boss was Alexey Remizov, a great guy who believed in and helped me for many years.
But, back to the tender. Now, if two of the companies told me something like: ‘Sure, drop by next week, let’s discuss your offer’, Alexey suggested I come to his office the following morning, and the day after that he was showing me where my desk and computer were, putting some money in my hand as my first advance, deciding on a title for my ‘department’ – the ‘Anti-Virus Department’ (or something like that), and providing me with two employees.
My first work task – firing both employees! They just weren’t right. And I managed this first task ok – no hysterics, no conflicts: I think they agreed with me they weren’t the right ‘fit’.
Now, a bit more about KAMI (remember – in 1991)…
The computer department of KAMI was made up of around two dozen folks. But there was literally no money to be spent on computers! Therefore, the start-up capital came from sales of shoes imported from India, chocolate biscuits, the manufacture of a car alarm system, and systems of encoding TV signals (for paid TV). The only actual computer IT projects were my antivirus department and also a transputer department, which happened to be the most successful departments of KAMI back then.
What else can I recall from this time?
Actually, not a great deal, as I was too busy working 12-14 hours a day: I didn’t have time to take much notice of anything else, including politics. Still, let me think…
We rented our first office in… a kindergarten (!) in Strogino, a northwestern Moscow suburb. Later we moved to some premises in the Polytechnic Museum, then in Moscow State University, then a research institute, then another. We used to joke: in our early days the company went through all levels – besides high school ).
Having written a post recently about our forever topping the Top-3 in independent testing, I got a bit nostalgic for the past. Then, by coincidence, there was the 20th anniversary of the ILOVEYOU virus worm: more nostalgia, and another post! But why stop there, I thought. Not like there’s much else to do. So I’ll continue! Thus, herewith, yet more K-nostalgia, mostly in a random order as per whatever comes into my head…
First up, we press rewind (on the 80s’ cassette player) back to the late 1980s, when Kaspersky was merely my surname ).
Part one – prehistorical: 1989-1991
I traditionally consider October 1989 as when I made my first real steps in what turned out to be my professional career. I discovered the Cascade virus (Cascade.1704) on an Olivetti M24 (CGA, 20M HDD) in executable files it had managed to infiltrate, and I neutralized it.
The narrative normally glosses over the fact that the second virus wasn’t discovered by me (out of our team) but Alexander Ivakhin. But after that we started to ‘woodpeck’ at virus signatures using our antivirus utility (can’t really call it a ‘product’) regularly. Viruses would appear more and more frequently (i.e., a few a month!), I would disassemble them, analyze them, classify them, and enter the data into the antivirus.
But the viruses just kept coming – new ones that chewed up and spat out computers mercilessly. They needed protecting! This was around the time we had glasnost, perestroika, democratization, cooperatives, VHS VCRs, Walkmans, bad hair, worse sweaters, and also the first home computer. And as fate would have it, a mate of mine was the head of one of the first computer cooperatives, and he invited me to come and start exterminating viruses. I obliged…
My first ‘salary’ was… a box of 5″ floppy disks, since I just wasn’t quite ready morally to take any money for my services. Not long afterward though, I think in late 1990 or early 1991, the cooperative signed two mega-contracts, and I made a tidy – for the times – sum out of both of them.
The first contract was installation of antivirus software on computers imported to the USSR from Bulgaria by a Kiev-based cooperative. Bulgarian computers back then were plagued by viruses, which made a right mess of data on disks; the viruses, btw, were also Bulgarian.
The second contract was for licensing antivirus technologies in a certain mega-MS-DOS-based system (MS Office’s ~equivalent back then).
What I spent my first ‘real’ money on?… I think it was a VCR. And a total waste of money that was. I never had the time for watching movies, let alone recording stuff and watching it again. My family weren’t big into videos either. Oof. (Btw: a good VCR back then cost… the same as a decent second-hand Lada!)
My ~second purchase was a lot more worthwhile – several tons of paper for the publication of my first book on computer viruses. Btw: just after this buy the Pavlov Reform kicked in, so it was just as well I’d spent all my rubles – days later a lot of my 50 and 100-ruble notes would have been worthless! Lucky!
My book was published in the spring of 1991. Alas, it hardly sold – with most copies gathering dust in some warehouse no doubt. I think so anyway; maybe it did sell: I haven’t found a copy anywhere since, and in the K archive we only have one copy (so if anyone has another copy – do let me know!). Another btw, btw: I was helped immensely by a certain Natalya Kasperskaya back then in the preparation of the book. She was at home juggling looking after two little ones and editing it over and over; however, I think it must have piqued her curiosity in a good way – she warmed to the antivirus project and went on to take a more active part.
That pic there is of my second publication. The single copy of the first one – just mentioned – is at the office, and since we’re taking this quarantine thing seriously, I can’t physically take a pic of it (.
Besides books, I also started writing articles for computer magazines and accepting occasional speaking opportunities. One of the clubs I was speaking at would also send out shareware on diskettes by post. It was on such diskettes that the early versions of our antivirus – ‘-V by doctor E. Kasperski’ (later known as ‘Kaspersky’:) appeared (before this, the only users of the antivirus were friends and acquaintances).
The main differences between my antivirus… utility and the utilities of others (there’s no way these could ever be called ‘products’) were, first: it had a proper user interface – in the pseudo-graphics mode of MS-DOS – which even (!) supported the use of a mouse. Second: it featured ‘resident guard’ and utilities for the analysis of system memory to search for hitherto unknown resident MS-DOS viruses (this was back before Windows).
The oldest saved version of this antivirus is the -V34 from September 12, 1990. The number ’34’ comes from the number of viruses found! Btw: if anyone has an earlier version – please let me know, and in fact any later versions too – besides -V.
The antivirus market back then didn’t exist in Russia, unless you can call Dmitry Lozinsky’s ‘Aidstest’ on a diskette for three rubles a market. We tried to organize sales via various computer cooperatives or joint ventures, but they never came to much.
So I had to settle into my role, in 1990-1991, as a freelance antivirus analyst, though no one had heard of such a profession. My family wasn’t too impressed, to say the least, especially since the CCCP was collapsing, and a pertinent question ‘discussed in kitchens’ [no one did cafes/restaurants/bars for their meet-ups and chit-chats back then: there weren’t many in the first place, and not many folks had the money to spend in them even if they had] would be something like: ‘where’s all the sugar gone from the shop shelves?’ Tricky, tough times they were; but all the more interesting for it!
Ancient cybersecurity folks with more than 20 years’ experience in the industry will of course remember the infamous ILOVEYOULove Letter email worm from the early 2000s. What they may not recall is that it was exactly 20 years ago when it first reared its ugly head.
20 years? What?! Yep: Two decades ago to the day this cyber-maggot paralyzed practically the whole world. Wanna know what the guy responsible for this global cyber-tragedy is doing now, and where? I’ll get to that a bit later…
But I’ll start with a summary of the events of 20 years ago, in case you missed them. First up: why ‘Love Letter’?
This cyber-vermin crawled into millions of folks’ email inboxes. The receiver got a ‘love letter’ from what looked to be a friend or acquaintance.
Curiosity killed the… email recipient: after the attached VBS was clicked, the malware basically took control and sent itself on behalf of the recipient to everyone in his/her address book. And in some kinda totally mental mega-exponential way managed to infect – in a matter of hours!! – practically the whole email-using planet!
This caused colossal damages (yes, the worm also damaged certain files) (damages: to the tune of several BILLION dollars!)). Curious fact: the code for e-mail distribution was swiped from another worm – Melissa – which a year earlier ran amok around the whole world too (Microsoft had to switch off its corporate email (in current terminology – self-isolated) in order to stop the spread of the worm).
There’s another interesting element of Love Letter: the worm would download from the internet a Trojan that stole the infected computers’ internet-access logins and passwords (this is back when access was mostly dial-up, costing a lot – using per-hour tariffs), and sent them to a given address.
We’ve already had a few ‘B-sides’ – Aniva and Tyuleny – on our Kurils adventure. Now it was time for a bonus track – a previously unreleased rarity, as it were: the Commander Islands!
Can you guess what question I’m asked most of all during interviews and press conferences?
It started being asked back in the 1990s, quickly becoming the feared question that used to make me want to roll my eyes (I resisted the temptation:). Then after a few years I decided to simply embrace its inevitability and unavoidability, and started to improvise a bit and add extra detail to my answers. And still today, though my answers have been published and broadcast in probably all the mass media in the whole world – often more than once – I am asked it over and over, again and again. Of late though, it’s like I’ve come full circle: when I’m asked it I actually like to remember those days of long ago!
So, worked it out yet?
The question is: ‘What was the first virus you found?’ (plus questions relating to it, like when did I find it, how did I cure the computer it had infected, etc.).
Clearly, an important question, since, if it weren’t for it infecting my computer all those years ago: I may not have made a rather drastic career change; I may not have created the best antivirus in the world; I may not have raised one of the largest private companies in cybersecurity, and a lot more besides. So yes, a fateful role did that virus play – that virus that was among the early harbingers of what was to follow: billions of its ‘descendants’, then, later, cybercrime, cyberwarfare, cyber-espionage, and all the cyber-bad-guys behind it all – in every corner of the globe.
Herewith, I continue my historical-archeological dispatches from what is today known as Lebanon. Specifically – from Byblos, one of the oldest cities in the world.
Quite how old no one can really say for sure, but the internet rumors it to be around 9000 years! The guides who were showing us round – plus the info on the walls here – give the more modest figure of approximately 6000 years. Others say ~7000; still others – ~8000. Whatever – give or take a few thousand years (!), this city is still for sure one of the world’s very oldest.
20 years in business – is that a long time, or no time at all? Or how about 25 years of continuous development of new technologies and products (including the five years pre-KL)?
To answer that properly we need to ask how old the industry – cybersecurity – is itself. Well, the very first antivirus programs appeared just a few years before 25 years ago.
So that means we’re one of a handful of developers that created cybersecurity! Indeed, we’ve been in the industry since its infancy (when on-demand signature scanners were all the rage), and are still here today (in the new age of big data and machine learning). And that’s 20+ years in the cutting-edge avant garde. Oh yes. And no: modesty isn’t forbidding – it’s our birthday, after all :).
More immodesty: just think of all the cyber-nastiness we’ve been destroying in all those 20 years!
Of course, there’s never just one way of interpreting history. And Kaspersky Lab’s history is no exception.
On the one hand, we could look at old pics from our halcyon days of 20 years ago, recall the naive mistakes and missteps we made with a cringe, then also look in the mirror at our graying hair and deepening lines on our faces and get all melancholic! Sure – that’s possible…
But on the other hand – looking at the very same pics of those halcyon days of 20 years ago – we could simply smile instead, and say something like: ‘Not a bad first two decades, but we’re only just warming up!’ It’s all just perception: you gonna concentrate on the problems and difficulties, or the successes and achievements? Well, no prizes for guessing which perception we’re going for in this here post; yep the latter: ’cause that’s how we do it KL – we stay positive. In this business – you have to! And we hope we’ll inspire you, dear readers, to do the same.
Everything changed in 20 years? Actually – not quite. At least one thing hasn’t: work hard and think big
So, in the run-up to KL’s birthday, we had a long hard think about how we could most graphically and strongly arouse inspiration, while keeping true to historical faithfulness (and observing norms of decency:). And this is what we came up with: let’s have a quick look at some of the more curious and fun aspects of the company over the years – how it was in the ‘good old days’, how it looks now, and how it’ll be in the future.
I’ll start with the office.
If we go right back to the beginning – the early 1990s, we’ve moved offices a whopping six times!
Here, for example, is what the epicenter of development of one of the best antiviruses in the world looked like in 1994. That was our whole office! Ok, so registering as ‘Me Lab’ came three years later, but still – it was our office. It was actually part of the KAMI company, which produced software and hardware solutions in the 90s.
Btw, it was in this year (1994) that we took part in Hamburg University‘s AV tests for the first time – and unexpectedly won (by a mile) on quality of protection. In the pic above I think the smiles were breaking through the exhaustion after hearing about our win.
That, boys and girls, was the history of cybersecurity passing by!
28 years ago, somewhere around the fall of 1989, my Olivetti M24 was attacked by a virus. That fateful event changed my – and many others’! – lives. If only that virus had known precisely whose comp it attacked that day, and how many malicious descendants would be wiped out over the next decades both by my hand and later by the hands of KLers, I’m pretty sure it’d have about-turned in a jiffy and gotten the hell out of there!
Precisely 20 years ago today – on June 26, 1997 – ‘Me Lab‘ was founded.
But it’s fairly quiet in the office today. No party, no champagne, no nothing. On our 20th birthday? Don’t worry – we’ll get to that. We’ll be celebrating, in usual crazy fashion, but just a little later. Today it’s business as usual. All the same, tonight – NOW!, if you’d raise a glass of something tasty and utter a few kind words, please do. You will be repaid in good vibes and positive karma or some such – for sure!
Whoah – we just received congrats from Scuderia. Grazie mille! (the photos arrived with a note: ‘Kimi is smiling!’ Well, so are we:).
