Herewith, I continue my tales from the cyber-old-school side. You’ve already had the first installment – about when I caught my very first fish virus, about our first antivirus utility, and about when I decided to go it alone to become a member of a profession that didn’t really exist back then (as a freelance antivirus analyst).
So, after a few weeks as a freelancer – which was basically a few weeks of doing not much at all as I couldn’t find any customers – I decided I needed to get a regular day job again with a company. So what I did was organize a ‘tender’ between three private companies that had offered me work.
One of them (KAMI) deserves a separate post of its own, so here I’ll just go over its main features. It was a rather large, and very multifaceted import-export-and-a-bit-of-everything-else company, which had a computer department that eventually broke off from KAMI to become independent. Its boss was Alexey Remizov, a great guy who believed in and helped me for many years.
But, back to the tender. Now, if two of the companies told me something like: ‘Sure, drop by next week, let’s discuss your offer’, Alexey suggested I come to his office the following morning, and the day after that he was showing me where my desk and computer were, putting some money in my hand as my first advance, deciding on a title for my ‘department’ – the ‘Anti-Virus Department’ (or something like that), and providing me with two employees.
My first work task – firing both employees! They just weren’t right. And I managed this first task ok – no hysterics, no conflicts: I think they agreed with me they weren’t the right ‘fit’.
Now, a bit more about KAMI (remember – in 1991)…
The computer department of KAMI was made up of around two dozen folks. But there was literally no money to be spent on computers! Therefore, the start-up capital came from sales of shoes imported from India, chocolate biscuits, the manufacture of a car alarm system, and systems of encoding TV signals (for paid TV). The only actual computer IT projects were my antivirus department and also a transputer department, which happened to be the most successful departments of KAMI back then.
What else can I recall from this time?
Actually, not a great deal, as I was too busy working 12-14 hours a day: I didn’t have time to take much notice of anything else, including politics. Still, let me think…
We rented our first office in… a kindergarten (!) in Strogino, a northwestern Moscow suburb. Later we moved to some premises in the Polytechnic Museum, then in Moscow State University, then a research institute, then another. We used to joke: in our early days the company went through all levels – besides high school ).
Having written a post recently about our forever topping the Top-3 in independent testing, I got a bit nostalgic for the past. Then, by coincidence, there was the 20th anniversary of the ILOVEYOU virus worm: more nostalgia, and another post! But why stop there, I thought. Not like there’s much else to do. So I’ll continue! Thus, herewith, yet more K-nostalgia, mostly in a random order as per whatever comes into my head…
First up, we press rewind (on the 80s’ cassette player) back to the late 1980s, when Kaspersky was merely my surname ).
Part one – prehistorical: 1989-1991
I traditionally consider October 1989 as when I made my first real steps in what turned out to be my professional career. I discovered the Cascade virus (Cascade.1704) on an Olivetti M24 (CGA, 20M HDD) in executable files it had managed to infiltrate, and I neutralized it.
The narrative normally glosses over the fact that the second virus wasn’t discovered by me (out of our team) but Alexander Ivakhin. But after that we started to ‘woodpeck’ at virus signatures using our antivirus utility (can’t really call it a ‘product’) regularly. Viruses would appear more and more frequently (i.e., a few a month!), I would disassemble them, analyze them, classify them, and enter the data into the antivirus.
But the viruses just kept coming – new ones that chewed up and spat out computers mercilessly. They needed protecting! This was around the time we had glasnost, perestroika, democratization, cooperatives, VHS VCRs, Walkmans, bad hair, worse sweaters, and also the first home computer. And as fate would have it, a mate of mine was the head of one of the first computer cooperatives, and he invited me to come and start exterminating viruses. I obliged…
My first ‘salary’ was… a box of 5″ floppy disks, since I just wasn’t quite ready morally to take any money for my services. Not long afterward though, I think in late 1990 or early 1991, the cooperative signed two mega-contracts, and I made a tidy – for the times – sum out of both of them.
The first contract was installation of antivirus software on computers imported to the USSR from Bulgaria by a Kiev-based cooperative. Bulgarian computers back then were plagued by viruses, which made a right mess of data on disks; the viruses, btw, were also Bulgarian.
The second contract was for licensing antivirus technologies in a certain mega-MS-DOS-based system (MS Office’s ~equivalent back then).
What I spent my first ‘real’ money on?… I think it was a VCR. And a total waste of money that was. I never had the time for watching movies, let alone recording stuff and watching it again. My family weren’t big into videos either. Oof. (Btw: a good VCR back then cost… the same as a decent second-hand Lada!)
My ~second purchase was a lot more worthwhile – several tons of paper for the publication of my first book on computer viruses. Btw: just after this buy the Pavlov Reform kicked in, so it was just as well I’d spent all my rubles – days later a lot of my 50 and 100-ruble notes would have been worthless! Lucky!
My book was published in the spring of 1991. Alas, it hardly sold – with most copies gathering dust in some warehouse no doubt. I think so anyway; maybe it did sell: I haven’t found a copy anywhere since, and in the K archive we only have one copy (so if anyone has another copy – do let me know!). Another btw, btw: I was helped immensely by a certain Natalya Kasperskaya back then in the preparation of the book. She was at home juggling looking after two little ones and editing it over and over; however, I think it must have piqued her curiosity in a good way – she warmed to the antivirus project and went on to take a more active part.
That pic there is of my second publication. The single copy of the first one – just mentioned – is at the office, and since we’re taking this quarantine thing seriously, I can’t physically take a pic of it (.
Besides books, I also started writing articles for computer magazines and accepting occasional speaking opportunities. One of the clubs I was speaking at would also send out shareware on diskettes by post. It was on such diskettes that the early versions of our antivirus – ‘-V by doctor E. Kasperski’ (later known as ‘Kaspersky’:) appeared (before this, the only users of the antivirus were friends and acquaintances).
The main differences between my antivirus… utility and the utilities of others (there’s no way these could ever be called ‘products’) were, first: it had a proper user interface – in the pseudo-graphics mode of MS-DOS – which even (!) supported the use of a mouse. Second: it featured ‘resident guard’ and utilities for the analysis of system memory to search for hitherto unknown resident MS-DOS viruses (this was back before Windows).
The oldest saved version of this antivirus is the -V34 from September 12, 1990. The number ’34’ comes from the number of viruses found! Btw: if anyone has an earlier version – please let me know, and in fact any later versions too – besides -V.
The antivirus market back then didn’t exist in Russia, unless you can call Dmitry Lozinsky’s ‘Aidstest’ on a diskette for three rubles a market. We tried to organize sales via various computer cooperatives or joint ventures, but they never came to much.
So I had to settle into my role, in 1990-1991, as a freelance antivirus analyst, though no one had heard of such a profession. My family wasn’t too impressed, to say the least, especially since the CCCP was collapsing, and a pertinent question ‘discussed in kitchens’ [no one did cafes/restaurants/bars for their meet-ups and chit-chats back then: there weren’t many in the first place, and not many folks had the money to spend in them even if they had] would be something like: ‘where’s all the sugar gone from the shop shelves?’ Tricky, tough times they were; but all the more interesting for it!
Ancient cybersecurity folks with more than 20 years’ experience in the industry will of course remember the infamous ILOVEYOULove Letter email worm from the early 2000s. What they may not recall is that it was exactly 20 years ago when it first reared its ugly head.
20 years? What?! Yep: Two decades ago to the day this cyber-maggot paralyzed practically the whole world. Wanna know what the guy responsible for this global cyber-tragedy is doing now, and where? I’ll get to that a bit later…
But I’ll start with a summary of the events of 20 years ago, in case you missed them. First up: why ‘Love Letter’?
This cyber-vermin crawled into millions of folks’ email inboxes. The receiver got a ‘love letter’ from what looked to be a friend or acquaintance.
Curiosity killed the… email recipient: after the attached VBS was clicked, the malware basically took control and sent itself on behalf of the recipient to everyone in his/her address book. And in some kinda totally mental mega-exponential way managed to infect – in a matter of hours!! – practically the whole email-using planet!
This caused colossal damages (yes, the worm also damaged certain files) (damages: to the tune of several BILLION dollars!)). Curious fact: the code for e-mail distribution was swiped from another worm – Melissa – which a year earlier ran amok around the whole world too (Microsoft had to switch off its corporate email (in current terminology – self-isolated) in order to stop the spread of the worm).
There’s another interesting element of Love Letter: the worm would download from the internet a Trojan that stole the infected computers’ internet-access logins and passwords (this is back when access was mostly dial-up, costing a lot – using per-hour tariffs), and sent them to a given address.
We’ve already had a few ‘B-sides’ – Aniva and Tyuleny – on our Kurils adventure. Now it was time for a bonus track – a previously unreleased rarity, as it were: the Commander Islands!
Can you guess what question I’m asked most of all during interviews and press conferences?
It started being asked back in the 1990s, quickly becoming the feared question that used to make me want to roll my eyes (I resisted the temptation:). Then after a few years I decided to simply embrace its inevitability and unavoidability, and started to improvise a bit and add extra detail to my answers. And still today, though my answers have been published and broadcast in probably all the mass media in the whole world – often more than once – I am asked it over and over, again and again. Of late though, it’s like I’ve come full circle: when I’m asked it I actually like to remember those days of long ago!
So, worked it out yet?
The question is: ‘What was the first virus you found?’ (plus questions relating to it, like when did I find it, how did I cure the computer it had infected, etc.).
Clearly, an important question, since, if it weren’t for it infecting my computer all those years ago: I may not have made a rather drastic career change; I may not have created the best antivirus in the world; I may not have raised one of the largest private companies in cybersecurity, and a lot more besides. So yes, a fateful role did that virus play – that virus that was among the early harbingers of what was to follow: billions of its ‘descendants’, then, later, cybercrime, cyberwarfare, cyber-espionage, and all the cyber-bad-guys behind it all – in every corner of the globe.
Herewith, I continue my historical-archeological dispatches from what is today known as Lebanon. Specifically – from Byblos, one of the oldest cities in the world.
Quite how old no one can really say for sure, but the internet rumors it to be around 9000 years! The guides who were showing us round – plus the info on the walls here – give the more modest figure of approximately 6000 years. Others say ~7000; still others – ~8000. Whatever – give or take a few thousand years (!), this city is still for sure one of the world’s very oldest.
20 years in business – is that a long time, or no time at all? Or how about 25 years of continuous development of new technologies and products (including the five years pre-KL)?
To answer that properly we need to ask how old the industry – cybersecurity – is itself. Well, the very first antivirus programs appeared just a few years before 25 years ago.
So that means we’re one of a handful of developers that created cybersecurity! Indeed, we’ve been in the industry since its infancy (when on-demand signature scanners were all the rage), and are still here today (in the new age of big data and machine learning). And that’s 20+ years in the cutting-edge avant garde. Oh yes. And no: modesty isn’t forbidding – it’s our birthday, after all :).
More immodesty: just think of all the cyber-nastiness we’ve been destroying in all those 20 years!
Of course, there’s never just one way of interpreting history. And Kaspersky Lab’s history is no exception.
On the one hand, we could look at old pics from our halcyon days of 20 years ago, recall the naive mistakes and missteps we made with a cringe, then also look in the mirror at our graying hair and deepening lines on our faces and get all melancholic! Sure – that’s possible…
But on the other hand – looking at the very same pics of those halcyon days of 20 years ago – we could simply smile instead, and say something like: ‘Not a bad first two decades, but we’re only just warming up!’ It’s all just perception: you gonna concentrate on the problems and difficulties, or the successes and achievements? Well, no prizes for guessing which perception we’re going for in this here post; yep the latter: ’cause that’s how we do it KL – we stay positive. In this business – you have to! And we hope we’ll inspire you, dear readers, to do the same.
Everything changed in 20 years? Actually – not quite. At least one thing hasn’t: work hard and think big
So, in the run-up to KL’s birthday, we had a long hard think about how we could most graphically and strongly arouse inspiration, while keeping true to historical faithfulness (and observing norms of decency:). And this is what we came up with: let’s have a quick look at some of the more curious and fun aspects of the company over the years – how it was in the ‘good old days’, how it looks now, and how it’ll be in the future.
I’ll start with the office.
If we go right back to the beginning – the early 1990s, we’ve moved offices a whopping six times!
Here, for example, is what the epicenter of development of one of the best antiviruses in the world looked like in 1994. That was our whole office! Ok, so registering as ‘Me Lab’ came three years later, but still – it was our office. It was actually part of the KAMI company, which produced software and hardware solutions in the 90s.
Btw, it was in this year (1994) that we took part in Hamburg University‘s AV tests for the first time – and unexpectedly won (by a mile) on quality of protection. In the pic above I think the smiles were breaking through the exhaustion after hearing about our win.
That, boys and girls, was the history of cybersecurity passing by!
28 years ago, somewhere around the fall of 1989, my Olivetti M24 was attacked by a virus. That fateful event changed my – and many others’! – lives. If only that virus had known precisely whose comp it attacked that day, and how many malicious descendants would be wiped out over the next decades both by my hand and later by the hands of KLers, I’m pretty sure it’d have about-turned in a jiffy and gotten the hell out of there!
Precisely 20 years ago today – on June 26, 1997 – ‘Me Lab‘ was founded.
But it’s fairly quiet in the office today. No party, no champagne, no nothing. On our 20th birthday? Don’t worry – we’ll get to that. We’ll be celebrating, in usual crazy fashion, but just a little later. Today it’s business as usual. All the same, tonight – NOW!, if you’d raise a glass of something tasty and utter a few kind words, please do. You will be repaid in good vibes and positive karma or some such – for sure!
Whoah – we just received congrats from Scuderia. Grazie mille! (the photos arrived with a note: ‘Kimi is smiling!’ Well, so are we:).
Usually it’s just for short stays with a few different places to visit, but there’s normally plenty of interesting tales to tell afterwards. Not this time! This time it was business, business, and again business. In this post, alas, there’ll be nothing too riveting for you, dear reader – just a few curious items…
…The first being… SNOW!
Now, you might think there’s no way a Russian could ever be interested in snow in other countries. Coals to Newcastle, right? But you’d be wrong. For this is the first time in my life I’ve ever seen SO MUCH SNOW – right here, in the U. S. of A.! A knee-jerk, subconscious urge was willing me to be offended: ‘How’s it possible? Give us our patented, trademarked snow back!!’ One word: odd. No, one more word: unexpected.
On June 15, 2004, at precisely 19:17 Moscow time something happened that started a new era in computer security. We discovered the first malware created for smartphones.
It was Cabir, which was infecting Symbian-powered Nokia devices by spreading via unsecured Bluetooth connections. With its discovery the world learned that there was now malware not just for computers – which everyone already knew too well about (save for the odd hermit or monk) – but also for smartphones. Yes, many were scratching their heads at first – “viruses infecting my phone? Yeah, pull the other leg” – but the simple truth of the matter did finally sink in sooner (= months) or later (= years a decade!) for most people (some still aren’t aware). Meantime, our analysts made it into the history books!
Why did we christen this malware Cabir? Why was a special screened secure room created at our Moscow HQ? And how did Cabir end up in the pocket of an F-Secure employee? These and other questions were recently put to Aleks Gostev, our chief security expert, in a interview for our Intranet, which I thought I’d share with you here; might as well have it from the horse’s woodpecker’s mouth…
Incidentally, the story started really running when we used these two devices to analyze the malware:
Our very first ‘office’ in Strogino
