NOTES, COMMENT AND BUZZ FROM EUGENE KASPERSKY – OFFICIAL BLOG
July 4, 2023
Saint Petersburg walkabout – done.
Saint Petersburg roof-about – done.
Next up, Port Bronka (here) – the new, modern (i.e., deep enough for modern monster-sized ships) port of the city (not to be confused with the nearby older Great Port of St. Petersburg), which happens to be a customer of ours (for all things cybersecurity, naturally) and with which we have a great relationship…
April 25, 2023
Curiously, in the comments at the bottom of my Instagram post about my visit to Orenburg, a dear reader suggested we visit her nearby hometown of Gui (pronounced Guy; not Gay). Another commenter stated something along the lines of, “What? That hole?!” To which the original commenter retorted, ~”actually, yes – it is a hole, kinda, since it has the deepest hole mine in the whole of Europe!” This interaction was all the more amusing to me since I was reading it… in Gui!…
We flew to Gui (incidentally, a +1 to my list of cities in the world visited) by helicopter. Perfect. In the car we would have missed the fantastic aerial-panoramic views of the vast steppe, and it’d have taken us four hours…
September 15, 2022
Norilsk walkabout – done. Norilsk borsch – supped, and already yearning for more.
Next up – an inspection of the industrial-technological processes upon which the city of Norilsk grew, and which still produces a broad spectrum of the elements from the periodic table.
Nornickel was kind enough to show us practically the whole process of the production of copper: extraction > fine crushing > preparation > smelting > electrolysis > dispatching. All that, coming up in this post…
First up for us – safety talk, down there on the ground floor (next to that pond in which carp swim!) ->
July 16, 2022
The other week I found myself at Innoprom-2022 – the industrial exhibition in Yekaterinburg. I’d been twice before – in 2017 and 2021 – and, come this year, I can now say that it’s progressed well.
I was there for just one day, and was as busy as a bee – as per the template. Still – I did manage to find the time to take a few pics of some of the more intriguing stands and exhibits…
But, first – it wasn’t the exhibits or stands that impressed most of all. Can you guess what did? Have a look at the following photo. Got it?…
Masks no longer needed. Hurray! Away with you, maddening muzzles! Yes, the virus has weakened, immunity has risen, and the situation is (seemingly, mostly) under control. Let’s hope it stays that way. And I’m sure it will. After all, mega-awful mutants tend to visit us every ~50 years: there was the Spanish flu in 1918–1920, then the Hong Kong flu in 1968–1970, and then of course corona in 2020–2021 (yes, there’ve been other virus pandemics, but they came and went much less noticeably). Anyway, no matter: the latest semi-centennial pandemic – done and dusted!
Right. Next thing to impress? Actually – it wasn’t impress, it was more depress. Just look at these lines to get into the event! Folks had to wait sometimes over an hour. Nope. Sorry: organizers – get a grip. This won’t do at all. Sort it. // I was lucky: as a speaker I entered through a designated door without having to wait.
Once inside – first thing’s first: head over to our stand, where I had my first meeting scheduled. And here we are! ->
December 8, 2021
Ten years is a long time in cybersecurity. If we could have seen a decade into the future in 2011 just how far cybersecurity technologies have come on by 2022 – I’m sure no one would have believed it. Including me! Paradigms, theories, practices, products (anti-virus – what’s that?:) – everything’s been transformed and progressed beyond recognition.
At the same time, no matter how far we’ve progressed – and despite the hollow promises of artificial intelligence miracles and assorted other quasi-cybersecurity hype – today we’re still faced with the same, classic problems we had 10 years ago in industrial cybersecurity:
How to protect data from non-friendly eyes and having unsanctioned changes made to it, all the while preserving the continuity of business processes?
Indeed, protecting confidentiality, integrity and accessibility still make up the daily toil of most all cybersecurity professionals.
No matter where it goes, ‘digital’ always takes with it the same few fundamental problems. ANd ‘go’ digital will – always – because the advantages of digitalization are so obvious. Even such seemingly conservative fields like industrial machine building, oil refining, transportation or energy have been heavily digitalized for years already. All well and good, but is it all secure?
With digital, the effectiveness of business grows in leaps and bounds. On the other hand, all that is digital can be – and is – hacked, and there are a great many examples of this in the industrial field. There’s a great temptation to fully embrace all things digital – to reap all its benefits; however, it needs to be done in a way that isn’t agonizingly painful (read – with business processes getting interrupted). And this is where our new(ish) special painkiller can help – our KISG 100 (Kaspersky IoT Secure Gateway).
This tiny box (RRP – a little over €1000) is installed between industrial equipment (further – ‘machinery’) and the server that receives various signals from this equipment. The data in these signals varies – on productivity, system failures, resource usage, levels of vibration, measurements of CO2/NOx emissions, and a whole load of others – and it’s all needed to get the overall picture of the production process and to be able to then take well-informed, reasoned business decisions.
As you can see, the box is small, but it sure is powerful too. One crucial functionality is that it only allows ‘permitted’ data to be transferred. It also allows data transmission strictly in just one direction. Thus, KISG 100 can intercept a whole hodge-podge of attacks: man-in-the-middle, man-in-the-cloud, DDoS attacks, and many more of the internet-based threats that just keep on coming at us in these ‘roaring’ digital times.
October 21, 2021
There’s an extraordinary, rather rare, optical phenomenon that goes by the name of a glory, called so no doubt because of its resemblance to a halo. It’s caused by the shadow of an airplane (or some other object) on some clouds, which shadow becomes encircled by rainbow-esque rings – almost like a rainbow that’s perfectly round (which, actually, does occur, but only in very rare circumstances), but this isn’t a full-circle rainbow, it’s a glory. Confused yet?!
Curiously, the airplane’s shadow in the middle can disappear, leaving just the glory. You can get to see such an effect from a plane (if you’re lucky) coming in to land in cloudy weather if you sit at a window that’s not facing the sun. Which is where we were sitting; and this glory showed itself upon the dense cloud cover below us. I hadn’t seen this mysterious optical phenomenon at such a height for ages. This one was probably due to the air being relatively clean and fresh =>
September 21, 2021
Personal experience, plus what I’m told by other clever folks, has taught me to treat with much skepticism any predictions regarding the future given by so-called experts – in fact all kinds of prognoses and prophesies about this, that and the other. Although I tend to share this view, I have to make an exception for the predictions of one single person in particular: me! Why? Because, unfortunately, those predictions normally come true…
Ten years ago, when we chose industrial cybersecurity as one of our new main areas for development of the company, attacks on industrial equipment were largely deemed hype and/or something out of Hollywood, or at least limited to relatively few specific enterprises; for example, ones like this. But since the beginning of the 2010s I’ve been repeating (ad nauseam!) that, sooner or later, attacks on industrial installations will go mainstream and become massive in scale, and that modern industrial security is sadly very lacking in its ability to cope with the realities of the digital world.
Today, attacks on industrial objects are becoming a daily – very expensive – reality. We’ve already seen how a ransomware-cyberattack on a mere office network of large pipeline can bring about a short-term rise in the price of gasoline in the U.S.A. So imagine how much more costly attacks on industrial components of critical infrastructure operators could be. And it’s not just a matter of financial losses incurred by targeted companies caused by their compelled down time – there’s also the hit taken by all the consumers of the companies’ products and services, which can be painful for regional economies and even national ones.
June 3, 2021
One morning last week I bounded up onto a stage to make a speech, and the first thing I told everyone was literally: “How happy I am to see you all here!” But of course I was, since I – like most everyone else – am just soooo tired of this long-drawn-out corona-covid saga. I want a return to normality and to be able to get back to my customary rhythm of conferences, exhibitions, and assorted other business activities (preferably without a tie). And as if my prayers were answered – here was one such event, which happened to be one of our own: our annual Kaspersky Security Day 2021…
So what can I say?… That folks clearly missed such kind of meets. Who was there? Everyone! Just short of 200 guests in person, and more than 500 followed the live broadcast online.
May 11, 2021
Still up above the Arctic Circle, after our excursion of the phostpates mine, it was back to the town of Kirovsk. It’s not only a mining center, it’s a skiing one too. I really hoped we could get a half-day of downhill skiing in, but it wasn’t to be; as often is the case – ‘we’ll have to do that next time’. The ‘cultural program’ this time was somewhat more modest: a visit to the town’s museum! It’s rather small, but all the same there’s plenty to see.
In room 5 there’s a collection of mineral stones – around a thousand of them! Wonderful! It reminded me of my once uttering ‘Mom, I want to be a geologist!’
Oh my geology! So many! All different somehow – in terms of chemical make-up, color, shape. Odd names too – many I’d never heard of:
May 7, 2021
Hi folks!
I’d heard a lot about modern mining equipment that works autonomously, i.e., without a miner nearby controlling it. Well now I’ve seen it in action too – the other day, when I paid a visit to Phosagro in the Khibiny Mountains on the Kola Peninsula – inside the Arctic Circle! – in the northwest corner of Russia, not far from the Finnish border.
Here’s a robo-miner drilling into rock, all on its lonesome:
Whereas today’s ‘miners’ sit in a brightly-lit, air-conditioned office operating joysticks occasionally and checking the progress of the robots on a bank of screens:
