Herewith – a brief interlude to my ongoing meandering Tales from the Permafrost Side. And what better interlude could there be than an update on a momentous new K-product launch?!
Drum roll, cymbal!…
We’re launching and officially presenting to the world our first fully ‘cyber-immune’ solution for processing industrial data – the death knell for traditional cybersecurity heralding in a new era of ‘cyber immunity’ – at least (for now) for industrial systems and the Internet of Things (IoT)!
So, where is this cyber-immune solution? Actually – in my pocket! ->
We had a full day in the city, combining business with pleasure: in the morning we headed over to see the good folks at the Irkut Corporation, and in the afternoon – museum visits! ->
Phew. Thank goodness it’s over. The ghastliest year known to most of us ever – finally done, dusted, finito, fertig. Let’s just hope, as many folks are repeating: ‘2021 will be better; it can’t be worse, surely?!’
For a good 10 months of last year practically the whole world was in a permanent state of shock. And I don’t just mean the world’s population; private business and national economies were also hit incredibly hard. Alas, one field that hasn’t been affected badly at all – in fact it has only benefitted from the pandemic, greatly – is cybercrime. Folks locked down and working from home and spending much more time online meant there were many more potential cybercrime victims ripe for the hacking. And not just individual users, but also companies: with employees working from home, many corporate networks came under attack as they weren’t sufficiently protected since, in the rush to get everyone working remotely quickly in the spring, security wasn’t given priority. In short, the whole world’s digital status quo was also badly shaken up by this vicious virus from hell.
As a result of the rise in cybercrime – in particular that targeting vulnerable corporate networks – the cybersecurity sector has been busier than ever. Yes – that includes us! 2020 for us as a Kompany turned out to be most productive. For example, the number of new versions of our solutions launched throughout the year was most impressive – especially in the enterprise sector.
We’ve also had new versions in our industrial cybersecurity solutions line up, one of which is what I want to talk about today – some teKh known as MLAD. Not to be confused with online funny-video sites, or MLAD that’s short for Minimum Local Analgesic Dose, or MLAD that’s short for Mid Left Anterior Descending artery, our MLAD is short for Machine Learning for Anomaly Detection.
If you’re a regular reader of our blogs, you may recall something about this tech of ours. Maybe not. Anyway – here’s a refresher/into, just in case…
Our MLAD is a system that uses machine learning to analyze telemetry data from industrial installations to pinpoint anomalies, attacks or breakdowns.
Let’s say you have a factory with thousands of sensors installed throughout – some measuring pressure, some temperature, others – whatever else. Each sensor generates a constant flow of information. An employee keeping track of all those flows is fairly impossible, but for machine learning – it’s a walk in the park. Having preliminarily trained up a neuro network, MLAD can, based on direct or indirect correlations, detect that something’s wrong in a certain section of the factory. In doing so, million or multimillion-dollar damages caused by potential incidents not nipped in the bud can be avoided.
Ok – that’s the overall idea of what MLAD does. Let me now try and relate the granular scale of the analysis MLAD accomplishes using a medical metaphor… Read on: MLAD
Enter your email address to subscribe to this blog
Normally, my work schedule is made up of all sorts of meetings, press interviews, taking part in exhibitions, speaking at conferences all over the globe. Normally. Not this year, darn it!
Now, some of the events I get to are one-offs. Some are regular, recurring ones (mostly annual) but to which I get only once in a while. While there are some recurring events that I deem simply must-attend. And one of my main must-attends every fall or early winter is the World Internet Conference in Wuzhen, organized by the Cyberspace Administration of China, which I’ve participated in every year (up to 2019, that is) since 2015 – just a year after it’s ‘inauguration’ a year earlier. This year, alas – no traditional trip to eastern China; however, much like here at K, not being able to be present in-person does not mean a big and important event can’t still go on. Which is great news, as this means I can still get what I want to say across to: the main players of the Chinese internet – state regulators, heads of provinces and regional development institutes, and also bosses of the Chinese big tech companies; and all from a huge screen – perhaps the biggest I’ve ever seen!
Sure, it would have been nice to be there in person – to stroll around the quaint cobbled narrow streets of the old ancient town (as old as the Tang dynasty, apparently) and take a boat ride along its canals, which indeed some folks did manage to do, somehow. But I was playing it safe. Still, the plentiful ‘in-person’ activity at the venue is at least cause for optimism during these remote-everything times.
But now for the main thing: about Wuzhen superstition…
So my first business trip this year… Wait, what am I saying — this decade! :) Okay, so my first business trip this decade took me to the famed Chelyabinsk!
If you know Russia well, you know the stereotypes about how “tough/rugged” the people are here. But it’s not a bad thing! No, just the opposite, the jokes are reverent! One-liners like “People from Chelyabinsk are so tough that…” have turned the city into such a well-known brand that if I was… I don’t know, a taxi driver, I’d give everyone from here 10% off just out of respect! I can’t get enough of these memes! I searched the web for these memes and couldn’t stop laughing for 15 minutes :) The best part is that the jokes all mean well. The pictures and quotes are respectful in the vein of “don’t mess with Chelyabinsk”.
A question for %Russian hackers%: Got the guts to infect this Chelyabinsk flash drive? :)
In short, people in Chelyabinsk aren’t just tough, they’re very enterprising and keen on innovation. Years ago they were one of the first to recognize our newest solutions even when they were just prototypes. That’s a good a reason as any to take a trip to Chelyabinsk and show love to all these progressive guys and gals and guarantee the closest partnerships moving forward. “Peace and love,” as they say :) So ticket, plane, runway, sky! See ya Moscow! Next stop, Chelyabinsk!
According to expert forecasts, the ICS market is set to reach $7 billion by 2024. Attacks on critical infrastructure are increasingly hitting the headlines. The recent Venezuela blackout, for example, immediately looked suspicious to me, and just a couple of days later it was announced that it was caused by a cyberattack.
This July, in collaboration with ARC Advisory Group, we published a lengthy report on the state of things in the industrial cybersecurity sphere. It’s a good read, with lots of interesting stuff in there. Here is a number for you to ponder on: in 2018, 52% of industrial cybersecurity incidents were caused by staff errors, or, in other words, because of the notorious human factor. Behind this number is a whole host of problems, including a shortage of professionals to fill key jobs, a lack of technical awareness among employees, and insufficient cybersecurity budgets. Go ahead and read the report – it’s free :)
Attention all those interested in industrial cybersecurity: you still have a few days (till August 30) to sign up for our annual Kaspersky Industrial Cybersecurity Conference 2019. This year, it’s being held from September 18-20 in Sochi, Russia. There’ll be presentations by over 30 international ICS experts, including yours truly. So, see you soon in sunny Sochi to talk about some serious problems and ways to deal with them!
Just recently, the respected independent test lab AV-Comparatives released the results of its annual survey. Taking place at the end of 2018, the survey, er, surveyed 3000 respondents worldwide. Of the 19 questions asked of each, one was ‘Which desktop anti-malware security solution do you primarily use?‘. And guess which brand came top in the answers for Europe, Asia, and South/Central America? Yes: K! In North America we came second (and I’m sure that’s only temporary). In addition, in Europe we were chosen as the most frequently used security solution for smartphones. We’re also at the top of the list of companies whose products users most often ask to test, both in the ‘home’ segment and among antivirus products for business. Great! We like tests, and you can see why! Btw – here’s more detail on the independent tests and reviews that our products undergo.
“Thou hypocrite, first cast out the beam out of thine own eye; and then shalt thou see clearly to cast the speck out of thy brother’s eye.” – Matthew 7:5
In May, yet another backdoor with features reeeaaal useful for espionage was discovered. In whose tech was the backdoor found? Russia’s? China’s? Actually – Cisco‘s (again)! Was there a hullabaloo about it in the media? Incessant front-page headlines and discussion about threats to national security? Talk of banning Cisco equipment outside the U.S., etc.? Oh, what, you missed it too?! Yet at the same time, Huawei’s international lynching is not only in full swing – it’s in full swing without such backdoors, and without any convincing evidence thereof whatsoever.
Around a year ago, I told you on these here blog pages about an excursion I was given around a gold mine. Down we went deep into the bowels of the earth, where we were shown the whole process of beneficiation through which they extract out of every ton of earth a mere 7-8 grams of gold (which eventually find themselves in a .900 – ~20 karat gold bar).
Now, during that excursion, I recall how we were told by our guides how, though the mine we were in was really quite sufficiently modern, mechanized and automated, it still remained somewhat a ‘diet’ version of a gold mine. If we wanted to see a ‘full fat’ version, we needed to get ourselves… somewhere like this (which, a year later, is just what we did):
I recall reading somewhere once – I think it was in a German tourist guidebook – that: ‘If you’ve no special reason to go to Hannover, then there’s no real point going there.” Bit harsh, I remember thinking at the time. However, it turns out that it’s also one of my most frequently-visited cities. I carefully went through my records, and low and behold, I’d been to this German city a full 19 times. Well I was there again just the other week – a jubilee: my 20th visit! Accordingly. On this special occasion, I figured it would be appropriate to get out my trusty Sony and get some serious snapping in – since we had a full half-day free in the city. And that’s just what I did. Herewith – the results of that snapping.
Many folks still think we’re just an anti-malware company. Wrong!
Many folks think we’re an anti-malware company that protects their computers and smartphones from any and all kinds of cyber-evil better than anyone else. Right!
Thing is, we’re not just an anti-malware company anymore; far from it. For years already we’ve been providing broader cybersecurity faced with the broader and broader spectrum of cyber-bad that the world is coming up against. This includes protection against: cyberattacks on both the Internet of Things and industrial facilities.
We’ve been warning about the potential for cyberattacks on industrial objects and critical infrastructure for more years than I can remember now. We were banging on about it even before Hollywood got wind of this alarming potential, and that was in the mid-2000s. And we weren’t just banging on about it either; we were busy at work on serious protection technologies to fight it. I’ve mentioned these before, but, briefly: industrial cybersecurity, transportation cybersecurity, IoT protection, and our own secure operating system. And you won’t find many cybersecurity companies around the world that offer a range of products and technologies as wide as that.
All the same, still, today – in 2019! – we’re ‘that anti-malware company’ to a great many. However, very slowly, how we are perceived is changing. And that’s not just what I see myself – there are figures that prove it. Example: global sales of our industrial infrastructure solutions (KICS – industrial ‘antivirus’ :) ) grew in 2018 by 162%! And such growth was seen across nearly all regions – Europe, Latin America, the Middle East and Africa, Asia-Pacific, and Russia. We’ve already completed 80+ projects worldwide for a wide range of industries from power generation, mining and oil refinery, to beverage production.
Both the scale and complexity of threats in the industrial sphere are on the up; what’s more, at stake here is critically important infrastructure like… nuclear power plants. I’m sure I don’t have to tell you how serious that is. On the brighter side, thankfully, our industrial/infrastructure customers understand that protecting their kit requires an individual, tailored approach to each facility and each of its automated industrial control systems (ICS).
Btw, in 2018 our KICS was given as an example in four subsections of multifaceted ‘Operational Technology Security’ in a study by Gartner, the global research and advisory company. To me this shows one thing: that we’re the recognized leaders in the industrial cybersecurity market. Ahhh, that feels satisfying. All that work and investment hasn’t been for nothing!
But besides cutting-edge industrial security, we also have other new services and products. For example, Blockchain Security; specifically, Crypto-Exchange Security and ICO Security (ICO being ‘initial coin offering‘; like an IPO, only with cryptocurrencies, and mostly for startup companies). And we already have some successful projects under out belt! Which is nice to know since Gartner reckons that the blockchain market, come 2030, will be worth more than… three trillion dollars! Already today crypto-exchange turnover comes to more than 300 billion dollars, out of which around 1.2 billion was stolen… in just 11 hacker attacks. Looks like we’ve got our work cut out for us. Oh well. No rest for the wicked awesome ).
So what else have we in our box of tricks? Ah yes…
Now, you’ll know how the whole world these days buys, sells, and generally does business mostly online, right? What you may not know about is our solution to protect all that online business – our Fraud Prevention. It’s made up of all sorts of very cool security technologies, including behavioral biometry and machine learning (details here and here).
Another must-have for business is our DDoS Protection. This uses special sensor software that gets installed on a company’s server. It monitors traffic to collect data for behavioral analysis; it builds up this data to continually improve its ability to detect even the most subtle of behavior anomalies that are characteristic of the start of a DDoS attack. The service is full-on all-inclusive too: notifications are sent immediately about possible attacks, and there’s an option for all the traffic of a company to be redirected to KL’s Cleaning Centers and for only ‘clean’ traffic to be returned to the company. And after an attack a full report on its detailed analysis is sent to the company.
It’s all very well having all this super-duper cyber-tech, but what good is it if the human element isn’t taken into account? In crisis situations, often the PR people of an attacked company take by far not the best decisions, since they don’t really know what’s going on or what to do. Instead of minimizing damage, they make it worse with ill-advised announcements or – worse – not announcing anything to customers/the public. Therefore, we have KACIC – a set of anti-crisis communications tools backed by the whiz kids in our PR team, who understand better than most all the reputational risks of an attack on IT infrastructure. Forewarned is forearmed!
As the Fourth Industrial Revolution continues to develop and the IoT market grows and grows to change every sector of the economy (manufacturing, agriculture, commerce, urban infrastructure, transportation…), we’re putting lots of time and investment into transportation cybersecurity and protection of IoT devices; so much so I think our next breakthrough tech solutions will be in these fields. That time and investment runs parallel with my frequent calls for a thing I call ‘cyber-immunity’, which needs to replace what we have now – ‘cybersecurity’. This means a protective layer at the very core of system architecture, not placing one on top of essentially un-secure systems based on outdated technologies. We’ve already learned how to do this for IoT gadgets; next up – well, the sky is the limit!…