Tag Archives: prombez

Hi folks!

Not long after returning from Indonesia, I was back on a plane and heading out once again – this time down to sunny Sochi. And I knew this was going to be a lucky trip because it started out so pleasantly: having settled into my seat on the plane, the Aeroflot flight attendant brought me a drink and, passing it to me, uttered the words, “Yevgeny Valentinovich, congratulations on the 256^th day of the year!” Seeing my puzzlement, she then let on reminded me that it was Programmer’s Day!

So south we flew – ending up not in Sochi itself but neighboring Adler. Now, as just mentioned, I knew from Sheremetyevo that this trip was gonna be a goodie, but check out this extra confirmation we were treated to upon arrival in Adler! ->

Read on…

I’ve been saying it often – for years: antivirus is dead.

Such a statement might at first seem strange – especially from someone who’s been a mover and shaker since the very earliest days in all things viruses and anti-virus in the late eighties and early nineties. However, if you dig a little deeper into the AV (RIP) topic and consult some authoritative sources in the (former:) field, then the statement quickly becomes quite logical: first, “antivirus” has turned into protective solutions “against everything”; second, viruses – as a particular species of malicious program – have died out. Almost. And it’s that seemingly harmless, negligible almost that causes problems for cybersecurity still to this day – at the back end of the year 2022! And that almost is the basis of this here blogpost today…

So. Viruses. Those Red-Listed last remaining few – where are they these days, and what are they up to?…

It turns out they tend to reside in… one of the most conservative sub-fields of industrial automation: that of operational technology (that’s OT – not to be confused with IT). OT is “hardware and software that detects or causes a change through the direct monitoring and/or control of industrial equipment, assets, processes and events” (– Wikipedia). Basically, OT relates to an industrial control systems (ICS) environment – sometimes referred to as “IT in the non-carpeted areas”. OT = specialized control systems in factories, power plants, transportation systems, the utilities sector, and the extraction, processing and other heavy industries. Yes – infrastructure; yes – often critical infrastructure. And yes again – it’s in this industrial/critical infrastructure where “dead” computer viruses are found today alive and kicking: around 3% of cyber incidents involving OT-computers these days are caused by this type of malware.

How so?

Read on…

Ten years is a long time in cybersecurity. If we could have seen a decade into the future in 2011 just how far cybersecurity technologies have come on by 2022 – I’m sure no one would have believed it. Including me! Paradigms, theories, practices, products (anti-virus – what’s that?:) – everything’s been transformed and progressed beyond recognition.

At the same time, no matter how far we’ve progressed – and despite the hollow promises of artificial intelligence miracles and assorted other quasi-cybersecurity hype – today we’re still faced with the same, classic problems we had 10 years ago in industrial cybersecurity:

How to protect data from non-friendly eyes and having unsanctioned changes made to it, all the while preserving the continuity of business processes?

Indeed, protecting confidentiality, integrity and accessibility still make up the daily toil of most all cybersecurity professionals.

No matter where it goes, ‘digital’ always takes with it the same few fundamental problems. ANd ‘go’ digital will – always – because the advantages of digitalization are so obvious. Even such seemingly conservative fields like industrial machine building, oil refining, transportation or energy have been heavily digitalized for years already. All well and good, but is it all secure?

With digital, the effectiveness of business grows in leaps and bounds. On the other hand, all that is digital can be – and is – hacked, and there are a great many examples of this in the industrial field. There’s a great temptation to fully embrace all things digital – to reap all its benefits; however, it needs to be done in a way that isn’t agonizingly painful (read – with business processes getting interrupted). And this is where our new(ish) special painkiller can help – our KISG 100 (Kaspersky IoT Secure Gateway).

This tiny box (RRP – a little over €1000) is installed between industrial equipment (further – ‘machinery’) and the server that receives various signals from this equipment. The data in these signals varies – on productivity, system failures, resource usage, levels of vibration, measurements of CO₂/NO_x emissions, and a whole load of others – and it’s all needed to get the overall picture of the production process and to be able to then take well-informed, reasoned business decisions.

As you can see, the box is small, but it sure is powerful too. One crucial functionality is that it only allows ‘permitted’ data to be transferred. It also allows data transmission strictly in just one direction. Thus, KISG 100 can intercept a whole hodge-podge of attacks: man-in-the-middle, man-in-the-cloud, DDoS attacks, and many more of the internet-based threats that just keep on coming at us in these ‘roaring’ digital times.

Read on…

There’s a town in Russia that’s situated almost precisely at the mid-point between Moscow and St. Petersburg. It goes by the name of Udomlya. You’ll no doubt not have heard of it. Not many Russians have heard of it; I hadn’t heard of it either until last week when we went there! For I don’t have an encyclopedic memory, and I tend to study geography through personal field visits!

So what were we doing in this little-known town? Well, just to the north of Udomlya there’s a lake of the same name, and on one of its banks is a place to which we paid a visit: the Kalinin Nuclear Power Plant.

// You think Udomlya sounds a little funny/stage in English? It sounds no less funny/strange in Russian! I had a quick look on the net for the etymology, and it claims it comes from the Finno-Ugric, but to me it sounds Slavic. Can any of you, dear readers, confirm the origins?

Now, much as I’d love to show you pics of this fascinating industrial installation, I’m not going to show you one! I didn’t take any! (Blimey: that must be a first.) For this is critical infrastructural object – no photography allowed, not by visitors at least. Some of the nice folks who showed us round – they were permitted to take photos, but even then – only in special designated areas. Accordingly, you’ll just have to settle for their handful of pics (and this here short text of mine)…

Read on…

A few days ago, a momentous, landmark event took place. It was in a seaside city – a ‘regular’ one, where it gets dark of a night (unlike others I can think of:) ->

The momentous event was – drum roll, cymbal…….. our first post-quarantine conference! In sunny ~Sochi!

And here’s my first post-quarantine event badge! ->

View this post on Instagram

Первый "пост-карантинный" бэджик! Причём с нашей конференции по промышленной кибербезопасности в Сочи. Считаю это – знак :) —8<— My first after-lockdown business badge. This one is from our recent conference on industrial cybersecurity in Sochi. I guess this is a sign :)

A post shared by Eugene Kaspersky ⚕️ (@e_kaspersky) on Sep 7, 2020 at 10:53am PDT

Read on…

So my first business trip this year… Wait, what am I saying — this decade! :) Okay, so my first business trip this decade took me to the famed Chelyabinsk!

If you know Russia well, you know the stereotypes about how “tough/rugged” the people are here. But it’s not a bad thing! No, just the opposite, the jokes are reverent! One-liners like “People from Chelyabinsk are so tough that…” have turned the city into such a well-known brand that if I was… I don’t know, a taxi driver, I’d give everyone from here 10% off just out of respect! I can’t get enough of these memes! I searched the web for these memes and couldn’t stop laughing for 15 minutes :) The best part is that the jokes all mean well. The pictures and quotes are respectful in the vein of “don’t mess with Chelyabinsk”.

A question for %Russian hackers%: Got the guts to infect this Chelyabinsk flash drive? :)

In short, people in Chelyabinsk aren’t just tough, they’re very enterprising and keen on innovation. Years ago they were one of the first to recognize our newest solutions even when they were just prototypes. That’s a good a reason as any to take a trip to Chelyabinsk and show love to all these progressive guys and gals and guarantee the closest partnerships moving forward. “Peace and love,” as they say :) So ticket, plane, runway, sky! See ya Moscow! Next stop, Chelyabinsk!

Read on…

After a spot of globetrotting – Beirut > Tianjin – it was time to head somewhere a bit closer to home: Sochi! Wey-hey – here come a few days working in a resort town. For it was here where we had our recent industrial cyber-event…

Since the temperatures in Moscow were taking their usual descent toward 0°C, it was most pleasant to know I’d still be in a t-shirt-weather-place after Lebanon-China. Woah – mid-20s – perfect! Our connection was in Moscow – Sheremetyevo – and it was damp and dark and +8°C outside – but we didn’t go outside. It was six in the morning, there was no one about, and we were through a tunnel/walkway, past passport control and to Terminal F in no time at all. Nothing like what my regular travel companion, D.Z., recently experienced (hours of waiting, lengthy lines, almost missing his connection onward). But I digress…

Anyway, we get to Sochi. Sun: out. The number of our guests: 320! Where from? – all over the globe! Event? – our Industrial Cybersecurity Conference 2019! (btw – here in Sochi for the second year running; the first one was just perfect, so we figured – let’s repeat it!).

Read on…