Security threats Toolkit

Russia's cybercrime-fighting Bond villain

Tags:
Cybercrime

Dan Ilet ZDNet.co.uk

Published: 10 Jan 2005 17:05 GMT

Police reports suggest that a lot of phishing attacks and hack attacks originate in Russia. Is this an unjustified stereotype that's forming?
There are many types of hackers and criminals in Russia and in China, of course. But it's not a major proportion of the world. After all, the Russian police tend to arrest many people because they are quite good at this sort of thing. But criminals -- all nations have criminals. People have a dark part of the soul and a light part of the soul. If you have more of the dark part, you become a criminal. More of the light part, you don't. So if you look at arrests on virus writers and hackers, they're everywhere. In Russia we have criminals, but in Germany, China, the States, the UK and Hungary they have them too. I don't think most of them are in Russia. The visible part is coming from Russia but it's not the majority. More comes from Brazil.

Do you ever receive threats to your company?
Actually we are watching a group of hackers -- [we don't know where they are] but they are often in touch with our colleagues. We're constantly asking people for new information on people in the groups. But even if we have this information, it is very difficult to trace back. One of the active groups, which I don't want to name, just disappeared recently. It still exists, but they just don't disclose themselves. And we saw quite a lot of stuff from them. So we built generic protection from their Trojans and looked at their code samples. We defended from it. Then we got the next sample. When we opened it, it said "Kaspersky is a fool". [He laughs].

They want their software to be undetected so they develop technology to bypass detection. And they pay special attention to who develops security solutions. They are able to update that, so it's important that we update too. They can always try out our protection, so in a way, criminals everywhere are always one step ahead.

Your company claims to be able to disarm viruses in minutes. How often do you actually live up to that?
It's very difficult to write a virus. It takes time. For us it takes seconds to add detection but it takes years to develop antivirus technology that can do that. Seeing one sample is easy, but developing all the technology is very difficult. It's not easy.

You've said before that there will be some nasty trends in the security industry, almost akin to the Internet bubble bursting.
I'm not sure about this, but it seems to be going the same way. Everyone remembers the Internet boom. The new companies were helping the internet to grow. More services and companies were emerging. It seems to be the same case with the security companies now. There are companies getting rich because of the huge interest in security, and I'm sure there will be more antivirus and security companies that develop different solutions. This could come to an end, but I'm not sure, this is just a theory. What I am sure about is that the security situation will not be as good in the future. There will be more companies attacked.