For the last two weeks each and every fan of official
Kaspersky Lab Facebook pages worldwide had the chance to ask our CEO, Eugene Kaspersky, anything at all (and we must say that some of our fans took this
literally:)) Thank you for the hundreds of great questions! There’s nothing
more valuable in this world for us than your feedback and ideas on how to
proceed with our quest to Save the World in the most efficient way. We’ve
selected the most interesting and edgy questions of yours and asked Eugene to
answer them with his usual honesty. Here’s the first Social Media chat with
him, which, if you’re up for it, we’re proposing to make an ongoing tradition:
Why don’t you issue a free antivirus version for home
use with limited features just for the Middle East? Because the original copies
for the Middle East are really expensive, contrary to those in European
countries, which makes us download the full version of the program illegally
and using stolen registry numbers or crack programs to register it.
Eugene Kaspersky: Nice question!
And really painful. First of all, in today’s world it’s not possible to release
a special free version for a dedicated country – it will spread all over the
world immediately. This is why we decided to do it globally. We offer a set of free products that will ensure basic protection of your PC. Let me draw your special
attention to Kaspersky Security Scan which works as a second-opinion scanner to illustrate how good (or bad)
your current AV is compared to the top-notch industry standards.
Mr. Eugene, Can I work for you?
Eugene Kaspersky: It’s not a
problem to get a job interview for Kaspersky Lab We have 30
representative offices and partners in more than 200 countries and territories.
If you think you’re qualified, just apply for a position and do your best to
prove yourself worthy to work with one of the best IT teams on the planet. (I really mean that.) We have a hell
of an HR team–I’m sure that your skills and potential would be examined in the
best way possible. I really wish you good luck. And I’m sure that everything in
the world is possible if you really want it and make an effort.
What about cybercrime in the next few years? Will it
be more or less? What will come?
Eugene Kaspersky: I wish I could
say “the world is getting much safer”, but, unfortunately, there are definitely
more threats to come. One of the reasons is the constant growth in the number
of computers, and now smartphones. There are more than 1.3 billion mobile
devices with access to the Internet right now. And each and every one of them
(well, almost), is connected to social networks with very confidential personal
data such as ID info, paid online accounts data (such as Skype, World of
Warcraft, PayPal etc), bank account information. And cybercriminals see that
growth and try to use this growing infrastructure for evil purposes. Plus, there’s
a number of really huge cyberweapons we’ve discovered this year (on our own and
together with our partners) – Flame, Gauss, miniFlame. The governments are starting to bring espionage and warfare tools to the
online world. And I’m afraid it would take a lot of guts, time and efforts to
Will there be a mobile solution coming up for Windows
Eugene Kaspersky: Absolutely! We
were among the first to enter Windows 8 marketplace. Our Kaspersky Now is there
and you’re free to use it now that Windows 8 is available. As for Windows 8
mobile, at the moment there is no technical opportunity to develop security
solution for WP8, however we keep monitoring this OS. It’s a very similar story
to iOS: closed platform and limited APIs.
When will Apple say yes to Kaspersky as an anti-virus
solution for the iPhone?
Eugene Kaspersky: Good question.
Let’s ask Apple?
Why did your team remove the sandboxing ?
Eugene Kaspersky: We have found
that very few users have actually used our Sandboxing features. After further
investigation, we found out that the majority of customers want a more targeted
approach for their personal security so we eventually implemented our Safe
Money feature. This feature brings real value to the majority of customers by
safeguarding their financial transactions. Also, developing a full-sized,
reliable and compatible sandboxing solution would cost us a lot of resources
that we prefer to spend on the features for most of our customers. Keeping in
mind Windows 8 kernel-mode limitations we decided to shift the protection scope
from “defend from something” to “protect your money”.
I work in a company that puts me in position to
influence the adoption of consumer and business security software; however, at
what point do you think companies will get on board and make the investment to
protect their assets and data? I have come across companies that have
experienced major, expensive security attacks and yet they still do not adopt
the level of security required. Yesterday I heard about a local school that
laid off their entire IT staff. Another company here state-side was fined over
$1 million USD for a lost/stolen laptop. Inexpensive security measures could
have prevented that. When will people finally realize that they need to protect
their data? Will it be too late by then? What can we do?
Eugene Kaspersky: We do our best
to educate SMB users, as well as those in the corporate sector who are our
current and potential customers. The problem with IT security is that to manage
it effectively, you have to understand how it works. And there is a gap between
a skilled IT specialist and the CEO. I mean people who make decisions for the
company. Of course the CEO should not be a security expert but he is to heed
what the CIO says regarding that. An IT specialist knows what potential threats
are out there, but often cannot explain the value of protection and security
measures by using business language. Business people do understand the language
of money, but know squat about security. And until there’s a bridge to connect
them, there’s not a single chance that company would be secure. But nowadays
more and more managers come to the market with huge personal experience of living
online. This was not really the case 10-20 years ago. And as email users,
social media users, mobile banking users, they start to get more and more
concerned about corporate security. So, my answer would be – corporate
awareness is getting better each day.
How do you see in the future of IT devices for users
and the importance of security?
Eugene Kaspersky: Most science
fiction books and movies would become true: augmented reality, Google glasses,
tremendous progress in robotics and mobile infrastructure. In 10 years from now
most people will become connected 24/7 – they will see each other, hear each
other in any part of the world, they will work without going to the office,
they will share more and more information about their life with friends and
colleagues. And, by doing so, potential cyber criminals could manage to find
more and more ways of grabbing this information for their purposes. Remember
the old saying – “who owns information – owns the world”? That will be pretty
much the case in 10 years.
I’d like to know if Kaspersky gives full support to
the Windows 64-bit OS versions.
Eugene Kaspersky: We are
following Microsoft recommendations and best common practices while developing
our software. In some cases it makes sense to build your executable using 64
bit architecture but it’s usually required when you need to address a lot of
system memory. As we are very concerned about the performance of our software
and trying to reduce the performance footprint on the PC while our AV is
working, there is no great need right now to rewrite our software in 64 bit.
But if we’ll see it bring additional benefits in the performance and security
areas, we’ll do this at once.
You said 2013 will be the year of Android malware.
Considering that Android has conquered a big slice of the tablet and smartphone
market, what will be the further improvement of protection in the next
Kaspersky Mobile Security? And, since cybercriminals target Android OS more and
more, like for instance through the USSD Exploit Test that, opening a specific
web page resets the entire device and cancels everything on it. Maybe the time
has arrived for a sandbox for Android as well?
Eugene Kaspersky: We have already
released update on Google Play, which closes USSD vulnerability. As for sandbox:
please stay tuned
How come, regardless of the good quality of Kaspersky
security products, the company cannot stop the piracy phenomenon on its own
software? It’s surprising how easy it is to find illegal keys of your products.
This is a double problem: for the company itself, who loses credibility, and
for the clients who buy regular keys, because they feel “less smart” since they
have paid for something you can get for free and cracked.
Eugene Kaspersky: Those who
respect our work and those immense efforts we make every day to make the world
a better place never would crack our products or use fake keys. But if they do,
this is their choice. They decided to steel money not from us, but from
millions of people who really try making the world safer by buying our products
and by doing that support our research and development process. It’s never been
about the possibility of cracking someone’s products – hackers have been there
since the beginning of the Internet era. But there always will be people who
buy someone’s piece of hard work and those who steal it. And it’s a question of
moral attitude, not additional product protection. By the way, for each
Kaspersky Product we absolutely know which one is fake or genuine. When the
databases are updated we know whether the key was generated by the company or
by an illegal tool. So we know exactly how many fake Kaspersky products are out
there. But the good news is that the percentage of counterfeit products is very
small. We have more friends than foes.
Do you plan some big changes in 2014 version, such as
native version for 64-bit systems or new engine?
Eugene Kaspersky: Oh yes:) But I
don’t want to spoil the surprise. Stay tuned to my blog and official corporate
blogs: Safeguarding me, Threatpost and Securelist.
Why is there only Internet Explorer in the browser
configuration settings in KIS 2013? Will other browsers (such as Google Chrome)
appear in time?
Eugene Kaspersky: There will be
improvement in the product towards better browser support, but I don’t want to
be too specific where these changes will occur. We are looking at what browser
companies are doing in the area of privacy (tracking) and checking whether this
area can be interesting for us.
In which direction will Kaspersky products evolve? Can
we expect methods that will block tracking and personalization of ads, banners
and such? Can we expect technologies that will use modern RAM modules and fast
processors to boost scanning time?
Eugene Kaspersky: For boosting the
scan time there’s no big need in memory: most of the scan time is being spent
in IO operations, so you better buy the SSD drive.
Are you planning to integrate in your products such
functionality as recognition and blocking of police ware – software, crated by
states for spying on their citizens? If yes what would it be? Some kind of
proxy? Or firewall?
Eugene Kaspersky: Policeware: we
are not going to immediately block such software as it’s not malware, if we’ll
find it. Most users will get an alert about ‘not-a-virus’ software that is
causing a potential remote administration/data interception possibility. If
there’s a keylogger, we’ll detect and remove it in any case, while checking its
origin. Also, I’m not even sure that there is a lot of evidence of which
government is using computer software to look after their citizens. To my mind,
most of the government surveillance happens on the carrier side, on the
Internet channels, and these are out of our control.
In order to detect the virus in a suspect file, most
anti-virus programs check the appropriate base. My question is: is there any
anti-virus solution that will not require signature database to detect the
Eugene Kaspersky: Kaspersky Internet Security andPureare not antivirus software anymore. Those are products with artificial
intelligence if I may – sometimes they don’t know this new malware, but they
can judge by its behavior that this is a suspicious code and if this code
proves to attempt doing something bad, it gets blocked before it actually gets
a chance. But software is not human – it’s software after all, and software
require a base to work with. That’s why signature databases and whitelistings
are essential to assure better protection. I don’t think they would ever
On television, I saw your speech in which you said
that antivirus detects known threats, and 80% of the total are unknown. Why
then do we need an antivirus, if it does not “see” 8 out of 10 viruses
Eugene Kaspersky: Premium
antivirus software like Kapersky KIS and Pure blocks 99.99% of attacks. You can
see the test results that independent third party experts do for the market.
What I meant was that at all times we know about 80% of all existing malware
and are ready to kill all the rest using our proactive defense – the defense
with AI that actually does act not just by comparing a code to the database of
known viruses, but by analyzing 100% of environment behavior. This includes all
of the processes going to the memory of your laptop or mobile, all of the
links, all of the ads. And this makes you 99.99% safe. I leave 0.01% for
exceptional cases that never occur. When something extraordinary happens you can
always go to an official Kaspersky website and get a free malware removal tool.
We have made them many times.
Is it true that you write viruses to detect them
after, and then make money by selling new versions of antivirus software?
Eugene Kaspersky: This is a very
strange question. There are millions of pieces of malware in the world and it`s
necessary to work day and night, 365 days a year to struggle with them.
Is anti-virus software able to remove malicious
applications that force computers to go to cycle mode (ON-OFF-turn, etc.). Even
if I can solve this problem on my own, I would like to just install security
software and not to think that it can happen.
Eugene Kaspersky: Yes, no
problem. Our products, with the definition of a serious threat to themselves
boot your computer, manage itself before any system files will be downloaded,
and neutralize the perpetrators. And in the new version of Windows 8 such
functionality is supported at the level of the core system. Our product is
perfectly integrated into the system.
When should we wait for a “vaccine” against viruses?
Eugene Kaspersky: Obviously, not
until the appearance of a panacea for all diseases
People from the United States complain that Facebook
is spying on its users, even if they are not currently logged in. Why doesn’t
anti-virus and other software warn them of these actions?
Eugene Kaspersky: Because in
Facebook’s disclaimer it is written that the data may be used by third parties.
We strongly recommend reading the disclaimers. Unfortunately, users often do
not consider it necessary.