Eugene Kaspersky: “The good news is that we use AI to detect ‘malware’. The bad news is that criminals also use it.”

A historic rainstorm caused unprecedented flooding in desert Dubai on April 16. Among the hundreds of people from all over the world trying to land in the city was Eugene Kaspersky (1965, Novorossiysk), founder and CEO of the cybersecurity company Kaspersky. His flight from Moscow was not without incident: “There was turbulence the entire time and I had to land in Abu Dhabi.” After waiting a couple of hours on the plane, he was able to leave the airport and get a car to take him to Dubai.

The Russian cybersecurity expert compares the storms in Dubai with the challenges his company faces in the United States. In recent years, the company has come under scrutiny due to allegations about its relationship with the Russian government. In fact, in 2017 the United States vetoed the use of software from Kaspersky to government agencies for fear of Russian espionage. Now it is preparing to go further and issue an order that would prevent American companies and citizens from using its software due to national security concerns, according to CNN.

“There are things in the world that we cannot change. We simply have to adapt to the new reality, as happens with storms. That is why we continue working,” says Kaspersky, in an interview with EL PAÍS, in relation to the United States accusations. Next, the expert boasts that his company has technologies “that recognize the malware (malicious software) better than others: we do it in real time and send what we capture on the Internet to the rest of the community. Companies like McAfee and Broadcom also exchange information. It is a kind of cooperation network.” Failure to do so, according to the expert, could reduce the quality of protection and expose users to greater risk.

The United States is not the only country that views Kaspersky with suspicion. In 2022, just two months after Russia invaded Ukraine, Germany’s Federal Cyber ​​Security Authority urged companies and users to avoid using the company’s programs due to “a considerable risk of a successful cyber attack.” Kaspersky CEO defended himself: “These claims are speculations that are not supported by any objective evidence.”

When asked about his position on the war in Ukraine and his relationship with the Russian government, the expert insists that Kaspersky is “an independent cybersecurity company. We are a very transparent company. They fear that we will do something wrong. We explain to them that this is impossible because we cannot be invisible. Many people would see it and would not remain silent,” he states in an interview conducted in Kaspersky Cyber ​​Immunityan event organized in Dubai between April 17 and 19 to which EL PAÍS has been invited by the cybersecurity company.

Kaspersky stated in March 2022 that “war is not good for anyone.” His company has been especially affected in the United States: “Now they don’t want us and business has fallen by around 50%,” he says. However, he highlights that in some countries like Spain it has not affected them negatively and that their products They continue in the Catalog of Information and Communication Technologies Security Products and Services of the National Cryptological Center. The purpose of this guide is to offer government agencies a set of reference services.

When the war began, cybercriminal activities and politically motivated attacks proliferated, according to the expert. “It doesn’t just happen with wars, but it happens with any major event, such as an earthquake or tsunami,” says the expert, who says he is “100% sure that attacks related to the Olympic Games will occur.” Cybercriminals “use the flaws of these events for social engineering and make further hacking attempts.”

In a war, “everyone” is vulnerable to cyberattacks: “Individuals, companies, soldiers…”. After the invasion of Ukraine, some companies that were active with Russia saw a 1,000% increase in attacks. “We were observing what was happening on the Russian side and there were massive attacks against various companies and public services. Many aimed to steal and publish sensitive data. Others were against the financial sector and infrastructure,” says Kaspersky.

Artificial intelligence in the wrong hands

A long time ago Kaspersky asked itself a question: “Why do malware and the crackers (people with advanced computer skills who use them for malicious purposes)?” He is clear about the answer: “Because the architecture of the operating systems is vulnerable.” He recalls that “the main ideas of modern operating systems were created in the 60s and 70s″. At that time, those who mainly used computer systems were scientists and military personnel. “Cybernetics was not for the general public. “It was for a club of gentlemen who knew each other, so there was no room for criminals.”

But the situation has changed. In his company, every day they detect more than 400,000 new cases of malware: “It is impossible to do it manually.” For this reason, they use a machine learning system: “The good news is that we use artificial intelligence to detect malware. The bad news is that criminals also use it for their own purposes.” For him, the danger of artificial intelligence is precisely “that it falls into the wrong hands.”

Although automated systems are used, the criminal business based on malware It involves “hundreds of thousands of people.” “If they said that there were 100,000 people involved in the development of malicious code, it wouldn’t surprise me,” says the expert. The typical cyber attacker profile is a software engineer between 20 and 30 years old. “Although the majority are young, there are people between 14 and 60 years old,” he says.

Typically, behind all these attacks there are “complex” organizations that operate as “a company.” They have specialized departments in each stage of the process, according to Kaspersky: from engineering the attack to negotiating the ransom. “In many cases, these people don’t know each other. They only know each other by nicknames and they have contacts, but they have never met in person,” he says.

Some cybercriminal groups specialize in specific types of attacks and focus on particular regions. “If we talk about ransomware, the majority are Russian speaking. If we talk about botnets and backdoors, most of them are Chinese speaking. And if we talk about financial fraud, the majority are Spanish and Portuguese speaking,” he explains. There’s a reason the Chinese don’t make as much ransomwarea kind of malware that locks a victim’s data or device and threatens to keep it locked: “For the economy. He ransomware often asks for cr
yptocurrency, and cryptocurrency is banned in China. Therefore, Chinese cybercriminals cannot monetize them.”

A mobile without applications

To face the threats of the cyber world, the cybersecurity expert has a unique mobile phone in the world. It’s a phone that his own company is developing for him. It’s still a prototype. “It’s not very smart because the camera doesn’t work yet,” admits Kaspersky, who previously had an old Nokia. Beyond Telegram, the mobile hardly has any applications. But Kaspersky doesn’t care. “I don’t have time to use it,” he says.

When you want to use your social networks or upload content to your travel blog, uses a computer that he always carries with him. How do you take photos if your mobile camera doesn’t work? The answer is inside your backpack. He opens the zipper and proudly takes out a large camera. “I’m not a professional, but some of my photos are pretty good,” he notes.

To protect itself in its daily life, Kaspersky avoids publishing personal information on social networks. Additionally, he only gives out his phone number to people with whom he has a close relationship and who know his time zone. “I don’t want to receive calls at five in the morning,” he says. For him, “the main mistake of users is that they trust anyone on the Internet.” The expert warns that criminals, especially in Latin America, are using deepfakes to fool people with fake voice and images. To avoid being a victim of any attack or fraud, it is recommended to use updated security products on your devices. And he highlights something even more important: “Don’t trust anyone online. Especially now that we are in the age of deepfakes”.

You can follow EL PAÍS Technology in Facebook and x or sign up here to receive our weekly newsletter.

_