When Eugene Kaspersky began tackling computer viruses, there was no internet, computers were rare and expensive and his native Russia was still behind the Iron Curtain. Since then he has been a major force in identifying and combating ever-more dangerous cyber-threats, and is currently advising the British Government on defence
There aren't many multinational corporations that can claim to be forged under the communist economic system. When Eugene Kaspersky, founder of the now globe-spanning security firm Kaspersky Lab, first turned his attention to combating computer viruses, he was an officer in the Soviet military, working in a ‘special calculation centre’.
There were 80 engineers operating out of the facility, which was filled with antiquated mainframes until the first PCs started arriving in the late eighties. The first virus many of the engineers had ever seen came along with them.
Running one of the few anti-virus utilities available at that time, a young Kaspersky discovered his own IBM computer was infected. “I was really curious about this computer virus. I was 25 years old, and had a virus in my hands. For a couple of years I was just collecting viruses like butterflies. At the same time I was developing a utility to detect them and to clean files,” he says. “There are two different types of people – those that like to assemble, to do something, and others who like to disassemble, to see what’s
inside. I’m a man that likes to analyse what’s inside.”
Having put together a rudimentary anti-virus program, Kaspersky then set about collecting and cataloguing the viruses that came into the facility. This soon led to lucrative contracts with Soviet political institutions in 1990, pre-installing anti-virus systems on PCs coming into Russia, which were often riddled with infection.
“With the money I got I could buy a used car, which in the Soviet Union was big money. As a full-time project it started in 1991,” Kaspersky continues. “I was still an officer in the Soviet army, but was spending more time with the software. Finally in 1990 I decided I had to make a choice – be an army officer or a software engineer. And I decided to be an engineer. Not an entrepreneur, not a businessman, but an engineer. All my family was
against that, as it was a very bad time. An economic collapse and the breakdown of the Soviet Union meant our situation was not stable.”
Of course, at this time there was no internet or anything approaching the instant global communication network we take for granted today. In Russia, the fidonet was powerful, but it was restrained to national borders. It wasn’t until international email became ubiquitous in the early nineties that the small team Kaspersky had assembled began shipping their research and software about the globe, and business started booming.
“In terms of how it became an international business, I wanted to be extrovert, I wanted to share my knowledge and software with as many people as possible,” claims Kaspersky. “Once the internet arrived there was more global communication and I started to communicate with my colleagues in other countries. I was asked if I still developed anti-viruses. I said yes. They asked if I’d share it on their FTP site. I said yes, take it. That
was around 1993.
“With the help of my friends from Germany, I published my software in 1993 and it started to spread in the community of geeks. In 1994, we got a top result. We were winners of the anti-virus comparatives, which was the first comparative in the history of
the anti-virus. Also in Germany we were voted number one. Then we started to get calls from European companies and a couple of American ones asking us about distribution. That was the beginning of our international expansion.”
The organisation, which Kaspersky admits lacked thorough knowledge of legal business practices and the English language in the early days, grew the Kasperksy brand through international deals over the course of the next few years. In 1996 it had a consumer product published and began the practice of licensing its extensive research to the growing anti-virus community.
“Then we moved on to what I call the second period of our global expansion,” he says. “We weren’t actively looking for more partners, we were just sitting and waiting. But at the same time we started to be active in other regions. We opened an office in Cambridge in the UK in 1999. We then opened offices in France and Germany, step by step. Now we have offices in the United States, Europe, China, Latin America, Africa, Asia, Australia, everywhere. Last year the task was complete. We have global coverage. In some regions though, we are still just a skeleton and we’ll have to grow muscles there. In the US,
Europe and China we have muscles, but in other regions we will be using the base we have for expansion programs and future growth.”
Kaspersky claims the firm’s national heritage has contributed to its expansion into new territories. “We take the opportunity of being a Russian company. We don’t have enemies. We don’t have serious conflicts, except for Ukraine and Georgia. But we still have businesses there –the Georgian government buys our product.”
The modern malware landscape is very different to the one in which Kaspersky cut its teeth. The days where viruses could be laid at the door of mischievous students are long gone, and now Kaspersky is one of the loudest voices urging governments and businesses to wake up to the real extent of the danger presented by today’s cyber-criminals, cyber-terrorists, and even other governments.
“In the past it was just kids. They were making viruses for fun, and the global economy didn’t depend on the internet,” continues Kaspersky. “Now it’s totally different, it’s not just kids – it’s cyber-criminals. There are particular hackers who run international attacks – it’s like a civil war on the internet. Governments still don’t have strong data, but I would not be surprised if some attacks were managed by governments – it’s logical. I’m 90 per cent sure they do it. Now the situation is very dangerous. The global economy depends on the internet. If we had some serious trouble with the internet infrastructure, if the internet were to be switched off, you’d forget about the financial crisis and global warming.
“The internet is not regulated – it’s not stable and its easy to unbalance. In 2003 or 2004 there was an epidemic of an internet worm and South Korea was disconnected from the internet. Three years ago Estonia was disconnected because of a targeted attack. Cyber crimes load on the global economy, I estimate, at least a $100 billion a year. But it’s not taken as seriously as it should be, because it’s invisible. If a business is stopped from running because of a virus, no one reports it.”
Over the past couple of years the British government certainly has been forced to look at the issue, and internet security has been rising up the agenda of those in power ever since. However, Kaspersky argues that attitudes still need to change with regards to international corporations, and nations need to start thinking outside of their own borders.
“Last year there was a ten million computer strong botnet discovered. I called it the world’s largest army,” he says. “What is it possible to do with ten million computers managed from the same source? Is it possible to stop the UK, to collapse its internet
systems? Yes. But fortunately, these guys were just cyber criminals.
“That was a real turning point. Governments started to talk about that stuff, to think about it. But the problem is governments still think within national borders. It’s global, we live in the same place as the Chinese, Latin Americans, Russians, British, Indians –it’s the same land. National security is not enough – it must be international. We rely on this digital world but we can’t control it; we don’t have to power to make sure everything
is ok. And we depend on these networks like we depend upon electricity. We will see more and more of [the attacks]. Last year I had a very good meeting with a couple of peers from the House of Lords. Now they are taking it seriously.”
AFTER THE INTERNET
Kaspersky paints a brighter picture of the further future –a more secure world in which the equivalent of mobile phones are the be all and end all of personal computing, and what we know of the internet has been cast to the annals of history.
“The way things are changing, it’s difficult to predict the future, but I think that computers will disappear or that they will become a niche,” concludes Kaspersky.
“These devices will be replaced by the phone. In the future they will be powerful enough to hold all your data. You won’t need a computer. In ten years from now, rather than wi-fi in hotels, there’ll be keyboards and screens, which will connect to the mobile phone. Critical data can be protected with fingerprint recognition. Future digital networks will be much more secure. We’ll leave the internet and fidonet with the old Roman technologies.”