I love numbers (it must be the mathematician in me). Any kind of numbers really, but those that you have to really rack your brains over – they’re the best. Numbers that are particularly round and milestoney – they’re awesome too. And talking of round numbers that are milestoney and awesome, it just so happens that 10 years ago, on November 27, 2010, my first ever blogpost on this here blog you have open in your browser now was published!
Accordingly, on this veritable jubilee, I don’t see why we can’t have a mosey back through those 10 years for some highlights, aka greatest hits, of each one of them, with brief analysis and commentary given the benefit of hindsight regarding how things have worked out for the company, the industry and the world since the posts were originally published.
So what makes a ‘greatest hit’? Simple: the most read and commented on. So we had a quick look over the stats – at both the total number of views and of comments added to the bottom of each – and chose the top-two posts of each year. All righty. Let’s do this!…
2010
As it took a while to get momentum going early on, there were just two posts on this blog in 2010, both of which I’ll mention here.
My first ever blogpost in English was this: 100 in a Year! One of my briefest ever, too. Besides the following avia-route given in it, there was just a bit more text and that was it! Still, the first step is always the hardest, as they say.
Moscow – Novosibirsk – Moscow – Rome – Paris – Santiago – Patriot Hills – the South Pole (New Year) – Patriot Hills – Santiago – Paris – Moscow – Beijing – Singapore – Paris – Rio de Janiero – Lima – Punta Cana (Dominican Republic) – Madrid – Barcelona – Geneva – Paris – Milan – Rome – Munich – Hannover – Hamburg – Berlin – London – Hong Kong – Tokyo – Moscow – Paris – São Paulo – Iguazu Falls (Argentina-Brazil border) – Buenos Aires – Lima – Bogota – Paris – London – Hanoi – Ho Chi Minh City – Frankfurt – Barcelona – Athens – Corfu – Dubai – Sydney – Brisbane – Cairns – Ayers Rock – Sydney – Dubai – Larnaca (Cyprus) – Tokyo – Paris – Moscow – Petropavlovsk-Kamchatsky – Moscow – Beijing – Milan – Moscow – Munich – Singapore – Hong Kong – Istanbul – Nice – Moscow – Paris – Mexico City – Guadalajara – Shanghai – Guangzhou – Tokyo – New York – Chicago – Dallas – Boston – Munich – Moscow – Abu Dhabi – Bali – Moscow
This is where I stated my predications of the share of the global mobile OS market in the future – in around five years time (2015). And I didn’t do too badly either! My rough forecast went like this:
The first few years after the founding of the company were the toughest of all because we really had to put the hours in, aka, bust our asses. It was like we were compressing a spring for it only later to be released to take the company up high and far beyond the horizon and in the right direction of pipe dreams (be careful what you have pipe dreams of:). After the formal registration of KL in 1997, with very little we did an awful lot. We had no money and hardly any resources, but the cybersecurity conveyor waits for no one: new technologies were needed, and the market demanded new products. So we toiled and slogged, working most weekends, and with hardly ever a vacation. So what were we working on? Here’s an example…
June 1998: the global Chernobyl (CIH) virus epidemic. All the other AV companies either didn’t notice it or didn’t bother with it, or were on vacation; we were almost the only one with a product that not only caught, but also cured systems infected with this pathogen. The www (i.e., already not just Runet:) was dotted with links to our site. That’s how we were rewarded for our super-speedy reactions to new threats – that and our ability to launch quick updates with procedures for treatment of specific threats. While this specific virus-threat incredibly craftily installed itself into Windows memory, hooked file-access calls, and infected executable files – all of which required a custom-designed dissection process that would have been impossible to deliver without flexible functionality of updates.
So – tough: yes; but we were getting results and growing. And then, two months later, we received a helping hand (of fate?!) of the most unexpected kind…
August 1998:theRussian financial crisis, featuring devaluation of the ruble, plus Russia defaulting on its debt. It was bad for most Russians on the whole, but we were reeeaaal lucky: all our foreign partners paid us in advance in foreign currency. We were an exporter. Our operating/working currency – a heavily devalued ruble; our income – dollars, pounds sterling, yen, etc. We were in the money!
But we didn’t rest on our ‘lucky’ laurels amid the financial crisis. We used the period also to take on new, professional – expensive! – managers. Soon we had commercial, technical and finance directors. And a little later we started to take on mid-level managers too. This was our first ever ‘restructuring‘ – when the ‘team’ became a ‘company’; when friendly, organic relations were replaced by a more formal organizational structure, subordination and accountability. The restructuring could have been painful; thankfully it wasn’t: we just got on with it without too much nostalgia for the old family-like times.
// For all about this kind of reorganization-restructuring-‘reengineering’ – I highly recommend the book Reengineering the Corporation by Michael Hammer and James Champy. It’s a real good one. Other useful books – here.
In 1999 we opened our first foreign office – in Cambridge in the UK. But, like, what with the British market being perhaps one of the toughest to crack for foreigners, why there? Actually, it was kinda just by chance (I’ll tell you how below). Still, we had to start somewhere, and anyway, our first experiences – including many mistakes and lessons learned – in the UK helped in making development of the business in other countries run a lot smoother…
Our first ever press tour took place in London, as we were in the British capital anyway for an IT security conference (InfoSecurity Europe). On that press tour we proudly announced our intention of opening an office in the UK. But the journalists would simply ask why, given that there were already Sophos, Symantec, McAfee and so on already comfortably established in the country. So we switched to geek mode: we told them all about how our company was a truly innovative one, and all about our unique technologies and products and how – because of them – we’re better than all the competition they’d just mentioned. All this was noted with much surprised interest (and another bonus: ever since then really silly questions have never been asked of us!). Meanwhile, at InfoSecurity Europe I gave my first ever speech to an English-speaking audience made up of… two journalists, who turned out to be from our friends at Virus Bulletin who already knew plenty about us! Still, that was the first – and last – time any of our presentations weren’t full-house (btw: details – here).
As regards our first ever partner conference, here’s how that came about..
Some time in the winter of 1998-1999 we were invited to the partner conference of our OEM partner F-Secure (Data Fellows). And that’s how we learned about the whole partner-conference format and what a great idea it is: to gather everyone together, share all the latest information about technologies and products, to hear out partners’ concerns and problems, and to discuss new ideas. Not ones to hang about – within a year (in 1999) we put on our own partner conference, inviting ~15 partners from Europe, the U.S. and Mexico to Moscow. Here we all are, on Revolution Square next to Red Square and the Kremlin:
Back with more K cyber-nostalgia – this post takes us back to a very special year for the company – the year of its founding! And as you can see from the date on our company registration certificate – that founding took place on June 26, 1997:
And that’s why we have our yearly mega-birthday-bash every June July (don’t ask; what’s a month among friends?!) – only not this year: the first time we’ve ever not had one. Shame. But what can you do?
I remember our first birthday party the following year in 1998, in a fairly rough bowling alley. Not too impressed with such a setting, we made amends the following year – already branching out into the countryside surrounding Moscow, where it’s been every year since, and where I really hope it will be again next year.
Here’s another curious K-tale from the summer of 1997…
Last week I realized I’d been in lockdown-isolation-quarantine for a full quarter-year. Three months sat at home, with only a couple of brief trips to the deserted office, plus every weekend at the dacha with the similarly isolated family. Like for everyone – a very extraordinary daily existence. For me – no planes/airports, no hotels, no meetings or speeches: in short – very little travel.
However, everything’s relative: in three months we’ve all traveled 230+ million kilometers (a quarter of a full orbit of Earth around the sun)! And that’s without taking into account the fact that the Solar System itself travels at some crazy speed. One thing that hasn’t changed much since lockdown began is business meetings – they’ve simply all moved online. Ah yes – and all our business in general is carrying as usual, unaffected by biological viruses ).
But enough lockdown talk; you’re probably tired of hearing anything in connection with it. Accordingly, herewith, I continue with more of my tales from the cyber-past side; this time – interviews with newspapers, magazines, radio, TV, plus assorted other public performances. (I was reminded of my ‘media relations’ activity while recalling my week of interview-hell at CeBIT long ago the other day when compiling my CeBIT recollections (Cyber-yesteryear, pt. 4). And it turns out I’ve plenty to relate to you about interesting experiences talking to the media and public speaking and all that – plenty that’s fun and unusual, plus of course a few (brightened and polished) photos too.
And there’ll be all sorts of different sizes and flavors of media-tales coming up too: from speeches in practically empty halls – to rammed stadiums! From unknown tiny local media publications – to top-tier global media household-name conglomerates! From professional lectures at leading universities and/or with specially tech-equipped audiences – to informal lectures about the wonders of arithmetic on a ship sailing to… Antarctica via Drake Passage! Eugene is the name; variation is the game ).
Right. I guess the logical place to begin is right at the start…
Herewith, more tales from back in the day about how our company went from humble beginnings to what we are today. And this cyber-yesteryear series – it’s all thanks to… lockdown! I’d have never found the time for such meanderings down cyber-memory lane otherwise…
Just in case you missed them, here are the previous installments:
All righty. Part 5: 1996. Truly a fateful, watershed year…
First, at KAMI, where I was still working, the owners decided to break away. As a result KAMI was split up into several independent organizations. And in the following year – 1997 – we broke away too.
Second, we signed an OEM (original equipment manufacturer) contract with the German company G-Data to supply them with of our antivirus engine. That contract ran for a full 12 years – up to 2008! – when we became No.1 on the German retail market. That’s just how it went. Our original-tech prowess was unstoppable! But what were we to do? But, anyway, it was G-Data who’d approached us (we weren’t able to actively seek out tech-partners back then), offering Remizov – boss of KAMI – cooperation, culminating in the signing of the contract at CeBIT, as described in Part 4. And that was how our technology-licensing business took off.
After the Germans (in 1995) came the Finns – F-Secure (in 1996), then known as Data Fellows. Let me tell you about how our cooperation with them started.
In August 1995, the first ever macro virus appeared, which infected Microsoft Word documents. It turned out that writing macro viruses was very straightforward, and they were being spread at alarming rates among a great many unsuspecting users. This caught the attention of other virus writers, and very quickly macro viruses became the biggest headache for the antivirus industry. Detecting them was far from easy, since the format of a Word document is most complex (who knew?:). So for several months AV firms played shamen using various methods, until when, in early 1996, McAfee (the company:) announced the ‘correct’ disassembly method for the format of Word documents. That news was latched onto by our colleague Andrey Krukov (who’d joined our collective in 1995), and he quickly came up with a most elegant and effective tech solution. I put the word out about this, and pretty soon companies started approaching us with offers to buy our technology. Having garnered several such offers, we arranged a meet with them all – at the upcoming Virus Bulletin Conference in Brighton, UK, where Andrey and I traveled to in the fall of 1996.
In Brighton, things hardly went to plan: none of those meetings ever came to anything! However…
Finally, summer’s arrived. Took it’s time! But I’m not sure it’s the blessing it normally is, since we’re all still sat at home working remotely. Sure, there have been ‘easings’ here and there around the world, but we here at K are in no rush to… rush things. I think that goes for other IT companies too that will be working from home till at least fall, while some have signaled they’re on for staying home until the end of the year. And of course business trips are still being cancelled, as are exhibitions and conferences and Olympic Games and Cannes Festival and a whole load of other large-scale events. Some countries still have closed borders too.
So yep: we’re all still cooped up, not getting out much, and getting a bit stir crazy with the cabin fever. At least that’s how things are for many, I’m sure. There are others who are taking advantage of all the extra time and getting more exercise than ever, the devils! I’m somewhere in-between. Sometimes tired of Groundhog Every-Day, but staying busy. And that includes dusting off and delving into my archives to dig up some old photos, which lead to fond memories (plus reminders of how quickly the world is changing), which lead to… my next cyber-yesteryear post!
Yes, this series combines cyber-nostalgia, plus various personal and business insights I’ve picked up along the cyber-way, which I hope will be useful to some, or just interesting to others. Accordingly, I continue here today with part four, and I continue my tales, begun in part three, about CeBIT…
CeBIT – we loved it to bits! It was just sooo new and different and massive and…
Just in case you missed the firsttwo, this is the third episode of my cyber-yesteryear chronicles. Since I’m in lockdown like most folks, I have more time on my hands to be able to have a leisurely mosie down cyberseKurity memory lane. Normally I’d be on planes jetting here, there and everywhere for business and tourisms – all of which normally takes up most of my time. But since none of that – at least offline/in person – is possible at the moment, I’m using a part of that unused time instead to put fingers to keyboard for a steady stream of personal / Kaspersky Lab / cyber-historical nostalgia: in this post – from the early to mid-nineties.
Typo becomes a brand
In the very beginning, all our antivirus utilities were named following the ‘-*.EXE’ template. That is, for example, ‘-V.EXE’ (antivirus scanner), ‘-D.EXE’ (resident monitor), ‘-U.EXE’ (utilities). The ‘-‘ prefix was used to make sure that our programs would be at the very top of a list of programs in a file manager (tech-geekiness meets smart PR moves from the get go?:).
Later, when we released our first full-fledged product, it was named ‘Antiviral Toolkit Pro’. Logically, that should have been abbreviated to ‘ATP’; but it wasn’t…
Somewhere around the end of 1993 or the beginning of 1994, Vesselin Bontchev, who’d remembered me from previous meet-ups (see Cyber-yesteryear – pt. 1), asked me for a copy of our product for testing at the Virus Test Center of Hamburg University, where he worked at the time. Of course, I obliged, and while zip-archiving the files I accidentally named the archive AVP.ZIP (instead of ATP.ZIP), and off I sent it to Vesselin unawares. Some time later Vesselin asked me for permission to put the archive onto an FTP server (so it would be publically available), to which I obliged again. A week or two later he told me: ‘Your AVP is becoming really rather popular on the FTP!’
‘What AVP?’, I asked.
‘What do you mean ‘What AVP’? The one you sent me in the archive file, of course!’
‘WHAT?! Rename it right away – that’s a mistake!’
‘Too late. It’s already out there – and known as AVP!’
And that was that: AVP we were stuck with! Mercifully, we (kinda) got away with it – Anti-Viral toolkit Pro. Like I say – kinda ). Still, in for a penny, in for a pound: all our utilities were renamed by dropping the ‘-‘ prefix and putting ‘AVP’ in its place – and it’s still used today in some of the names of our modules.
First business trips – to Germany for CeBIT
In 1992, Alexey Remizov – my boss at KAMI, where I first worked – helped me in getting my first foreign-travel passport, and took me with him to the CeBIT exhibition in Hannover in Germany. We had a modest stand there, shared with a few other Russian companies. Our table was half-covered with KAMI transputer tech, the other half – our antivirus offerings. We were rewarded with a tiny bit of new business, but nothing great. All the same, it was a very useful trip…
Our impressions of CeBIT back then were of the oh-my-grandiose flavor. It was just so huge! And it wasn’t all that long since Germany was reunified, so, to us, it was all a bit West Germany – computer-capitalism gone bonkers! Indeed – a cultural shock (followed up by a second cultural shock when we arrived back in Moscow – more on that later).
Given the enormity of CeBIT, our small, shared stand was hardly taken any notice of. Still, it was the proverbial ‘foot in the door’ or ‘the first step is the hardest’ or some such. For it was followed up by a repeat visit to CeBIT four years later – that time to start building our European (and then global) partner network. But that’s a topic for another day post (which I think should be interesting especially for folks beginning their own long business journeys).
Btw, even as far back as then, I understood our project was badly in need of at least some kind of PR/marketing support. But since we had, like, hardly two rubles to rub together, plus the fact that journalists had never heard of us, it was tricky getting any. Still, as a direct result of our first trip to CeBIT, we managed to get a self-written piece all about us into the Russian technology magazine ComputerPress in May 1992: home-grown PR!
Fee-fi-fo-fum, I smell the dollars of Englishmen!
My second business trip was in June-July of the same year – to the UK. One result of this trip was another article, this time in Virus Bulletin, entitled The Russians Are Coming, which was our first foreign publication. Btw – in the article ’18 programmers’ are mentioned. There were probably 18 folks working at KAMI overall, but in our AV department there were just the three of us.
Herewith, I continue my tales from the cyber-old-school side. You’ve already had the first installment – about when I caught my very first fish virus, about our first antivirus utility, and about when I decided to go it alone to become a member of a profession that didn’t really exist back then (as a freelance antivirus analyst).
So, after a few weeks as a freelancer – which was basically a few weeks of doing not much at all as I couldn’t find any customers – I decided I needed to get a regular day job again with a company. So what I did was organize a ‘tender’ between three private companies that had offered me work.
One of them (KAMI) deserves a separate post of its own, so here I’ll just go over its main features. It was a rather large, and very multifaceted import-export-and-a-bit-of-everything-else company, which had a computer department that eventually broke off from KAMI to become independent. Its boss was Alexey Remizov, a great guy who believed in and helped me for many years.
But, back to the tender. Now, if two of the companies told me something like: ‘Sure, drop by next week, let’s discuss your offer’, Alexey suggested I come to his office the following morning, and the day after that he was showing me where my desk and computer were, putting some money in my hand as my first advance, deciding on a title for my ‘department’ – the ‘Anti-Virus Department’ (or something like that), and providing me with two employees.
My first work task – firing both employees! They just weren’t right. And I managed this first task ok – no hysterics, no conflicts: I think they agreed with me they weren’t the right ‘fit’.
Now, a bit more about KAMI (remember – in 1991)…
The computer department of KAMI was made up of around two dozen folks. But there was literally no money to be spent on computers! Therefore, the start-up capital came from sales of shoes imported from India, chocolate biscuits, the manufacture of a car alarm system, and systems of encoding TV signals (for paid TV). The only actual computer IT projects were my antivirus department and also a transputer department, which happened to be the most successful departments of KAMI back then.
What else can I recall from this time?
Actually, not a great deal, as I was too busy working 12-14 hours a day: I didn’t have time to take much notice of anything else, including politics. Still, let me think…
We rented our first office in… a kindergarten (!) in Strogino, a northwestern Moscow suburb. Later we moved to some premises in the Polytechnic Museum, then in Moscow State University, then a research institute, then another. We used to joke: in our early days the company went through all levels – besides high school ).
Having written a post recently about our forever topping the Top-3 in independent testing, I got a bit nostalgic for the past. Then, by coincidence, there was the 20th anniversary of the ILOVEYOU virus worm: more nostalgia, and another post! But why stop there, I thought. Not like there’s much else to do. So I’ll continue! Thus, herewith, yet more K-nostalgia, mostly in a random order as per whatever comes into my head…
First up, we press rewind (on the 80s’ cassette player) back to the late 1980s, when Kaspersky was merely my surname ).
Part one – prehistorical: 1989-1991
I traditionally consider October 1989 as when I made my first real steps in what turned out to be my professional career. I discovered the Cascade virus (Cascade.1704) on an Olivetti M24 (CGA, 20M HDD) in executable files it had managed to infiltrate, and I neutralized it.
The narrative normally glosses over the fact that the second virus wasn’t discovered by me (out of our team) but Alexander Ivakhin. But after that we started to ‘woodpeck’ at virus signatures using our antivirus utility (can’t really call it a ‘product’) regularly. Viruses would appear more and more frequently (i.e., a few a month!), I would disassemble them, analyze them, classify them, and enter the data into the antivirus.
But the viruses just kept coming – new ones that chewed up and spat out computers mercilessly. They needed protecting! This was around the time we had glasnost, perestroika, democratization, cooperatives, VHS VCRs, Walkmans, bad hair, worse sweaters, and also the first home computer. And as fate would have it, a mate of mine was the head of one of the first computer cooperatives, and he invited me to come and start exterminating viruses. I obliged…
My first ‘salary’ was… a box of 5″ floppy disks, since I just wasn’t quite ready morally to take any money for my services. Not long afterward though, I think in late 1990 or early 1991, the cooperative signed two mega-contracts, and I made a tidy – for the times – sum out of both of them.
The first contract was installation of antivirus software on computers imported to the USSR from Bulgaria by a Kiev-based cooperative. Bulgarian computers back then were plagued by viruses, which made a right mess of data on disks; the viruses, btw, were also Bulgarian.
The second contract was for licensing antivirus technologies in a certain mega-MS-DOS-based system (MS Office’s ~equivalent back then).
What I spent my first ‘real’ money on?… I think it was a VCR. And a total waste of money that was. I never had the time for watching movies, let alone recording stuff and watching it again. My family weren’t big into videos either. Oof. (Btw: a good VCR back then cost… the same as a decent second-hand Lada!)
My ~second purchase was a lot more worthwhile – several tons of paper for the publication of my first book on computer viruses. Btw: just after this buy the Pavlov Reform kicked in, so it was just as well I’d spent all my rubles – days later a lot of my 50 and 100-ruble notes would have been worthless! Lucky!
My book was published in the spring of 1991. Alas, it hardly sold – with most copies gathering dust in some warehouse no doubt. I think so anyway; maybe it did sell: I haven’t found a copy anywhere since, and in the K archive we only have one copy (so if anyone has another copy – do let me know!). Another btw, btw: I was helped immensely by a certain Natalya Kasperskaya back then in the preparation of the book. She was at home juggling looking after two little ones and editing it over and over; however, I think it must have piqued her curiosity in a good way – she warmed to the antivirus project and went on to take a more active part.
That pic there is of my second publication. The single copy of the first one – just mentioned – is at the office, and since we’re taking this quarantine thing seriously, I can’t physically take a pic of it (.
Besides books, I also started writing articles for computer magazines and accepting occasional speaking opportunities. One of the clubs I was speaking at would also send out shareware on diskettes by post. It was on such diskettes that the early versions of our antivirus – ‘-V by doctor E. Kasperski’ (later known as ‘Kaspersky’:) appeared (before this, the only users of the antivirus were friends and acquaintances).
The main differences between my antivirus… utility and the utilities of others (there’s no way these could ever be called ‘products’) were, first: it had a proper user interface – in the pseudo-graphics mode of MS-DOS – which even (!) supported the use of a mouse. Second: it featured ‘resident guard’ and utilities for the analysis of system memory to search for hitherto unknown resident MS-DOS viruses (this was back before Windows).
The oldest saved version of this antivirus is the -V34 from September 12, 1990. The number ’34’ comes from the number of viruses found! Btw: if anyone has an earlier version – please let me know, and in fact any later versions too – besides -V.
The antivirus market back then didn’t exist in Russia, unless you can call Dmitry Lozinsky’s ‘Aidstest’ on a diskette for three rubles a market. We tried to organize sales via various computer cooperatives or joint ventures, but they never came to much.
So I had to settle into my role, in 1990-1991, as a freelance antivirus analyst, though no one had heard of such a profession. My family wasn’t too impressed, to say the least, especially since the CCCP was collapsing, and a pertinent question ‘discussed in kitchens’ [no one did cafes/restaurants/bars for their meet-ups and chit-chats back then: there weren’t many in the first place, and not many folks had the money to spend in them even if they had] would be something like: ‘where’s all the sugar gone from the shop shelves?’ Tricky, tough times they were; but all the more interesting for it!
Ancient cybersecurity folks with more than 20 years’ experience in the industry will of course remember the infamous ILOVEYOULove Letter email worm from the early 2000s. What they may not recall is that it was exactly 20 years ago when it first reared its ugly head.
20 years? What?! Yep: Two decades ago to the day this cyber-maggot paralyzed practically the whole world. Wanna know what the guy responsible for this global cyber-tragedy is doing now, and where? I’ll get to that a bit later…
But I’ll start with a summary of the events of 20 years ago, in case you missed them. First up: why ‘Love Letter’?
This cyber-vermin crawled into millions of folks’ email inboxes. The receiver got a ‘love letter’ from what looked to be a friend or acquaintance.
Curiosity killed the… email recipient: after the attached VBS was clicked, the malware basically took control and sent itself on behalf of the recipient to everyone in his/her address book. And in some kinda totally mental mega-exponential way managed to infect – in a matter of hours!! – practically the whole email-using planet!
This caused colossal damages (yes, the worm also damaged certain files) (damages: to the tune of several BILLION dollars!)). Curious fact: the code for e-mail distribution was swiped from another worm – Melissa – which a year earlier ran amok around the whole world too (Microsoft had to switch off its corporate email (in current terminology – self-isolated) in order to stop the spread of the worm).
There’s another interesting element of Love Letter: the worm would download from the internet a Trojan that stole the infected computers’ internet-access logins and passwords (this is back when access was mostly dial-up, costing a lot – using per-hour tariffs), and sent them to a given address.
