![\"alex-gostev\"](\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/37\/2012\/12\/05114844\/alex-1.jpg\" "\\"alex-gostev\\"")
<\/a><\/p>\n\u00a0<\/p>\n
Are governments around the world coping with cybercrimes or just studying it? <\/strong><\/p>\n Alex Gostev<\/strong>: The main problem with fighting cybercrime today is its global character. Undoubtedly, many countries in the world have achieved notable success in combating this threat; however, the most serious crimes can only be investigated successfully if there is international cooperation. Unfortunately, this is an area where problems do exist: a number of countries, for one reason or another, are not involved in international initiatives to fight cybercrime.<\/p>\n \u00a0<\/p>\n How did you manage to become who you are? Where did you get all that knowledge?<\/strong><\/p>\n \u00a0<\/p>\n Alex Gostev: That\u2019s a tough one J It was back in 1994 when I came across my first computer viruses; I only joined Kaspersky Lab in 2002. So you could say I gained most of my knowledge about viruses on my own. Take my word for it: there is sufficient information available on the Internet both to learn to analyze malicious programs and to understand the current trends in cybercrime and threat evolution. So, I suggest you read as many sites and expert blogs as you can, and try to reproduce their findings on your own; try to understand how the experts came to the conclusions they write about. Kaspersky Lab has three expert blogs: Securelist<\/a>, Threatpost<\/a> \u00a0and our new consumer blog<\/a>.<\/p>\n Why is it that virus makers mostly target the Windows operating system? <\/strong><\/p>\n Alex Gostev<\/strong>: The answer is simple: over 90% of users are on Windows. There is a similar situation when it comes to mobile platforms: Android leads the pack both in terms of users and malware.<\/p>\n They say that it\u2019s cyber war out there. Has Kaspersky been attacked? <\/strong><\/p>\n Alex Gostev:<\/strong> Just like any other company involved in information security, Kaspersky Lab is a frequent target for attacks. This is to be expected. And, of course, we use the most reliable technologies to protect us from such attacks.<\/p>\n \u00a0<\/strong><\/p>\n I want to work for Kapersky\u2019s GReAT team. What would be the best college to finish and courses to take? <\/strong><\/p>\n \u00a0<\/p>\n Alex Gostev<\/strong>: A technical education is important. There\u2019s no one college or set of courses that\u2019s the best to become a security researcher, but a good knowledge of operating systems, programming languages and a willingness to work hard are essential.<\/p>\n How many threats are added to Kaspersky databases daily to provide effective protection to everyone? What\u2019s the comparison to free antivirus solutions? <\/strong><\/p>\n Alex Gostev<\/strong>: At the present time, we detect some 200,000 new malicious programs every day. Naturally, it takes serious resources \u2013 both human and technical \u2013 to collect and process such huge volumes of threats. Besides malicious files, there are also other types of threats including malicious sites, network attacks, exploits etc. that we also need to keep tabs on. All this requires an extensive financial outlay. Independent testing shows that we have an edge over freeware security tools.<\/p>\n \u00a0<\/strong><\/p>\n Is there anything to protect us from our own government? <\/strong><\/p>\n Alex Gostev<\/strong>: We protect against malicious programs without making any distinctions as to who created them.<\/p>\n I know that Windows phone is not considered a virus target, but for those of us who want more security for our phone and feel left out, \u00a0why is it so hard to make virus protection for Windows Phones? <\/strong><\/p>\n Alex Gostev<\/strong>: There are no problems whatsoever about creating antivirus protection for Windows Phone (at least, Kaspersky Lab does not have any problems doing it).<\/p>\n Why do people say Apple computers don\u2019t get viruses when they actually get more than people think? <\/strong><\/p>\n Alex Gostev<\/strong>: These are old stereotypes that were created primarily by Apple themselves. Apple have claimed for a long time that their computers are much better protected. Eventually, they admitted that malware does exist for Apple computers and even incorporated a primitive antivirus scanner into OS X<\/a>. Microsoft, for instance, also had to spend a decade or so learning to take virus threats seriously. Apple is only taking its first steps along this road, but we think they are moving in the right direction, especially if you look at the protection system on the iPhone.<\/p>\n Alex, what\u2019s the best way of preventing your computer being infected and locked and asked to pay a steep fee to unlock it? <\/strong><\/p>\n Alex Gostev<\/strong>: In the overwhelming majority of cases involving extortion malware, or ransomware<\/a>, the victim computer is infected via a web browser. This is usually down to vulnerabilities in Java, Adobe Flash or in the browsers themselves. All these vulnerabilities have long been known and patched by the vendors. So, your first step should be to install all the latest patches and updates for your software on a regular basis.<\/p>\n \u00a0<\/p>\n \u00a0<\/p>\n What are the main Android threats?<\/strong><\/p>\n http:\/\/www.securelist.com\/en\/analysis\/204792254\/Kaspersky_Security_Bulletin_2012_Malware_Evolution<\/a><\/p>\n See point 3 (\u201cThe explosion of Android threats\u201d) and item 10 (\u201cMobile malware\u201d) in this security bulletin.<\/p>\n \u00a0<\/p>\n Why does Kaspersky often (maybe very often) recognize \u201cgood\u201d software as malicious? <\/strong><\/p>\n Alex Gostev<\/strong>: I have to disagree with you on this one. Kaspersky Lab\u2019s products have one of the lowest false positive rates in the entire industry; independent test results back up this claim. We couldn\u2019t possibly have received the \u201cProduct of the year<\/a>\u201d award unless we had demonstrated the fewest false positives in dedicated testing.<\/p>\n \u00a0<\/p>\n Which web browser do you prefer? Which one is more secure? Which one is the best solution for Kaspersky products?<\/strong><\/p>\n Alex Gostev:<\/strong> At the current time, I prefer Google Chrome. Which browser is the safest? Well, the answer to that is changing all the time. The situation can change in an instant \u2013 the discovery of a 0-day vulnerability would immediately turn the safest browser into the most vulnerable one. Therefore, apart from keeping an eye on the browser vulnerability situation, it is also advisable to complement your browser with dedicated protection tools, such as a sandbox, allowlists etc. All these things are implemented in Kaspersky Lab\u2019s products.<\/p>\n How does the Kaspersky Windows Unlocker work? \u00a0<\/strong><\/p>\n Alex Gostev:<\/strong> You can find the answer to that here http:\/\/support.kaspersky.com\/faq\/?qid=208285998<\/a><\/p>\n \u00a0<\/p>\n What are the most \u201cfashionable\u201d viruses today? What was the most unusual virus detected last year?<\/strong><\/strong><\/p>\n Alex Gostev:<\/strong> Depends what you mean by \u201cfashionable\u201d. If we\u2019re talking about high-profile malware, it would primarily be a whole new generation of malware in the Middle East which includes Flame<\/a>, Duqu<\/a>, Gauss,<\/a> miniFlame,<\/a> Wiper.<\/a> All these kept us fairly busy throughout the year, both in terms of searching for and analyzing the findings. The realm of cyber weapons, i.e. malware created at the state level to attack the citizens, companies and authorities of other countries, is probably the hottest and most interesting topic right now. Some PC users use free antivirus products. Do you think such products can compete with commercial security products?<\/strong><\/p>\n Alex Gostev<\/strong>: Yes, they can compete, but they cannot win in the long run or ensure a sustained and reliable protection standard.<\/p>\n Is being a virus analyst a difficult job?<\/strong><\/p>\n Alex Gostev<\/strong>: It\u2019s only difficult for the first few years. After that, once you\u2019ve gained experience, it gets easier. I remember about\u00a0<\/strong>six years ago we organized competitions in our Virus Lab to see who could analyze malware the fastest. The record was 43 seconds from a file arriving for analysis till a detection was added. On the other hand, virus analysis is only a small part of the job. You have to be well informed about all developments, including news from your competitors and news from the other side of the front line; you need to be aware of where it\u2019s all going and what will happen tomorrow. I suppose, this is the most difficult part, and it\u2019s getting more difficult every day.<\/p>\n What new types of malware does the near future have in store for us? <\/strong><\/p>\n Alex Gostev<\/strong>: There are unlikely to be any new types of malware. All the generic types of malware behavior have long been identified and malware, including viruses, worms, Trojans and exploits, are evolving along those lines. Of course, dozens of subtypes exist within each category, such as Trojan cryptographers, banking Trojans, network worms etc. However, malware evolution takes place exclusively in terms of seizing new platforms or operating systems \u2013 mobile Trojans are a vivid example. From the point of view of technology, everything is the same, but with new platforms and new possibilities, such as the sending of SMS text messages. Therefore, we expect all the conventional types of threats to migrate in the near future from personal computers to the entire range of modern devices.<\/p>\n Alex, do you keep a diary for yourself? E.g. I came across such and such a malicious program today. I was able to treat it in such and such a way. Tried such and such a dish and liked it. The weather was nice, etc.<\/strong><\/p>\n Alex Gostev<\/strong>: No, I simply don\u2019t have time for that. Time and again I think that it might be worthwhile writing down how my research is going. I think it would make a pretty interesting book. On the other hand, many of the things we\u2019re involved in and the things we\u2019re aware of cannot be published (yet).<\/p>\n Which operating system do you use? Which do you think is the safest for desktops?<\/strong><\/p>\n Alex Gostev<\/strong>: I am not a dedicated fan of any specific operating system; in fact, I have a very simple view on them: for every task, there exists a suitable operating system. I arrange my work accordingly. In a single day I can work under Windows, OS X and Linux, not to mention mobile platforms for phones and tablet PCs.<\/p>\n There are no secure desktop operating systems. Any operating system can only be called secure on a conditional basis until the next 0-day vulnerability emerges. When this happens, it instantly turns the safest operating system into the most vulnerable one. I\u2019m talking here about a situation where the vulnerability is publicly disclosed. As for privately-known vulnerabilities, well they always exist for any given operating system.<\/p>\n \u00a0<\/p>\n How much of his work time does a senior virus analyst put into practical, hands-on work, such as reverse engineering, debugging and sandboxing?<\/strong><\/p>\n Alex Gostev<\/strong>: It depends on the time of the year and the research project the team is working on at a specific time. Sometimes, I can spend 80% of the day on hands-on research of a specific piece of malware. That may last for, say, a week. Sometimes I don\u2019t touch a single malware file for an entire day. If you look at the bigger picture, I\u2019d say I spend no more than 20% of my time throughout the year on hands-on research. However, when I was a virus analyst processing the inbound malware traffic, it took up 100% of my time. Now, I have to do a lot of non-core activities, such as giving answers to your questions \ud83d\ude42<\/p>\n \u00a0<\/p>\n What make of smartphone or telephone do you use (which manufacturer, model)? Do you have a mobile security solution installed on it?<\/strong><\/p>\n Alex Gostev<\/strong>: At the moment I have an iPhone. I don\u2019t have any antivirus on it, because: a) no antivirus solution exists for iPhones; b) it has not been jailbroken c) there are no viruses for non-jailbroken iPhones anyway.<\/p>\n \u00a0<\/p>\n What condoms would senior virus analysis recommend using?<\/strong><\/p>\n Alex Gostev<\/strong>: Those that match your size. J<\/p>\n \u00a0<\/p>\n How do I properly uninstall Kaspersky Lab\u2019s products so no garbage is left in the system and registry?<\/strong><\/p>\n Alex Gostev<\/strong>: The \u201cproper\u201d way is to use the standard uninstaller. Should anything go wrong and the result is not satisfactory, use the dedicated removal tool: http:\/\/support.kaspersky.com\/faq\/?qid=208279463<\/a><\/p>\n How can I get rid of my paranoia and obsession that there is a Trojan in the system, or a vulnerability is being exploited?<\/strong><\/p>\n Alex Gostev<\/strong>: Why would you want to get rid of it? When it comes to IT security paranoia is actually a positive thing, as it makes you more careful about what you do and how you do it. It makes you try to figure out how the system works, promotes your self-development and broadens your outlook. In other words, it\u2019s a good thing.<\/p>\n How safe is it to use cloud-based storage? Do you know of any cases where the cloud has been infected?<\/strong><\/p>\n Alex Gostev<\/strong>: Ah, this is a major topic. There was a recent newspaper publication about this in which I feature. Unfortunately, it\u2019s only in Russian. For those of you who know Russian, check it out here: http:\/\/www.kommersant.ru\/doc\/1771693<\/a><\/strong><\/p>\n Can you please tell us about how Kaspersky\u2019s Virus Encyclopedia documentation is created?<\/strong><\/p>\n Alex Gostev<\/strong>: These days, 99% of the malware descriptions in Kaspersky\u2019s Virus Encyclopedia have been created by a robot using standard templates and based on automatic analysis of files. Several thousand old descriptions also exist that were written by humans (yes, there used to be time when a new dedicated description could be created for each new virus). Several hundred of them were created specifically by me.<\/p>\n \u00a0<\/p>\n The management of one large company says that Kaspersky Lab writes viruses and creates zombie networks to infect computers in the Russian segment of the Internet, in order to sell more of their products and provide consulting services. Can you please comment on this. I can\u2019t disclose the name of the company as I work for it.<\/strong><\/p>\n Alex Gostev<\/strong>: I recommend you change your employer. If your management has such a mindset, you never know what they\u2019ll come up with next.<\/p>\n How is cybercrime evolving today? What new kinds of threats are in store for regular users?<\/strong><\/p>\n Alex Gostev<\/strong>: As before, 90% of all security incidents that we record are targeted at regular users. To be more exact, they are designed to extort money using all sorts of methods, or make money from infected users. Ostap Bender (http:\/\/en.wikipedia.org\/wiki\/Ostap_Bender<\/a>) knew 400 \u201crelatively honest ways to extort money\u201d. Modern cybercriminals know about 50 completely dishonest ones.<\/p>\n Check out the link below where we predicted what the situation would be like in the year 2020.<\/p>\n http:\/\/www.securelist.com\/en\/analysis\/204792165\/Cybercrime_Outlook_2020_From_Kaspersky_Lab<\/a><\/p>\n \u00a0<\/p>\n What can you say about the antivirus that is incorporated in Windows 8? This takes away quite a bit business from the security software manufacturers. How would you comment on this?<\/strong><\/strong><\/p>\n Alex Gostev<\/strong>: It\u2019s been quite a while since it was incorporated, and quite a while since it\u2019s been \u201ctaking away business\u201d. The thing is, it never did in fact take any business. The simple fact is that in order to develop successful security solutions, a company needs to specialize in developing those solutions. That must be their core business. That cannot be said of Microsoft.<\/p>\n My friends say Kaspersky Anti-Virus is a resource-hungry monster, and recommend that I use free antivirus solutions (I won\u2019t advertise them here). Their argument is: free antivirus is no worse, in fact they are better in many respects. Is this correct?<\/strong><\/p>\n Alex Gostev<\/strong>: No, and I can\u2019t be bothered disproving it here. I personally would never use a free antivirus, even if I didn\u2019t work for Kaspersky Lab. I know how this type of software works, who works on these programs and how.<\/p>\n Which antivirus manufacturers do you feel most envious of? Would you agree to work for them if they paid you enough?<\/strong><\/p>\n Alex Gostev<\/strong>: Well, I\u2019m not envious of anyone. There are companies that I have respect for \u2013 these are primarily the companies that can make good use of the resources they have, both human and technical, where the work of the specialists makes me say: \u201cHow the hell did they find this before us or do a better job of analyzing than us!\u201d This really stimulates competition, and, as a consequence, our level of expertise improves as well.<\/p>\n In recent times, I\u2019ve only seen this sort of interesting, motivating competition between us and Symantec. To be more precise, between Kaspersky\u2019s team of experts (GReAT) and their STAR team. That said, we cooperate very closely with them on a number of research topics, and have good personal relationships with them.<\/p>\n As for working for a different antivirus company \u2013 well, I think I\u2019ve become too much of a Kaspersky man. I\u2019d be more likely to change the IT security sphere for a different, but related area. Or set up my own business.<\/p>\n How do you attract clever students and specialists to your company? Is there a chance they will later be recruited by secret services (foreign or Russian)? Or is this the first time you\u2019ve heard about this?<\/strong><\/p>\n Alex Gostev<\/strong>: How we attract new employees is a business secret J As for being recruited by secret services, I didn\u2019t in fact understand that one. Secret services can recruit anyone \u2013 taxi drivers, bakers, managers (ourselves not excluded), so what? Kaspersky Lab has its own security service, and its does a great job. This question is within their competence.<\/p>\n Is a hardware firewall in the router enough? Or maybe, besides that, it\u2019s good to have a software firewall?<\/strong><\/p>\n Alex Gostev<\/strong>: The firewalls in modern routers are pretty limited in terms of their functionality, and perform primitive filtering at the level of port addresses. Naturally, this solution is not adequate for complete security.<\/p>\n Recently, I read that Android is the most unsafe mobile operating system. Do you agree? Which mobile OS is, in your opinion, the most secure?<\/strong><\/p>\n Alex Gostev<\/strong>: Yes, I agree that Android is the most vulnerable mobile platform. The safest is iOS.<\/p>\n \u00a0<\/p>\n I don\u2019t want Google or Facebook to spy on me. What would be the best email option? I intend to buy my own hosting and domain name \u2013 is this a better option?<\/strong><\/p>\n \u00a0<\/p>\n Alex Gostev<\/strong>: Your own hosting? You don\u2019t trust Google, but are prepared to trust your mail account to some hosting company? There\u2019s really no difference.<\/p>\n Why have you deleted the \u201cgreen zone\u201d in Kaspersky Internet Security 2012? It\u2019s a great pity.<\/strong><\/p>\n Alex Gostev<\/strong>: We haven\u2019t actually. Users can find the module in the Web Anti-Virus setting in both the 2012 and 2013 versions.<\/p>\n Why does Kaspersky slow my PC down so much?<\/strong><\/p>\n Alex Gostev<\/strong>: A good level of protection will always require some use of computer resources. There are software products out there that call themselves antivirus solutions and which operate faster than our product, but the level of protection they provide is nowhere near that offered by Kaspersky Lab. We don\u2019t see the point of lowering the level of protection, because just one missed virus out of millions detected can cause a user major problems. We are constantly working on new technologies that will allow us to depart from older protection methods, such as the multi-level scanning of files. These technologies will use less computer resources, but also ensure the highest level of protection is maintained.<\/p>\n Why don\u2019t you offer any long-term free license, 1 year for example?<\/strong><\/p>\n Alex Gostev<\/strong>: We have free licenses that allow users to understand whether or not our product is suitable for them. In our opinion, one month is sufficient for that. You can also find promo codes online or in magazines for 60-90 days. Our partners in various countries also offer trial codes for periods starting from 30 days. As for licenses as long as you mention, just keep an eye on our news \u2013 in 2013 we\u2019ll tell you how you can get such a license.<\/p>\n What is the role of Cloud Protection in Kaspersky\u2019s 2012 product versions? What are the pros besides the basic protection?<\/strong><\/p>\n Alex Gostev<\/strong>: The reaction time of the cloud to new threats is generally several times greater than that offered by traditional signature databases. Cloud protection is intended primarily to prevent the user being affected by the very latest threats.<\/p>\n Your antivirus is useful against viruses and Trojans whose signatures are already known and the code is already recognized as malicious. What about \u201chand made\u201d viruses with hidden code? <\/strong><\/p>\n Alex Gostev<\/strong>: Signature-based analysis is a tried-and-tested method of detecting threats, but on its own against today\u2019s threats it\u2019s virtually useless. That\u2019s why our product uses behavioral analyzers capable of determining whether a program is behaving itself or not.<\/p>\n Is the current version (KIS 2013) the best version ever?<\/strong><\/p>\n Alex Gostev<\/strong>: Of course! The latest version is always the best. We recommend using the latest versions of our products because they include the most up-to-date technology, they are compatible with the newest operating systems and boast increased performance and usability.<\/p>\n When installing Kaspersky Anti-Virus together with another antivirus solution, why does Kaspersky tell you to remove them, but they don\u2019t say anything about Kaspersky? I found this rather strange.<\/strong><\/p>\n Alex Gostev<\/strong>: To ensure a high level of protection and avoid any conflict with other programs, we recommend users uninstall all other antivirus products before installing our product. It is technically possible to have two or three antivirus solutions on one machine, but it will mean the computer is overloaded and will slow it down considerably.<\/p>\n Why don\u2019t you contact rutracker.org and tell them to stop distributing your products?<\/strong><\/p>\n Alex Gostev<\/strong>: Let them carry on \u2013 we don\u2019t mind J<\/p>\n Is Kaspersky Mobile Security good enough to protect my Android phone? Also, why are there different prices for KMS on Google Play and on kaspersky.com sites? <\/strong><\/p>\n Alex Gostev<\/strong>: Kaspersky Mobile Security is one of the best mobile AVs (and this is not just our opinion, PPCSL, AV-Test and other independent test agencies say the same). So, in answer to your first question, yes, it is. There are some differences between the update speeds on the GPlay and Kaspersky Lab websites and the tech support terms are also different (on GPlay you can get only limited support via email).<\/p>\n When will a control plug-in for browsers be implemented in KAV or KIS?<\/strong><\/p>\n Alex Gostev<\/strong>: Is it really necessary? It\u2019s much easier and more effective to open the product and make all the necessary changes there. If you\u2019re talking about tuning the product settings, it is more effective to make all the necessary changes there. Also, we need to isolate our UI settings from malware and other processes to ensure the protection level.<\/p>\n Today we download loads of free apps to our gadgets. Can the attacker take advantage and disguise them as Trojans to compromise our systems and break into other remote targets?<\/strong><\/p>\n Alex Gostev<\/strong>: There are indeed lots of Android Trojans<\/a> spreading not only in the guise of legitimate apps but also embedded by malicious users in popular programs. To do this they create their own modifications of the original app package where the Trojan module is added.<\/p>\n Here are some recent examples of this:<\/p>\n http:\/\/www.msnbc.msn.com\/id\/48150203\/ns\/technology_and_science-security\/t\/fake-android-game-apps-sneak-malware-google-play\/#.UMb3QYNnjgg<\/a><\/p>\n<\/a><\/p>\n
\nAs for unusual malware, there were traits in every single program mentioned above that we thought (and still think) were unusual. For instance, one of the Gauss modules installs a modified proprietary font called Palida Narrow into the system<\/a>. Why it does this remains a mystery. Another example is the propagation module incorporated into the Flame worm \u2013it helps the worm spread via local area networks, and that is a whole other story. Its creators have not only successfully implemented an unprecedented MD5 cryptographic attack<\/a> but have also created a \u201creal\u201d Microsoft certificate. This is way beyond a 0-day vulnerability \u2013 this is \u201cgod mode\u201d. Nothing like this has occurred before.<\/p>\n<\/a><\/p>\n<\/a><\/p>\n<\/a><\/p>\n