Print
Rate this article
(no votes)
 (0 votes)
Share this article

The threat emanating from virtual space and Internet technologies has become a traditional challenge in the 21st century, as human progress is already inseparably linked to the Internet. However, these threats vary depending on their origin, the tools that are at the disposal of the attackers and the scale of damage. How are these threats seen by anti-virus companies? We asked Boris Sharov, CEO of the Russia’s oldest anti-virus company Doctor Web, to share his views on the problem and to tell us about his company’s work.

The threat emanating from virtual space and Internet technologies has become a traditional challenge in the 21st century, as human progress is already inseparably linked to the Internet. However, these threats vary depending on their origin, the tools that are at the disposal of the attackers and the scale of damage. How are these threats seen by anti-virus companies? We asked Boris Sharov, CEO of the Russia’s oldest anti-virus company Doctor Web, to share his views on the problem and to tell us about his company’s work.

What are the main threats of the Internet for the ordinary user, as well as for banking systems and critical state infrastructure?

The threats vary and cannot be lumped together. One might say that it is malware, but that would not be correct. The ordinary user is one thing, the banking system is another and critical state infrastructure is yet another. These are very different categories.

Critical state infrastructures and the Internet are incompatible, they should not coexist. Therefore, if things are done right, threats from the Internet should not and cannot get into critical state infrastructure.

It is very difficult to develop effective software unless you have a clear idea of the threats and how they will develop.

Threats to the ordinary user come from malware, which comes in the form of infected emails, programs and websites, or through mobile devices.

Programs steal users’ personal information, such as photos and documents, and bank account and credit card details. Users may lose them altogether or find that they have been encrypted and are forced to pay to have the stolen information decoded – this is a very common threat today.

Banking systems face a different kind of threats. On the one hand, banks are protected and use very serious security systems. However, all systems involving monetary operations frequently come under attack by malware and illegal intrusion.

A separate threat is the one posed to bank machines by skimmers [1]. What is more, there is a great hunt going on for any kind of plastic card that is used to pay for goods or services.

Boris Sharov

Governments are exposed to attacks aimed at stealing state secrets: information about the employees of state institutions, state secrets, the state of bilateral relations with other countries.

The Internet of Things is a growing segment. How do you assess security in this sphere? Smartphone protection already exists. Can the same be said about things?

Prototypes of security systems for certain objects already exist and anti-virus companies can offer ideas on protecting them. However, it is very difficult to develop effective software unless you have a clear idea of the threats and how they will develop, so today we are talking in terms of hypotheses. We can assume that if refrigerators use some kind of Android models in which harmful elements could be installed, then attackers might use fridges. However, such models have yet to be developed, and it is too early to talk about developing a system to protect against them.

The system of cloud services is developing rapidly. Do they change the traditional concept of protection?

“The cloud” is a new headache. Some say it is well protected, others say it is accessible to everyone.

It is regrettable that one of the slogans of cloud systems is the total security and privacy of data. It will always be as secure as the end device.

The people who say this forget that they hold a real device in their hands and have a real computer on their desk. The cloud is just a data centre that performs certain calculations with a person’s data, but which in any case get into a specific computer. This obviously brings us back to protecting the software and not the cloud.

Everything that involves the transfer of computing to external platforms raises questions and problems because it is necessary to model potential attacks on these systems.

It is regrettable that one of the slogans of cloud systems is the total security and privacy of data. This is dangerous because it creates an illusion that the cloud can achieve a higher degree of security. It will always be as secure as the end device.

Speaking about the problem of regulating the Internet, the state and business have been introducing solutions to ensure the safety of users. Can you tell us what your company is doing in this area? Do you have any specific ideas?

2014 virus activity overview

Our business is to ensure the security of Internet users. We do not offer any special initiatives or suggestions, we have enough work as it is. Regulatory measures are unlikely to be of any use as long as the Internet is an object of mass consumption. Threats always come from users. That is, any program the criminals develop relies on the user’s inability to properly assess how safe or dangerous certain elements may be.

Your company is active in China. This is a market that, for all its complexity, attracts Russian IT companies more and more. Can you cite some success stories?

I wouldn’t speak about our company’s success in China. We are doing what we think is useful for China. Naturally, they would be useful for us as well. But the paradigm of work in China differs greatly from that of other countries, not to mention Russia, above all because for now anti-virus software is free over there. They do not believe that protection against viruses should warrant extra spending.

Do you find it difficult to work with your Chinese partners?

Yes and no. We have partners with whom we cooperate very closely. Many partners do not understand us. But we try to take it in our stride. We understand that we have to do everything differently, with a different focus.

What do you think will be most in demand in the IT sphere in the coming years?

The trend for moving into one’s personal “cloud” is very strong. In some ways, it will change not just the IT world, but the world in general.

Mobility. The trend for moving into one’s personal “cloud” is very strong. In some ways, it will change not just the IT world, but the world in general. For example, it spells a massive increase in the number of people working from home, especially in the megalopolises. This calls for good communication channels, devices that would make it possible to work in any part of the globe. This will improve efficiency and at the same time reduce the costs incurred by companies to employ people to work remotely.

That is why the growing number of virus incidents, and the overall exposure to the mobile segment to threats, is a very serious trend that is of concern to the business community, the state, law enforcement agencies and security companies.

Interview conducted by Maria Gurova, RIAC Programme Assistant

1. Skimmers are tiny devices that are attached to bank machines and used by attackers to steal PIN codes, read information encrypted on plastic cards, etc. (Ed.).

Rate this article
(no votes)
 (0 votes)
Share this article

Poll conducted

  1. In your opinion, what are the US long-term goals for Russia?
    U.S. wants to establish partnership relations with Russia on condition that it meets the U.S. requirements  
     33 (31%)
    U.S. wants to deter Russia’s military and political activity  
     30 (28%)
    U.S. wants to dissolve Russia  
     24 (22%)
    U.S. wants to establish alliance relations with Russia under the US conditions to rival China  
     21 (19%)
For business
For researchers
For students