ESET, a Slovakia-based company that makes antivirus products, took shape before the fall of communism, in 1987, when its founders began programming as a hobby to give away AV software to friends and family to fight computer viruses.
"You could not just start a company and begin selling" at the time, says chief technology officer Palo Luka.
The first version of ESET's antivirus (NOD) was written in 1987, but the company was eventually founded in 1992. It has since grown to employ over 1,300 employees and serve over 100 million users in more than 200 countries.
ESET now counts the US, EU, Japan and Russia among its biggest markets. It has gained a reputation in the niche world of cybersecurity for flagging attacks on and by state-backed entities. And with a focus on R&D, the company is betting big on the enterprise software market.
IBTimes UK spoke to senior executives at ESET about its thoughts on the state of cybersecurity and what the future holds:
How has cyberespionage grown in the past five years?
Juraj Malcho (JM): It's been a slow evolution as it's hard to know who is on the other end. Earlier there were regular Trojans – like a needle in the haystack that no one noticed. Today there are hidden codes in applications that are malicious.
Stephen Cobb (SC): Malware has been used in conflicts historically, including the struggle for Tibet's independence, and now they are in focus because of the high-profile nature of global conflicts. What gets investigated is influenced by what's going on. It's clear that governments around the world are now investing in cyberespionage.
What kind of operating systems are particularly vulnerable?
JM: If you look at the architecture of modern systems, it's all the same. You can run anything if you send it via email – any system would run that. Recently, Apple has seen more reportings of hacks than Windows but that's just one factor. In the old days if you wanted to hack something you had to write the code yourself. Now, it's not like people who are into cybercrime are programmers. They are buying stuff from others to deploy.
SC: If you're an attacker you have to develop the tools for whatever your targets are using. Apple has still not broken the critical mass in terms of market share so the attackers would keep this in mind. It's extremely market-based and follows standard business principles. Cybercrime can get bigger and better based on market principles and evolve along those lines until it hits a barrier of some kind.
What's the best way to detect and deter?
SC: It's a combination of technology, people and policy. An organisation has to take the problem seriously and the leadership has to have a handle on the risk to develop a response. Then invest in the technology to support these policies and educate the people to get on board with all of this.
It's not enough to invest in tech if you don't have people who know how to use it. You can definitely reduce the probability that someone will click on the wrong thing, if you take user education seriously. It works. And you have to keep doing it.
And, it's important to be able to explain the risk to decision makers, like the company board. If they don't understand they won't approve the investment to secure the systems. Assess the value and make an informed decision. One of the biggest failure areas is that there is no realistic analysis of risk and the notions of threat are outdated.
One needs to realise how developed the crimeware industry is. People are still thinking kids in basements while these guys have customer support, and even escrow systems for collecting ransom.
What's your take on the Hillary Clinton email server fiasco?
JM: It tells me people want to use systems they are comfortable with. And usually more convenient means less secure.
Where are state-sponsored attacks originating from typically? And who are the usual targets?
Robert Lipowsky (RL): What we are seeing is the tip of the iceberg. They are everywhere and they target states, corporations and political dissidents. And a lot of resources and money are being poured into such attacks.
What technologies do cybercriminals typically use?
RL: They use whatever is needed, it usually depends on the target. For instance, those targeting Tibetan dissidents used Mac malware as the activists were using Apple systems. State-level hacking generally has more money, which means they can use more powerful tools.
Your thoughts on Internet of Things (IoT) and cybersecurity
RL: Definitely, IoT is a problem. Right now, the vendors of these technologies should be focusing their attention on this. The level of awareness among retail consumers also needs to be raised as people keep falling for the same scams, the same type of attacks. It's so easy to protect from ransomware – just back up your data, that's all you need to do.
ESET's role in the AV- testing space
Palo Luka (PL): AV-testing is a very difficult task, and now more than ever. You want to get as close to the real world as possible but malware is evolving very fast and it's very diverse – so you need to be on top of things. And this is a lot of work.
ESET is going to open a new R&D office very soon. And back in 2008-09, we as an industry got together to form an organisation to create guidelines for testing, which has succeeded in devising good industry standards
What are the major challenges for ESET? Is Brexit one of them?
PL: In Slovakia where we're based, it's a small country and so it's becoming a challenge to find enough skilled people, which is why we have expanded R&D to other countries.
On Brexit, we haven't seen any impact yet apart from the obvious exchange rate issue. We have a sales office in the UK and an office that develops encryption technology so I hope when Brexit actually happens it won't have a negative effect.