Costin Raiu is the Director of Global Research & Analysis Team (GReAT) at Kaspersky. He specializes in high-level malware attacks and analyzing advanced persistent threats. His work includes analyzing malicious websites, exploits and malware in online banking and elsewhere.
Raiu has spent over twenty-four years in antivirus technologies and security research. He is a member of the Virus Bulletin Technical Advisory Board, a member of the Computer AntiVirus Researchers’ Organization (CARO), and a reporter for the Wildlist Organization International.
Costin has worked for GeCad as Chief Researcher and as a Data Security Expert with the RAV antivirus developers group as well.
We got a chance to have a chat with him on cybersecurity issues and trends as well as preventing cyberattacks.
Question 1: There has been a notable spike in the cyberattacks since the start of pandemic. What are your thoughts on the increasing vulnerabilities of online security?
Costin: Indeed, since the beginning of the Covid19 pandemic, we noticed a spike in the number of online attacks. For instance, between February and March, the amount of online attacks exploiting the pandemic topic reached over 10x the volume from January, indicating this was a hot topic for cybercriminals. Interestingly, the numbers decreased in April, suggesting that users were no longer very likely to fall for clickbait; however, the amount of new malware samples spiked in June and July. Is this because cybercriminals who “work from home” are also more productive? We don’t know, but it is still a worrying development.
Question 2: What should companies focus on when it comes to enhancing security for remote employees and reducing cyberattacks?
Costin: The coronavirus outbreak has forced many office employees to remain at home. The real issue — at least for cybersecurity, if not productivity — is that in the office, companies thoroughly protect networks and devices. Meanwhile, unless you’re the CEO, sysadmins are probably not going to come around to your apartment or house and set everything up in line with corporate standards. A couple of advices include:
- Protect all devices with a security solution
- Update programs and operating systems
- Enable solid Wifi encryption (WPA2 or more recent)
- Change your default router logins and passwords
- Use a VPN
Question 3: Can you please tell us how the teams at Kaspersky are working to counter persistent cybersecurity issues?
Costin: Kaspersky is an international company, with offices in more than 30 countries. Our research and development is split across various teams, all tackling different types of problems. For instance, our AMR – Anti Malware research – focuses on the hundreds of thousands of new samples we receive every day, how to detect them faster and in a more efficient way. Our GERT – Global Emergency Response Team focuses on helping companies that have been hit by various threats and need to better understand what happened. GReAT – the same where I work, the Global Research and Analysis team, focuses on the most sophisticated threats out there, designing new technologies to fight future threats and helping others to learn how to protect themselves. Something as simple sounding as an antivirus program has actually thousands of people behind it, from developers, to malware analysts and researchers.
Question 4: Can you please suggest some ways following which the users can stay safe from online attacks? How can a person perform online banking transactions safely?
Costin: Staying safe online can be difficult nowadays, but following some simple steps can actually help a lot. Use strong passwords, choose a solid VPN, be careful what you download, make online purchases only from reputable sites, be careful who you meet online and what you disclose about yourself and keep your antivirus and all the other programs on your device up to date.
Question 5: Do you think more funding needs to be spent for research on anti-hacking and malware preventive methods?
Costin: One of the biggest problems we have nowadays is finding skilled people who can work in computer security. Of course, budgets can be tough especially during a pandemic, however, for the past few years, there is a lack of computer security professionals. This breaks down to education and attracting more young people to the field, which is a challenge.
Question 6: Cybercriminals are becoming smarter, using phishing emails, hacking IoT devices and baby monitors, and launching ransomware attacks. What are some of the toughest threats that your team has ever faced and how did you overcome them?
Costin: Ransomware is for sure one of the top threats nowadays. We’ve seen companies, governments, and hospitals becoming victims to ransomware. Recently, one such attack against a hospital in Germany indirectly resulted in a person’s death, because they couldn’t get the urgent treatment they needed in time. Once a company is hit by ransomware, there are not many options left. Some rush to pay the ransom, which is not something we advise to anyone. Actually, in some cases we have been able to break the encryption scheme used by ransomware and help victims by creating free decryption tools. We also started the NoMoreRansom project, together with the National High Tech Crime Unit of the Netherlands’ police, Europol’s European Cybercrime Centre and McAfee – take a look: https://www.nomoreransom.org/en/about-the-project.html
Question 7: Other than an antivirus, what are some of the products/services people can use to stay safe from online threats? Does an antivirus work best or a VPN?
Costin: A good VPN is a critical part of staying safe online. Hence, we recommend using both an antivirus and a VPN, especially when you work from home or public places.
Question 8: Do you see a safer online space after 5-10 years considering no company or individual is safe from the malicious attacks? Will there be a completely safe and secure cybersphere ever?
Costin: Many years ago, when I was in university, we used to work on a VAX PDP computer running the VMS operating system. It was rather secure and compared to other Unix based systems that were getting hacked all the time, the VMS rarely had any problems. At the same time, it was incredibly hard to use and lacked many features. Security is actually a balance between cost and features. The more features, less security. And if you want more security, there will be a cost to be paid too. That’s why I think a completely safe and secure cybersphere will never exist, only a constant game of balance between usability, cost and security.
Question 9: A number of people are still unaware of the threats and limitations of online privacy policies. Keeping this in mind, what message would you like to convey to the online community?
Costin: These are tough times for everyone, so first of all, take care of yourself and your loved ones. Protect yourself in real life but do not forget about digital life either! Wear a mask, use an antivirus, use a VPN, use strong passwords and stay safe!
Thank you so much for the interview, Costin. As for our readers, you can follow him on Twitter: @craiu. If you have any questions, do leave us a comment and we will be more than happy to cater them.
Our next week’s guest on the blog is the author of “Hack The World With OSINT” and we will be questioning her about cybersecurity, and the impact of cyberattacks. Until our next episode of the cybersecurity expert interview then.