We are Kaspersky's Global Research & Analysis Team (GReAT) and we're back! Let's talk cyber and have fun!
We are Kaspersky’s Global Research & Analysis Team (GReAT), a group of 40+ threat hunters spread throughout 18 countries around the world. We track malicious hacker activity around the globe with an emphasis on advanced targeted attacks.
In case you are not familiar with us, we are the ones, who told the world about the Cozy Bear hacking group long before they broke into DNC servers, the ones who uncovered the most sophisticated to date hacking group called Equation and the most dangerous gang of cyber robbers – Carbanak. We were the first who figured out that the notorious NotPetya ransomware, which caused real chaos all around the world, was actually not ransomware but a wiper - a real cyber weapon. We are the ones who drew the line between one of the oldest attacks ever against Pentagon and the activity of modern day hacking groups.
Every day we see malicious hackers doing crazy things like hiding their activity in satellite communications, infecting hotel networks to spy on very important guests, or even targeting telecom operators networks - to spy on whoever they want! We have seen them breaking into the supply chain of a popular hardware producer in order to be able to infect only a few specific users. We also witnessed how one hacking group tried to pretend to be another hacking group in order to place false flags and potentially cause an international scandal.
One day we even found them poking around in our own network! And so on...
All of these are only a few stories we have to tell. Many more of them you can find here, at https://securelist.com .Today we are happy to answer your questions about how we do all our anti cyber espionage threat hunting magic every day.
Here with us are:
Costin Raiu - Global Director @craiu
Vitaly Kamluk - @vkamluk
Brian Bartholomew - @Mao_Ware
Noushin Shabab - @NoushinShbb
Maria Namestnikova - @SovsemNePodarok
Dmitry Bestuzhev - @dimitribest
Dan Demeter - @_xdanx
Aseel Kayal - @CurlyCyber
Kurt Baumgartner - @k_sec
Igor Kuznetsov - @2igosha
Ivan Kwiatowski - @JusticeRage
Ariel Jungheit - @arieljt
Want to know how we work, how we hunt down all those sophisticated actors and learn some tips and tricks?
Thinking of a career in cybersecurity and have questions?
A lot of people asked us about cybersecurity trainings and we'd like to point out we do have a fresh new Yara training available here: https://xtraining.kaspersky.com/
Edit 2: In 1 hour we'll take a break, but meanwhile are happy to take all your questions , both controversial or not :)
Edit 3: We'll wrap up for today, but we're coming back tomorrow to answer remaining questions! Cyaa! Edit 4: We are back to answer remaining questions! Edit 5:
Dear friends, thanks a lot for all your love, good questions, good jokes and the good time!
To all Reddit users who are asking questions about our data processing policies, politics, alleged connections with governments and questions related to trust. We fully understand your concerns and are willing to eliminate them. So if you are really seeking for answers to your questions, and are here not just to troll, then here you go:
We are open for cooperation and are more transparent than anyone else in the industry. You can read more about our transparency initiative here: https://www.kaspersky.com/about/transparency?ignoreredirects=true. It was created specifically to explain our technology and processes to those who are concerned.
Although we are an international company that is obliged to obey local laws in countries where we operate, not all laws concern our activity. Particularly we are often asked about SORM. This law is about tracking criminals through telecom networks. We are not a telecom operator, or a video-calling service or a chat app. This law doesn't concern us at all: https://media.kasperskydaily.com/wp-content/uploads/sites/92/2015/02/02060120/REPORT-OF-PROF-DR-KAJ-HOBER.pdf
Last but not least: we are often asked how safe is the data of our users. Apart from what has been already said about our will to be as transparent as possible, we could only add two things:
- We give our users control to limit the data they send to us via the interface of our products. If you are a user of our B2B products, we have solutions that allow you not to upstream any data at all.
- This year we are completing relocation of data processing for our users from Europe, US, and several other countries to Switzerland.
It's time we wrap up our AMA and hope to see you all soon! Peace!