[New Podcast] Antivirus in the Hot Seat, with Mikko Hypponen

Mikko Hypponen joins host Janne Kauhanen to discuss the Kaspersky drama and how and why antivirus collects data from customer machines. Join us for this inaugural episode of our new podcast, Cyber Security Sauna.

Author: Melissa Michael
Date: 01.12.2017
Read Time: 2 Minutes

Mikko Hypponen quote - trust your vendor


Antivirus software protects computers and devices in many ways. For example, it prevents users from visiting malicous websites, terminates maliciously behaving processes, prevents applications from being exploited, and detects and removes malicious files.

In order to make sure these protection mechanisms are able to stop threats in their tracks, security vendors need access to threat intelligence – information that helps them better understand the current and future threat landscape. Collection and analysis of malicious samples is one form of threat intelligence gathering. At F-Secure, we occasionally collect suspicious samples and metadata associated with them from customer environments, in order to improve our threat intelligence.

To describe the process simply, if our software encounters a suspicious sample on a customer’s system we’ve never seen before, and if the software on its own cannot reach a verdict, that sample may be uploaded to our cloud for further analysis.

This is the way most antivirus software works today. Cloud technology enables better, faster protection because once the security cloud determines the suspicious file is in fact malicous, it can then instantaneously protect all our other customers as well.

The hot seat

This practice of sending data from host machines back to the vendor has put antivirus software under a bit of scrutiny of late. We as a company have been fielding questions related to how we protect our customers in this process – questions that have arisen in the wake of the current storm around Kaspersky.

To recap, Kaspersky is facing allegations that it collected top secret NSA files from a customer machine and shared them with Russian intelligence agencies. Kaspersky maintains its innocence – they did collect the files as part of normal operations, they contend, but they deleted the files from their systems.


Mikko Hypponen quote - data is valuable, but also a liability


The situation has naturally prompted inquiries about antivirus companies in general. So we’ve taken these questions and posed them to our Chief Research Officer Mikko Hypponen in the very first episode of our brand new podcast, Cyber Security Sauna.

Listen as Mikko explains:

  • Why antivirus products send data back to the antivirus vendor
  • What sort of data F-Secure antivirus transmits from customer machines
  • How we secure files transmitted from our customers to us
  • Which third parties we share data with, and why
  • Why you should choose your security vendor carefully
  • Why it’s important to know your threat model
  • Why data is a liability

You’ll also get Mikko’s take on:

  • Whether there really are links between Kaspersky and Russian intelligence agencies
  • Whether Kaspersky was hacked, infiltrated, or willingly cooperated



FAQ: Everything You Wanted to Know About AV Data Transmission But Were Afraid to Ask

Download episode transcript

Cyber Security Sauna web page


2 thoughts on “[New Podcast] Antivirus in the Hot Seat, with Mikko Hypponen

  1. Please try to balance the sound across both channels (it could just as well be mono). Right now, most of what Mikko says is heavily slanted to the left channel, making listening with headphones difficult.


Post Comment

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s