{"id":9171,"date":"2015-06-25T12:09:26","date_gmt":"2015-06-25T16:09:26","guid":{"rendered":"https:\/\/www.kaspersky.co.za\/blog\/?p=9171"},"modified":"2017-09-24T17:28:21","modified_gmt":"2017-09-24T15:28:21","slug":"ask-expert-kamluk-interpol","status":"publish","type":"post","link":"https:\/\/www.kaspersky.co.za\/blog\/ask-expert-kamluk-interpol\/9171\/","title":{"rendered":"Ask the expert: Vitaly Kamluk tells how INTERPOL catches cyber criminals and other stories"},"content":{"rendered":"<p><a href=\"https:\/\/twitter.com\/vkamluk\" target=\"_blank\" rel=\"noopener nofollow\">Vitaly Kamluk<\/a> has more than 10 years of experience in IT security and now he holds the title Principal Security Researcher at Kaspersky Lab. He specializes in malware reverse engineering, computer forensics, and cybercrime investigations. Currently, Vitaly lives in Singapore. He works with INTERPOL as a member of the Digital Forensics Lab, doing malware analysis and investigation support.<\/p>\n<p>https:\/\/instagram.com\/p\/1xKFAOv0I5\/<\/p>\n<p>We have invited our readers to ask Vitaly questions. There were so many questions, in fact, that we decided to break down this Q&amp;A session into several parts. Today, Vitaly will answer questions related to digital investigations and cooperation with INTERPOL.<\/p>\n<p><strong>Do you like staying in Singapore?<\/strong><\/p>\n<p>The sun rises and sets here at the same time every day, all year round. When the moon appears at night it sits at a strange angle because of its location in the world. The summers are endless with no cold water running through pipes. Weather in Singapore reminds me of a dream, or of the movie <em>Groundhog Day.<\/em><\/p>\n<p><strong>Is there any information that is exchanged about individuals and their devices and locations between INTERPOL and large tech companies like Apple, Google, Facebook, Twitter?<\/strong><\/p>\n<p>INTERPOL doesn\u2019t need your data unless you are a criminal. When there\u2019s a need the data is requested on a given criminal case basis in accordance with the local laws and is supported by a court order. In these situations, it\u2019s always some local law enforcement agency that requests this data, not INTERPOL itself.<\/p>\n<p><strong>What is the biggest obstacle to fighting cybercrime nowadays?<\/strong><\/p>\n<p>Borders between countries and differences in legislation. Internet has no borders, but the physical world does. We can work quickly in cyberspace but all this speed is lost when it comes to cross-border requests and authorizations.<\/p>\n<p><strong>Are we living in a cyberwar?<\/strong><\/p>\n<p>I used to believe that cyberwar is an invisible war. If you think the same \u2014 then yes, we are living in a cyberwar. If you believe that a war always has evident consequences in the physical world: massive destruction, casualties, violence, then fortunately we are not at that point.<\/p>\n<p><span class=\"embed-youtube\" style=\"text-align:center; display: block;\"><iframe class=\"youtube-player\" type=\"text\/html\" width=\"640\" height=\"390\" src=\"https:\/\/www.youtube.com\/embed\/yzUsRg-3BiQ?version=3&amp;rel=1&amp;fs=1&amp;showsearch=0&amp;showinfo=1&amp;iv_load_policy=1&amp;wmode=transparent\" frameborder=\"0\" allowfullscreen=\"true\"><\/iframe><\/span><\/p>\n<p><strong>Will cybercrime be stopped someday? Until now, the theft of thousands of dollars is something that has been talked a lot about and apparently the war is lost\u2026<\/strong><\/p>\n<p>People will take this hit, and even harder hits, and survive. Human nature enables us to adapt to much more significant changes. However, there will never be an end to crime in the physical world nor in cyberspace. But we have the power to change our environment and way of living to reduce the level of crime to a minimum.<\/p>\n<p><strong>Did you have experiences in cybercrime when you were younger? Does someone who wants to work in cybersecurity need to have this background?<\/strong><\/p>\n<p>Are you wondering if I committed any cybercrimes when I was younger? I believe I was lucky \u2014 I had role models, who explained to me that knowledge is a weapon, and this weapon gives you a power and power requires responsibility. The short answer is this: no, I haven\u2019t.<\/p>\n<p>https:\/\/instagram.com\/p\/zntqsBP0HU\/<\/p>\n<p>Being a cybercriminal and attacking people may destroy your reputation forever and people will not trust you anymore again. Don\u2019t do that.<\/p>\n<p><strong>Share with us your personal experience on how you started working in cybersecurity!<\/strong><\/p>\n<p>Hackers, silent magicians who were looking into the portals of the computer communications\u2019 abyss and making impossible things a reality, impressed me.<\/p>\n<p>I wanted to learn how to play this game and, if I was lucky, to be able to compete with even stronger opponents. The attraction to the game of hackers, their code of conduct, philosophy and ethical problems was extremely interesting to me, so I started to learn.<\/p>\n<p><strong>With the significant growth in technological resources available to us, as well as cyberattacks, how do you watch these trends and what do you study to keep on pace with the evolution of infection vectors over the Internet?<\/strong><\/p>\n<p>I read the latest news from security researchers and keep a finger on the pulse of all the new techniques of attack and defense. If you want to defend your resources you should also keep the surface of attack on you as small as possible. Follow the rule of \u201cdeny everything by default\u201d (aka default-deny). As security researchers we have to be aware of everything, but you should be aware of resources you have to protect. Use it to your advantage, focus on the most important.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\">Books on cybersecurity: 5+ recommendations from our experts <a href=\"http:\/\/t.co\/veGLpXSyDy\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/veGLpXSyDy<\/a> <a href=\"http:\/\/t.co\/5hGGxe7sNA\" target=\"_blank\" rel=\"noopener nofollow\">pic.twitter.com\/5hGGxe7sNA<\/a><\/p>\n<p>\u2014 Eugene Kaspersky (@e_kaspersky) <a href=\"https:\/\/twitter.com\/e_kaspersky\/status\/503878519051407361?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">August 25, 2014<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><strong>How are digital investigations done in cybercrimes? And what tools do you use? Could you provide us with some examples?<\/strong><\/p>\n<p>It may differ from case to case, but very often we use common techniques and tools for computer forensic examination: Encase, Sleuthkit, various data carvers, data format recognizers, and even standard binutils.<\/p>\n<p>We develop a lot of scripts and tools ourselves, sometimes just for a single case: unpackers, deobfuscators, custom debuggers, dumpers, decryptors, etc. Reverse engineering binaries takes quite a lot of time as well. We also may do mapping infrastructure, scanning networks, ports. Developing sinkholing software and log parsers is yet another important part of quality research.<\/p>\n<p><strong>How many hackers have you already caught?<\/strong><\/p>\n<p>Security experts do not catch hackers \u2013 this job is for law enforcement agencies.<\/p>\n<p>https:\/\/instagram.com\/p\/zNiw3Ev0G5\/<\/p>\n<p><strong>Have you ever blamed an innocent man?<\/strong><\/p>\n<p>I do it very often. The man is usually myself.<\/p>\n<p><strong>What\u2019s the biggest obstacle in finding new virus signatures?<\/strong><\/p>\n<p>The biggest obstacle is the unavailability of some samples. It\u2019s a challenge to collect the most rare samples of malware that may be used just once, but created a threat comparable to a malware that infected millions.<\/p>\n<p><strong>The rise of Cryptolocker is increasing because criminals need to capitalize on their crimes. Is there any agency dedicated to tracking malware\u2019s communications to its origins and to capture cybercriminals? If so, which International organization is responsible for this global problem? Or does each state have a department of cybercrimes offering security to its citizens?<\/strong><\/p>\n<p>There is no single organization to address this. The Internet is not owned by a single entity \u2014 it\u2019s a network of equal participants. The solution is the union of all participants of the global network against cybercrime. We have to create unified Internet laws and some kind of Internet police with transnational powers.<\/p>\n<blockquote class=\"twitter-tweet\" data-width=\"500\" data-dnt=\"true\">\n<p lang=\"en\" dir=\"ltr\"><a href=\"https:\/\/twitter.com\/hashtag\/Cybercriminals?src=hash&amp;ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">#Cybercriminals<\/a> beware: CYBERPOL is coming\u2026 <a href=\"http:\/\/t.co\/gO25uHkVwo\" target=\"_blank\" rel=\"noopener nofollow\">http:\/\/t.co\/gO25uHkVwo<\/a> via <a href=\"https:\/\/twitter.com\/e_kaspersky?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">@e_Kaspersky<\/a><\/p>\n<p>\u2014 Kaspersky (@kaspersky) <a href=\"https:\/\/twitter.com\/kaspersky\/status\/400996293335846913?ref_src=twsrc%5Etfw\" target=\"_blank\" rel=\"noopener nofollow\">November 14, 2013<\/a><\/p><\/blockquote>\n<p><script async src=\"https:\/\/platform.twitter.com\/widgets.js\" charset=\"utf-8\"><\/script><\/p>\n<p><strong>Superheroes need supervillains. If you could put an end to those guys, would you? If so, you\u2019ll no longer be remembered as a hero. Would you be ready to be forgotten?<\/strong><\/p>\n<p>Life is rich in opportunities for becoming a hero, but that\u2019s not my intention. I am just doing my job and I am trying hard to do it the best way I can. Honestly, I\u2019d love to lose my job because cybercrime is no longer an issue and I would spend my time on art. However, it\u2019s not likely to happen anytime soon. But if I do ever quit my job, I will continue to use my knowledge for good, not evil.<\/p>\n<p>I\u2019d like to add that the most important heroes are the people that no one knows about. They are changing the world and making it a better place but no one can even thank them. Those people are real heroes and I am sure some of them might be reading this article right now. Thank you, invisible friends!<\/p>\n<blockquote class=\"twitter-pullquote\"><p>Ask the expert: Vitaly @vkamluk Kamluk tells how @INTERPOL_Cyber catches cyber criminals and other stories #security<\/p><a href=\"https:\/\/twitter.com\/share?url=https%3A%2F%2Fkas.pr%2FVe6v&amp;text=Ask+the+expert%3A+Vitaly+%40vkamluk+Kamluk+tells+how+%40INTERPOL_Cyber+catches+cyber+criminals+and+other+stories+%23security\" class=\"btn btn-twhite\" data-lang=\"en\" data-count=\"0\" target=\"_blank\" rel=\"noopener nofollow\">Tweet<\/a><\/blockquote>\n<p><strong>What would you recommend to students who would like to follow this path in security? What kind of degree should one get to become an expert like you and help fight global cybercrime?<\/strong><\/p>\n<p>Here is what I can recommend:<\/p>\n<ol>\n<li>Learn how cybercrime works but never do it. You don\u2019t need to commit a crime to become a security expert.<\/li>\n<li>Study: Observe what motivates you and exploit it. Be a researcher for your own body and mind.<\/li>\n<li>Balance mental and physical exercise. A healthy body is the best way to increase your performance and stay mentally sharp.<\/li>\n<li>Do not follow other people\u2019s success stories \u2014 always find your own way. Being different is your advantage in finding a workaround or a unique solution. This is what makes you valuable in the end.<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>Vitaly Kamluk answers our readers\u2019 questions about his work with INTERPOL and other digital investigations.<\/p>\n","protected":false},"author":40,"featured_media":9174,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[5,2671],"tags":[1157,93,191,605,78,347,1156,352,43,97],"class_list":{"0":"post-9171","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-news","8":"category-special-projects","9":"tag-ask-expert","10":"tag-cybercriminals","11":"tag-data","12":"tag-great","13":"tag-hackers","14":"tag-interpol","15":"tag-interview","16":"tag-kaspersky-lab","17":"tag-privacy","18":"tag-security-2"},"hreflang":[{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/ask-expert-kamluk-interpol\/9171\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/ask-expert-kamluk-interpol\/4956\/"},{"hreflang":"ar","url":"https:\/\/me.kaspersky.com\/blog\/ask-expert-kamluk-interpol\/3452\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/ask-expert-kamluk-interpol\/5529\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/ask-expert-kamluk-interpol\/5930\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/ask-expert-kamluk-interpol\/6321\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/ask-expert-kamluk-interpol\/6250\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/ask-expert-kamluk-interpol\/8234\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/ask-expert-kamluk-interpol\/9171\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/ask-expert-kamluk-interpol\/4659\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/ask-expert-kamluk-interpol\/5472\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/ask-expert-kamluk-interpol\/5694\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/ask-expert-kamluk-interpol\/8026\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/ask-expert-kamluk-interpol\/8234\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/ask-expert-kamluk-interpol\/9171\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.co.za\/blog\/tag\/ask-expert\/","name":"ask expert"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/9171","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/users\/40"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/comments?post=9171"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/9171\/revisions"}],"predecessor-version":[{"id":18298,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/posts\/9171\/revisions\/18298"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media\/9174"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/media?parent=9171"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/categories?post=9171"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.co.za\/blog\/wp-json\/wp\/v2\/tags?post=9171"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}