An ounce of prevention: Anticipating online threats in F-Secure Labs

This is a guest post from Karmina, an expert from F-Secure Labs. Enjoy!

Little is known about the team in the F-Secure Labs that focuses on tracking down threats. Usually, those contacting the Labs are looking for solutions such as detections and removals. Though mostly working in the background, I’m proud to be part of that team that deals with preventing threats from infecting further.

Proactive protection is my daily mantra. The usual question that I ask when analyzing a threat is where did it come from? If we are able to determine the source and block it from there, then it won’t proceed to infect your computer. My job is to spot threats and track down their possible sources, from social networks to email spams to application stores. Then I need to understand the threat’s behavior and how it spreads. They usually leave distinct trails and have certain characteristics that make them identifiable. It’s fun, in the sense that I feel like I’m a detective trying to uncover something. It’s like building a puzzle where I examine the pieces and put them together to see the bigger picture.

In the Labs, teamwork is important. I provide the information that I gather to other teams so they can build solutions such as website ratings, detections, and removals. We work together toward a common goal: to protect you and provide online safety. From blocking malicious URLs that push information-thieving wares into computers, to scouring application stores worldwide for Trojans disguised as interesting apps, we try to catch them all and protect the users.

Considering that I didn’t plan to get into this field, I’d have to say that I enjoy doing this. Due to constantly evolving threats, I learn a lot of new things daily. I feel fulfilled when I uncover a mystery. I’m glad I ended up in the online security field. My career is also why I’ve had the chance to live in three different countries. I get to see the world while doing interesting work. All in all, not bad!

More posts from this topic


F-Secure Bringing a totally new Future for the Internet to SLUSH 2015

#SLUSH15 is almost here, and F-Secure’s participating in this year’s event in a big way. There’s going to be a big #smartsecurity announcement about the Internet of Things, as well as a couple of presentations from F-Secure personnel. SLUSH, a well-known exposition for startups in the tech industry, has become a huge international event. Both SLUSH and F-Secure call Helsinki home, so it’s only natural for F-Secure to be an active participant at the annual conference. F-Secure made waves last year after the cybersecurity company hacked the venue’s bathrooms to get people talking about online privacy. Several of the company’s researchers and personnel also put in appearances at last year’s SLUSH, including cyber security expert Mikko Hypponen, and F-Secure’s Executive Vice President, Consumer Security, Samu Konttinen. [youtube] [youtube] And they’re both back this year! This year, Samu will be giving a keynote address on SLUSH’s Silver Stage. His talk is called “Your home, your rules – The internet of what ifs”, and runs from 11:45am to 12:00pm (Helsinki time) on November 11th. Samu’s enthusiasm for topics related to security and online privacy will give people valuable insights into how IoT devices are creating new security challenges, and what people can do to protect themselves. Mikko will be appearing on SLUSH’s Black Stage at 9:25am (Helsinki time) on November 12th, where he’ll deliver a talk called “The Online Arms Race”. Mikko recently did an interview about this same topic for, so you can check that out if you want a quick preview about Mikko’s thoughts on this matter. You can follow all of F-Secure’s SLUSH news by following @FSecure_Sense, @FSecure_IoT, and @FSecure on Twitter.

November 10, 2015
Mikko Hypponen, Leo Laporte, Triangulation

5 things Mikko Hyppönen has learned from 25 years of fighting viruses

F-Secure Chief Research Officer Mikko Hyppönen sat down on Monday for a video chat with renowned tech journalist and broadcaster Leo Laporte on Triangulation. Laporte has admired Mikko and F-Secure from afar for more than twenty years, the host explained. So this first talk gave the two IT stalwarts a chance to talk over Mikko's nearly quarter century of work at F-Secure -- which he joined as a coder in 1991 when we were still known as Data Fellows. You can watch the whole interview below or download the audio here: [youtube] The whole show is worth your time but to get ready to mark Mikko's silver anniversary at F-Secure, we thought we'd pull out some interesting lessons he's learned in more than two decades of tangling with digital threats. Driving a forklift -- Mikko's job before joining F-Secure -- has one big advantage over being an internationally known virus hunter. Once you're done with work for the day, you don't think about your job at all. Mikko told Leo that being Chief Research Officer at a company that protects hundreds of millions of computers doesn't give you that luxury. Some early malware creators went on to some very interesting things. Mikko told Leo about his trip to Pakistan to meet the two brothers who wrote the first PC virus more than 25 years ago, which you can watch below. Basit Farooq Alvi and Amjad Farooq Alvi wrote the program for what they saw as a legitimate purpose -- preventing copyright infringement. Today the brothers along with a third brother run a successful telecommunications business. Robert Tapan Morris -- the creator of Morrisworm the first computer worm -- is a member of the Computer Science faculty at MIT and a partner in Y Combinator, which helps launch tech startups.[youtube] His number one security tip? Back up your stuff. "Back up your computer, your iPad, your phone. And back it up so you can access it even if your house burns down." The numbers when it comes to malware are huge. F-Secure Labs receives about 350,000 malware samples a day, seven days a week. "The amount of new detections we build on those samples every day is usually around 10,000... 20 [thousand] on a bad day." Mobile malware isn't a big problem -- except, perhaps, in China -- because Android and iOS are very restrictive. "If you are a programmer, you cannot program on your iPad," Mikko explained. All apps that end up in the Play or App Store have to be approved by Google or Apple respectively. This model, which Mikko compares to the PlayStation and Xbox ecosystems, may be good for security, but it does have some negative consequences. "It's also a little bit sad in the sense that when you have these closed environments, it's sort of like converting the users from producers to consumers." Mikko wrapped up the interview by explaining F-Secure's principles when it comes to protecting and respecting users' data: "We try to sell our products the old-fashioned way. You pay for it with your money, not your privacy." Cheers, Sandra P.S.: For some bonus Mikko, watch a public lecture he gave this week at Estonian Information Technology College. [youtube]

October 15, 2015