Project "Startup in a Million": CEO of Group IB Ilya Sachkov on the future of cyber intelligence. Ilya Sachkov: “We are literally fighting evil Ilya Sachkov CEO of group ib

Group-IB CEO Ilya Sachkov, who has just been included in the Forbes list of the brightest young entrepreneurs in the world, wrote in Russian Pioneer not just a column about loneliness - in fact, this is a professional journalistic work. So don't be surprised if Ilya Sachkov appears on Forbes lists and in other categories. We will not be surprised.

Oh, what a topic. Loneliness, physical and moral. The good and the bad. You can be lonely surrounded by fifty people nearby and not alone - sitting surrounded by dead bodies in the trench of the First World War only with a pendant with a photograph of your bride.

Interesting, in my opinion, examples of loneliness I have seen in three films and in thousands of situations in life.

In Twin Peaks, Dale Cooper is surrounded by danger away from his family and loved ones in the city in which he is for the first time in his life. Dale tells the dictaphone, whose name is Dayana, some stories, introducing her as a partner: so simple he gets away from loneliness.

In "Interstellar" and in "Into the Wild" you can also clearly see what loneliness can be. You feel it with all your heart.

And, probably, a lot of what I do in life is aimed at spending more time with loved ones, in order to be safe, which means, one way or another, to be less lonely and happier.

Interestingly, loneliness was the reason for the creation of cities and some constitutional foundations. And it's also interesting that loneliness has increased in these cities. And violation of laws contrary to the constitution makes some people lonely for up to 7 years.

The bad part of loneliness is the antipode of society. It's scary to be alone. It was because of loneliness and natural fear that people tried to unite.

Then, in the world of Internet technologies and big cities with millions of lonely people, social networks appeared in order to unite, and many were united, and many were made even more lonely, because for many it is enough to have a friend-classmate contact on a social network and not exchange a word with him several times years old. I think many have noticed that fewer and fewer people have come to alumni meetings.

But I don't want to paint loneliness in any color (although, probably, it is gray). After all, there is the loneliness of a spaceship and the understanding that you will never see your family, and there is loneliness when you sit on the windowsill and look at the city to the sounds of the young composer iplay and good thoughts come to mind. There is the loneliness of isolation from society, the parents whom the children have forgotten, and there is the loneliness when you call a person who lives on another continent every day to make him and yourself happy.

And, probably, there is some other Woland in the world who is responsible not for evil, but for loneliness, and loneliness is part of the force that leads to something good.

You don't want to write about something sad when there is so much evil around and you have to try to get away from sadness. Therefore, I probably want to write about something good that loneliness leads to. My literary talents (more precisely, their absence) will not 100% lead to something outstanding, so I decided to derive a rough (childish) formula for good loneliness, talking to some people before the New Year (for science lovers: I know that a representative sample is this is from 1000 and cannot be limited only to Moscow). And ask one question: how did loneliness lead to good things in your life?

First I ask my driver, thanks to whom I myself am less lonely, because he is not only a driver, but also a partner, as in films about American police officers: "Vov, has loneliness done something good in your life?"

Vladimir thinks for five minutes, then speaks sadly about how he came from the army (he served in Kazakhstan) and saw his mother after a long separation. He starts to speak slowly, and we drive slower - apparently, part of the driver's attention has gone to memories. He says it was autumn. He traveled 1,500 km by bus, and his heart rate increased to an incredible limit as he approached the house.

Mom asked: "Who is there?" Then there was a pause.

"Son!" - shouted mom. Tears, joy and faith in life. Vova cried himself. And it energized, because they waited.

Two years in the army. Loneliness check. Mom waited, but the girl did not. Vova returned from the army strong. Loneliness and letters from home gave strength to live. Against the background of some of the guys who were shooting from boredom. Part was in Kazakhstan, on the border with China. Makanchinsky border detachment. East Kazakhstan region.

That is, what they have waited for ... and thanks to loneliness, you understand that someone needs and has soul mates in your life. Thus, love and warmth are tested by loneliness and separation. And loneliness hardens. There is a good idea that friendship and love are tested by both misfortune and happiness. And so maybe I found it worth adding to this the test of loneliness.

Then I called my dad. We rarely communicate because of my work, and I am sure that in his life the loneliness associated with me brings more sadness than positive emotions. Dad began, in the teaching language (my dad is a scientist, physicist and a very good teacher) to tell that loneliness is an amazing opportunity to be alone with yourself and an opportunity to understand yourself. I asked to get away from simple explanations and return to me with a real life story.

Who else to call? I wrote to Andrey Romanenko. A well-known entrepreneur. Surely Andrey has a cool story, but Andrey replied that it never happened. So it doesn't work for everyone.

A day later, I stopped by my dad. It can be seen that dad was preparing for the first interview in his life.

“All my achievements in terms of becoming a personality, increasing my intellectual or spiritual potential are connected precisely with loneliness, because this progress is impossible in a crowd, since in a crowd you are scattered into a multitude of“ I ”. And these fragments, they do not progress separately from each other. For example, my personal quality, which I, unfortunately, did not instill in my children (apparently, this is about me and my brothers. - Approx. Auth.) - this is my love of poetry. Love, knowledge, understanding. I cannot say that this is socially valuable knowledge, but personally for me it is very valuable - my personal love for poetry. She was born precisely during periods of loneliness. It was then that I could really delve into poetry, feel it, feel the music of the verse (as if I had prepared it in advance. - Ed.), Feel its lofty meaning. Or science. In those periods when I was actively involved in this, I can tell you, my greatest personal achievements in all my activities - I had two peaks of my personal heights - this happened precisely in a period of loneliness, I had to retire, for example, in Leninka: I went to the science hall and worked there from morning to evening for a week. Then there would be periods of discussion, but before that I had to ripen loneliness. " I said thank you to my dad, drank delicious coffee and returned to the city, which clearly does not look like winter Moscow.

On the same day, I received a letter from my girlfriend, who has not lived in Russia for a long time (it is interesting that she first wrote in English and then translated into Russian):

There was something similar in these stories. During periods of loneliness, a person awaits growth or preparation for growth. So? Or not quite yet? We are looking further.

I also really wanted to ask Leonid Parfenov about this, but did not have time to personally talk to him, but my question was heard and returned briefly in the form of a message on Facebook from Leonid's wife Elena Chekalova. "Lenya said that the most important example of loneliness, which led to amazing results, is Gogol." I understood (or thought I understood) what it was about, because I love both Gogol and the notes about Gogol by his contemporaries, and even watched Parfenov's film "Bird Gogol" - I highly recommend it. And it turns out that loneliness plays or has played a positive role in the life of both great people and simple loved ones. And loneliness gave us the greatest works of Nikolai Vasilyevich.

I didn’t have much time, and the snowless traffic jam in December didn’t contribute to the additional search for information and its correlation. But it turned out to be some kind of conclusion. So to speak, we managed to make a preliminary, rough formula of positive loneliness: if a person has willpower, then during a period of loneliness he can achieve amazing results in inner development or creativity. Therefore, when this feeling of loneliness appears, you need to quickly think: what great and good can this lead to?

CEO, Founder of Group-IB

A prominent representative of businessmen of the new wave, Ilya Sachkov founded Group-IB in 2003, which today prevents and investigates cybercrime all over the world.

Sachkov was born in Moscow. Graduated with honors from the Moscow State Technical University. N.E.Bauman, Faculty of Informatics and Control Systems. This is where the idea to create a tech startup with the aim of fighting cybercrime came about. Together with fellow students, he opened a small private cyber-detective agency.

Over time, Group-IB becomes one of the industrial leaders in the cybersecurity market, gaining recognition from the global analytical agencies IDC, Gartner, Forrester. Sachkov is not just a successful top manager, but also a visionary: "Being able to find a criminal is important, but even more important is being able to prevent a crime." This approach forms the basis of all the company's products. By the beginning of 2017, they are sold in 60 countries around the world, including Latin America, Europe, Asia, the Middle East, Africa.

Ilya Sachkov is a speaker at the largest international and Russian events such as INTERPOL World, WEF Cybersecurity in Davos, meetings of the BRICS countries' ministers, the St. Petersburg International Economic Forum and others. In 2018, the anniversary year for Group-IB, Sachkov presents a new vision for the development of cybersecurity technologies: the industry must move from defense to hunting cybercriminals. “Hunt or be hunted” - this slogan resonates with international information security experts around the world.

Already at the age of 29, Ilya Sachkov entered the list of the brightest entrepreneurs under 30 in the world according to Forbes in the Enterprise Tech category, which was represented by Mark Zuckerberg in 2011. The Group-IB leader is a member of the Young President Organization (YPO), a global network of young CEOs with over $ 4M in revenue. Sachkov became the first Russian laureate of the Digital Сrimes Consortium international conference prize for his contribution to the international exchange of experience in the field of computer forensics.

The head of Group-IB is one of 26 members of the Global Commission on the Stability of Cyberspace (GCSC), created to develop recommendations for promoting cyber stability in the world.

Today he is a member of the expert committees of the State Duma of the Russian Federation, the Russian Foreign Ministry, the Council of Europe and the OSCE in the field of cybercrime. Co-chairman of the RAEC Commission on Cybercrime, member of the Council of the Coordination Center for the national domain of the Internet. Three-time winner of the Russian stage of the EY Entrepreneur of the Year competition in various IT nominations. In 2018, he was shortlisted for “100 Outstanding People of the Year” according to RA “Expert” and “Russian people of the year” from Russia Beyond.

At the beginning of 2019, Ilya Sachkov became the winner in the "Innovative Breakthrough" category of the "Big Business" award, with which he and other winners of the competition were personally congratulated by Russian President Vladimir Putin in the Kremlin.

In 2019, Ilya Sachkov was included in the list of the top 100 "Young Economic Leaders of Russia" prepared by the French independent analytical center Institut Choiseul (Institute Choiseul) within the framework of the Choiseul 100 Russia project.

Hobbies of the founder of Group-IB: Muay Thai, X-fights, running, surfing. He is a regular participant in the extreme race "Race of Heroes". He is fond of neoclassical music, patronizing young musicians. In recent years, he has become an ambassador for a number of brands. Engaged in charity work. Leads an active teaching activity, is an associate professor of the Department of Information Security at the Moscow State Technical University. N.E.Bauman. Gives lectures on cybersecurity for students and schoolchildren.

More details

Our strategic goal is to build a new type of cybersecurity company that does not depend on any state. A company whose offices in almost every country completely duplicate all the infrastructure that is here in Russia (in my model there should be at least 40 of them). Nobody does that. What is it for? To fight crime is my main motivating goal.

There are companies in Russia who say: "We will grow on the wave of import substitution." But this is growth for 3-5 years, then the company will technologically die. If you do not fight a strong player, there will be no technological development. The same is in cybersecurity: in our country, many large vendors do not compete with other players, with American companies, because we do not have them here in Russia.

Now our company employs about 300 people. The average age is 26-27 years, more than 30% are girls. They all have an intolerance to computer crime and a desire to do something good, change the world and be happy with their work, technology and engineering thought. The specialties that we need are very often not taught in universities. Therefore, we either train our employees ourselves, or they received this knowledge from books.

Knowing who cybercriminals are and what they are after can be the first step towards protecting your data, money, and reputation. Ilya Sachkov, the founder and CEO of Group-IB, told the audience of corporate programs at the Moscow School of Management SKOLKOVO.

Thanks to films and TV series, we are accustomed to the fact that a crime is something tangible, something that can be seen: a killer kills a victim, a bully snatches a purse from an old woman's hands, a "bugbear" breaks into a safe. However, every year the share of such “traditional” crimes is decreasing, while the volume of cybercrimes, on the contrary, is growing. One robbery is committed every one and a half minutes in the territory of the European Union. And over the same period, there are about three thousand cases of data theft, and more than a dozen new malicious programs are born.

Organized crime is increasingly using the Internet, and cyber attacks, according to experts from the World Economic Forum (WEF), have now become the main global risks along with environmental and geopolitical problems.

Ilya Sachkov believes that the key element of cybersecurity is knowledge of what modern computer crime is. By understanding the goals of cybercriminals, their motives and techniques, they can be effectively countered. The most common motive for computer crimes (about 98%) is financial gain provided by hacking of the same banking systems, extortion, fraud, and so on. Espionage, sabotage or cyber terrorism can also motivate a crime, usually typical of pro-government hacker groups, but the bulk of cyber threats are still associated with cybercrime.

Unfortunately, most Russian companies do not understand what modern computer crime is, how it attacks, what tools it uses, and therefore business owners and their information security directors (SISO) do not know how to protect their infrastructure or remote banking system (RBS) ).

For example, some people still firmly believe in antiviruses, while world practice highlights the weaknesses of this approach: the most popular antiviruses were installed on many infected computers of bank employees, but they did not save them from infection, and as a result, the attackers were able to take control of bank network and withdraw money from it. CEOs of companies talk about risks and cyber attacks, not knowing who a cybercriminal is, often cannot name hacker groups, explain how they attack, what tactics they use.

Cybercriminals follow the money and target the mass market. For example, because most of the company's accountants and bank employees work with Windows products, hackers target them and not Apple computers. Another example is that cybercriminals do not see the point in attacking the infrastructure of power plants or other strategic institutions. This does not promise them economic benefits, only trouble - the threat of punishment for potential terrorism is extremely high. On the other hand, pro-government groups, on the other hand, rarely attack banks, and if they do, it is for the purpose of destroying banking infrastructure or espionage, and not for the purpose of robbery.

In order to gain access to finance or services of companies that deal with RBS, hackers figure out employees with access to financial flows. At risk are accountants and financiers. They are attacked either directly using phishing emails, or fake / infect sites that these employees often visit.

One of the most common vectors of attack and network penetration is still phishing emails, which allow access to an employee's device and the services with which he works. The employee receives a letter, like two peas in a pod, similar to what is usually sent by counterparties, partner banks or regulators, and opens it. But the attachment contains a malicious program that infiltrates internal systems and looks for ways to "gain a foothold" in the system, in order to then enable its creators to steal and withdraw money.

Most often, criminals use social engineering methods based on the following psychological factors to push a person to open a fake email:

AND) Curiosity... Phishing emails can be disguised as notifications about undelivered messages or about granting access to some files.

B) Fear... In this category of messages are, for example, angry letters allegedly sent on behalf of the management.

IN) Striving for free goods. This category includes letters that “notify” the recipient of winnings, some bonuses and similar events.

Modern cybercrime sometimes has multi-million dollar budgets. These funds are used to hunt specialists, bribe officials, and develop hacker software. In fact, this is such a criminal startup in which no malware developer will waste his efforts and resources if he does not believe in success and has no idea how to bypass existing security systems. Therefore, it is worth keeping in mind the rules of precaution, but be prepared for the fact that a possible attack will be delivered from where no one expected.

Ilya Sachkov shared with the students of the SKOLKOVO Business School a few tips useful both for ensuring personal safety and for protecting his organization from potential outside interference:

– Remember, email access gives you access to your entire digital infrastructure... Many services, instant messengers, programs are tied to mail accounts. So, if an attacker can get access to mail, he can get into your infrastructure.

– Introduce two-factor authentication wherever such a procedure is available... This tool is not perfect, but it will significantly increase protection. An attacker will need not only your Internet account, but also access to your phone. Advanced criminals can also hack a mobile device, but the threat from most hackers will be eliminated.

– Create multiple accounts / mails... You don't need to make all your services linked to one email. If a criminal can gain access to such a mailbox, he will be able to connect or even take control of all associated services.

– Use strong and secure passwords, change them regularly... The ability of attackers to guess and generate new passwords is constantly growing. Accordingly, you need to change and complicate your passwords that protect access to your information.

– Make backups of your information... If your device or network becomes infected, your information is also at risk. Therefore, you should always have a backup copy of your data, which you can resort to in case of a critical situation.

– Trust no one... Sometimes even a close friend of yours who needs your data for some reason may be the attacker. And often, criminals can simply use the accounts of your friends to send you infected files and gain access to your money or information.

– Do not post on the network what you would not do publicly... Everything that gets into the network remains there forever. A competent specialist will be able to access information about you, even if it was published 15 years ago, for example, on the forum of St. Bernard fans. If you are not sure that some data will not be able to compromise you in the future, do not publish it.

– Maintain your cyber literacy... If you follow the news of the world of cybersecurity and follow the recommendations of experts in this field, you will be prepared for and protected from cyber threats better than the vast majority of people. Attackers want to gain access to your money or information. But few of them will try to bypass the protection, which will require additional efforts for them. For example, Ilya Sachkov recommends studying the Group-IB reports, articles published on the sites Dark Reading, SecurityLab, the book "Cybercriminal # 1" by Nick Bilton, as well as books by the former hacker Kevin Mitnick.

Group-IB is a global cyberattack prevention company. Over 15 years of investigating complex incidents, the company's experts have accumulated a unique knowledge base and built a global infrastructure for monitoring cyber threats - Threat Intelligence. This system is recognized by Gartner, Forrester and IDC and is at the heart of the cyber security product line. Among the clients of Group-IB there are companies from Russia, EU countries, USA, Brazil, Canada, in particular Microsoft, Rostec, Aeroflot, British Petroleum, DHL.

Ilya Sachkov is a Russian entrepreneur, founder and CEO of Group-IB. Member of the expert council of the State Duma committee on information policy, information technology and communications, as well as expert committees of the Russian Foreign Ministry, the Council of Europe and the OSCE in the field of cybercrime. In 2016. was included in the Forbes list of the most promising entrepreneurs under 30 years old. Three times he became the national winner of the international competition EY "Entrepreneur of the Year" in Russia.

Several years ago, one of our investigations reached a dead end. The offender threatened the person with anonymous letters and at the same time did not make mistakes that would allow him to establish his identity using computer forensics methods. Suddenly, one of our team members disappeared from life for several days (we really lost him), and then came back with a decision.

Our colleague drew attention to the fact that in one of the letters the attacker mentioned that his repressed relative once lived in a certain city. Our employee collected all possible archives and built genealogical trees of people who were repressed in a particular city in a particular year.

Even now, this work seems almost unrealistic to me. However, there were only 12 living people that fit the description. One of them was familiar to our client, and he immediately understood what the blackmailer's motives were.

The employee who solved this crime is autistic. This trait has endowed him with innovative thinking and the ability to immerse himself in amazingly deep work. Autism can be an advantage, and I'm glad people with this trait work for my company.

Find in time

I first met an autistic person in 2007, during an investigation. It was a meeting with a criminal. Later, conducting other investigations, we saw that some types of computer crimes (for example, writing viruses) are often committed by autists - sometimes the criminals had a diagnosis, sometimes we ourselves determined it in the process of communication.

Why do autists take the wrong path? The huge problem of our state (and society) is that we know nothing about autism and no one systematically works with these guys. It all starts in childhood. Problems in the family or at school, aggression and violence make the child angry. If he has access to a computer, he quickly realizes that with his help he can take revenge on society.

When we drew attention to this, we began to study the medical and psychological literature. Our library contains research by scientists from Harvard, Cambridge and other scientific centers. Gradually, we began to conduct our own research and found that autistic people are amazingly interesting people.

There is a widespread myth in Russia that autism is a limitation. This is absolutely not the case. It's just important to find an approach - in the family, at school, at work. Then autistic people will become part of the puzzle that will allow society to solve many important problems.

Specific goals

If you place an autistic person in a supportive environment, communicate with him and direct him in the right direction, he will become one of the best in the team. This is especially noticeable in the computer sphere, because autists are hardworking, creative, interesting. This is incredibly important, and I want to build a whole training system for autistic people who are interested in computers.

Autists have been working in my company for a long time in different positions. Some of our patents and developments are entirely the result of the work of people with this property. I myself am also a little autistic in some character traits and I think this is a cool advantage. For example, sometimes I become detached and it allows me to concentrate tremendously on business. But, of course, I do not manifest this to the same extent as some of the guys from our company - they are capable of truly outstanding things.

In my opinion, autists are well suited for analytical work, working with big data, development, routine intellectual tasks. We are talking about writing large technical texts, finding errors in the code, building long logical chains and searching for sequences in huge data sets.

In our business, it is very important to be able to relate events that at first glance seem random, and autists have no equal in this.

To set up a contact

But there are also difficult moments. Motivation methods that work for most employees are not suitable for autists. Standard corporate rules and principles of communication can provoke unexpected reactions. For example, autistic people value humor, but sometimes they don't show it outwardly. They are also not interested in corporate events - if there are many such people in the team, you need to arrange something special. But if you keep in mind the peculiarities of colleagues, you can communicate with them perfectly. The approach is important - these people need to be cherished and appreciated.

A person who believes that there is no need to communicate with autists, that they should not be hired, is an uneducated person. If you take the time to study psychology and build a job correctly, for any company (especially in IT), an autistic person will be the best employee. Again, autism is amazingly cool.

I also know autistic entrepreneurs. I am even friends with some, but in communication this topic remains taboo, because the word "autist" is perceived by many as a curse. It is unlikely that something can be done quickly with this, so I would introduce a new concept, make a radical rebranding.

Cover photo: Bloomberg / Getty Images

17.10.2018 09:00

The fighter against hackers, the CEO of Group-IB Ilya Sachkov warns: almost any business can become a victim of computer intruders. And advises to study the enemy before the attack occurs.

Before the recent World Cup, the country's law enforcement agencies were put on full alert, and, fortunately, there were no major accidents or terrorist attacks offline. But the activity of cybercriminals during the World Cup, in our estimation, remained quite high. We recorded several attacks on Russian banks at once, one of which lost almost $ 1 million - the money was withdrawn by the hacker group MoneyTaker, breaking a hole in the corporate security system. Let's take a look at why companies fall victim to IT crimes.

Not taking cyber threats seriously

Most people, many corporations, and sometimes states, still do not perceive computer crime as an important problem. This topic is well-known, it is hype, but psychologically everyone is not so afraid to face directly the actions of hackers. In fact, computer crimes are the most widespread in the world. During the time when only one apartment robbery takes place, about 3000 different cyber attacks are recorded. Danger more and more often awaits us not with a knife in the doorway, but on the Internet. And the fact that ordinary computer users and businesses do not take this seriously is one of the main trump cards for cybercriminals.

Lack of knowledge

Military science says: in order to correctly build a defense strategy, you need to know the potential enemy. The reality is that most Russian companies do not understand what modern cybercrime is, how it attacks victims, and what tools can be used to protect their IT infrastructure, for example, a remote banking system (RBS). It happens that lending organizations see the use of USB tokens or DLP mechanisms as a panacea for all ills. In fact, the world of computer security has made great strides forward. For example, there are cyber intelligence tools that help you learn in advance about current threats and upcoming attacks. Sometimes the companies didn't even hear about it.

Erroneous risk assessment

Even when money is spent on information security, it may not be enough. Most often, corporations begin to purposefully take care of cyber protection, "pump" their employees and update software if an incident has already occurred. Failure to understand the degree of risk and the vector of computer attacks leads to paradoxical things - dissipation of budgets and "holes" in the defense.

For example, until 2017, most companies (and states too) were sure that ransomware attacks only ordinary users: they block access to the hard drive and extort small money for unlocking. The picture of the world turned upside down when, in three days, the WannaCry virus hit 200,000 computers in 150 countries, causing at least $ 1 billion in damage. But even after this, it would seem obvious evidence that the business is also not immune from encroachment, few people quickly rebuilt their protection systems. As a result, a huge number of commercial organizations fell victim to the new malware Petya and BadRabbit. Work was interrupted and data was lost if it was not backed up.

Wrong technology

Many top managers and business owners still believe that antivirus is the only computer security tool that works reliably. But our 15 years of experience in investigating computer crimes shows that very often it does not help. Coming to investigate an incident at a bank or a company from which the money was stolen, our forensic specialists often note that popular antiviruses are installed on the infected machines of employees. So don't rely on this method of protection alone.

Human factor

The weakest link in the defense of any organization is still the human being. Lack of knowledge, mistakes and inattention of staff help attackers to carry out attacks. Example: the already mentioned hackers from the MoneyTaker group infected the home computer of the system administrator of a Russian bank and then infiltrated corporate systems. For almost three weeks they freely studied the processes of the organization, figuring out how to steal money. The bank had an antivirus that recorded the use of hacking tools and constantly signaled danger. Nobody paid attention to the alarm until tens of millions of rubles were stolen from the bank.