STE VE CASSIDY
If there’s one person you call in to solve the problem that is ransomware, Steve discovers, it’s Serguei. And he’s no cuddly meerkat
If there’s one person you call in to solve the problem that is ransomware, Steve discovers, it’s Serguei. And he’s no cuddly meerkat.
Never have I looked forward to the end of a travel season as I have this one. Madrid, Bremen, Vegas, San Francisco, San Jose, Oakland, Stuttgart, Schaffhausen, Munich, Hanover, Cologne; truly a case of wherever I lay my hat. Although, this time, it wasn’t jetlag or weird diseases that had me eyeing the last trip with keen anticipation. It was the prospect of a sitdown and chat with Serguei Beloussov.
Serguei is CEO of Acronis. We met at the firm’s new HQ in Schaffhausen, at the northern tip of Switzerland. This isn’t our first encounter, because the Russian group that includes Acronis also includes Parallels – fine suppliers of web control panels and virtualisation software.
Serguei used to run Parallels back in the initial days of cloud computing, so we’ve crossed paths a few times. It was Serguei who passed on a joke from Prince Andrew, who had said at the end of a presentation on quantum computing that he may have appeared to be asleep during the more technical slides, but that he had in fact been alert and attentive at the same time. From this I learned that Prince Andrew is no slouch – and that Serguei definitely gets around.
Fast forward a half decade and here we were, in a chic open-plan office with some racing car drivers, locals and a few Swiss chocolate nibbles. Even if I occasionally dropped into off-state Prince Andrew mode, I couldn’t fail to notice how the word “protection” kept coming up in all the product briefings. Nor was it being used in the same way: this wasn’t a last resort backup method for home users or corporates. Something far more interesting was happening. The penny finally dropped for me when I did eventually find a techie and ran through a few screens of one of the centralised corporate backup products. Under the list of saved images of a distant cloud-connected laptop’s drives, there lurked a button: “Run as VM”.
This isn’t actually rare when it comes to backup archives of real machines: you can open a Windows Server backup as a VM, for instance. What’s unusual, and set me thinking, is that in this case the backed-up laptop image can be run as a VM in the cloud, on the servers delivering the backup platform itself. Given the most likely circumstance in which you’d want to restore a user’s machine (laptop left on top of car; tablet dropped in industrial cake mixer), this is likely to be an absolute game changer for the users, more than for the techies. Why? Because now users can access their most recent files via that VM, rather than having to wait for IT to supply a whole new laptop.
Several years ago, I bemoaned the horror of a business whose IT strategy was to send each new employee down to the corner laptop store and tell them to buy whatever they wanted. Several years before that, I was wowed by a stage demo from Citrix that showed how running VMs under a hypervisor on a laptop could ensure that you keep a cloud-stored backup of that machine in sync with the local
copy. This counteracted the most frequent misunderstanding of “backup”, because even local work-in-progress counted as a state change to the VM and therefore presented to a hypervisor-resident sync process.
The point about Acronis versus Citrix here is that Acronis can start small, and insert itself into a preexisting environment of not-ideallybuilt laptops and PCs. Citrix required a cold start with much forethought, planning and the dreaded “infrastructure”. We’re also in a brave new world when it comes to laptop OSes and the software found on them. In the Citrix era, there were still over 90 applications in the Ford Motor Company laptop manifest, and a lot of installed Windows XP machines to run them. These days, such horrifying intricacy has been engineered out.
Serguei’s ambition doesn’t stop at being a fairly well-regarded player in the PC backup marketplace, however. I say “fairly”, because I think that’s fair: I canvassed my fellow RWC columnists on the brand, and their reaction wasn’t uniformly positive. That reminded me of the last time I met Serguei, just as he’d been given the news that he was moving from Parallels to Acronis, because “some things were not right”. To me, that and the lukewarm reception from the
PC Pro panel are two sides of the same coin. Certainly, the modern Acronis is spreading its attention far more widely than just shovelling bytes on and off your PC.
And I mean a lot more widely. Remember, Serguei gets around. When he kept saying “protect” in that crackly Russian/English accent, I was thinking it was the classic marketing slogan about how backups protect your files. Sure, I thought to myself, fair enough. But this isn’t what he meant at all. As is usual when we meet, the actual detail emerged from an apparently unrelated aside about the way that ransomware had sealed the fate of cryptocurrencies, and what this might mean for the future of blockchain. Suddenly, Serguei shifted gear and he said that he had a nightmare vision of the future of ransomware and backup.
What if, said Serguei, the people in control of ransomware economics realised that high-value, high-profile damaging hacks were over? Where would they go next? They have both the time and the resources to do a lot of R&D, and they want a less dramatic and painful revenue stream. It’s much better to be a taxman than a bank robber, after all. How can ransomware authors convert their role so that ransoms become a more reliable source of income?
His answer? Corruption. Not of people, but of documents. Want to be a successful ransomware operator? Don’t lock a document or scramble it: just deface it. Put white blobs in pictures, mix up the words in documents, so that the copy on your PC becomes different from the one sent to your correspondent.
The most likely use of a historic backup or archive is to retrieve a file because some bank or lawyer or whoever has a question or a dispute about what was said when that backup was a live work in progress. If you send a corrupted version then they’ll say “that’s not what we have on file” and it’s game over. While your back was turned, some silent little infector has called into question the entire basis for using a computer at all. It’s the return of bit-rot, only this time it isn’t unreliable hardware, it’s nasty men who want your money. Then you can have your stuff back.
Serguei thinks that ransomware authors will move to an on-demand decrypt/un-deface model, with a few euros charged per document unlocked. His idea to combat this is to use the blockchain model as a long-term, publicly readable repository of document originality. A file is protected not just because it’s stored on your machine and somewhere else, but because it has a continuous history, showing that modification hasn’t happened.
It isn’t often I’m stunned by the audacity of both a problem and the solution. It’s even less often that I get an immediate gut reaction that says someone is right. This time, I had both. If anyone was to have the range of research and the simple travelling air miles to have come up with this opinion, it’s Serguei Beloussov.
I know the old lags will say that effective protection against such a threat can be put together with not much more than a ZIP file utility with passwording, or even just a step back in time to writing archive sets of your work files to DVD or Blu-ray. As soon as the files are offline, the threat disappears. Which is fine, if you’re 100% confident of your disk-writing processes, and of the durability of the discs you buy – but this still isn’t the main shortcoming of doing this. It’s the fact that this is a blast from the past, and it doesn’t get through to the Chromebook’ n’cloud generation. What if the entity held to ransom was your cloud backup storage provider, holding your stuff on its machines?
I’m sure Serguei’s approach won’t be the only solution. But, as ever, he seems to be the one looking furthest ahead and taking action on what he sees as the future.
A summer CeBIT
Normally I write about CeBIT while wearing a heavy jumper. That’s because, since the early 1980s at least, CeBIT has been a winter exhibition. And Hanover gives pretty good winter, it must be said: pitch dark, snowbanks on pavements, the lights of bars and restaurants twinkling through frosty windows. All of that changed in 2018, however. This year’s enormous tech trade fair has been disrupted. The blazing
“Want to be a successful ransomware operator? Don’t lock a document or scramble it: just deface it”
skies of June shone down on the Hanover Messe showground, with a wholesale rearrangement of the entire format of the show and a good deal of fear and loathing on the part of everybody involved. Was the sheer discomfort of the winter season actually an integral part of the whole story? Would this change mark a steepening decline in the reputation of the event?
Who cares, right? It’s just a computer show. Why go to these things expecting anything other than people selling you stuff? They all operate the same way, so how can you tell them apart?
The answer is simple. Of all the shows I’ve been to, CeBIT is the only one with added national leaders. They don’t make the trip for CES in Vegas or Computex in Taiwan. They do turn up in Hanover. This is a reflection of the importance CeBIT had a decade or more ago, when all the world’s industries would turn up to see what the world’s tech firms had to say (a position the show has held since the late 20th century). That isn’t a regular trade show; that’s a component of world trade, technology trends, business decisions and consumer spending. If you had the stamina over a few short days, you could then encompass a large proportion of a year’s research, just by doing a business card supermarket sweep round the entire show.
To heighten the impression of change, the show had changed occupancy of the immense Hanover exhibition centre. No more central press centre; no more sitting on the grass outside the IBM hall in prime position. This fuelled an unexpected sense of panic: had the show really shrunk that much? Those empty halls were beside the entrance, too, and the taxi rank. Every driver wanted to know what the show was like, as we rode back and forth from the hotel. It’s fine, we said: but mostly, we were reflecting on the grotty chairs and hipster tables in the “new” press room. Yes, some people turn up and just sit in the room, stacking up press releases. This year, they had to follow George Michael’s advice when he sang “let’s go outside”.
Because all those bigger brands had done exactly that. There was, tucked away out of sight of the cab drivers and kibitzers, an enormous fairground. SAP had a Ferris wheel the size of the London Eye. IBM had gone for weird, with a quantum computing device straight out of the original
Star Trek (see the picture above). Oh, and a massive mobile crane and a load of chairs and tables, which you could see was IBM-only once the chairs, tables and their occupants were 100m in the air (again, check out the picture). Volkswagen had a hall to demo the E-Go, its latest, cute little all-electric vehicle – but I fell in love with the e-quadbike, which I assume wasn’t actually a Volkswagen product.
Inside, the old and rather pointless segregations of exhibitors are history. You can walk down an aisle past a German state developer’s alliance promotion, a Taiwanese maker of mains leads and a drone collective – this gets over the previous problem of some halls being a single-purpose ghetto, and people not visiting some exhibitors because the extreme climate would keep them in the halls nearer the train station.
I didn’t share the trepidation of the folk I talked to, that this was a move away from one of the few traditions the IT sector. However, I think there may be some point to what those doubters have to say, because CeBIT was an enormously dominant event for a very long time. I think this new summertime slot is a sensible response to the way that IT has pervaded everything in our lives, and the slow emergence of IoT into industries whose best exhibits don’t fit inside a stand.
Perhaps the answer is found with my friends at Software AG, which used the event to announce another purchase in its burgeoning portfolio of IoT-related businesses. This time it was TrendMiner, which shows near real-time stuff about your fight with the squirming, malevolent firehose that is IoT data from sensors. The reschedule to summertime denied us the bemused presence of Angela Merkel this year – we were meeting just after that arms-crossed picture with Trump in the Far East – and the style of the new festival was evidently a learning experience. What do you do outdoors, if you’re a pure software business? Software AG had a 4x4 campervan ex-military truck.
This is perhaps the ultimate in dogfooding: hedging bets between the old, winter, inside world of CeBIT and the promising and sunny outdoors world of 2018, to discuss the latest in a series of purchases that make it more likely you’ll solve your problems inside your brand, than outside. Which is precisely what CeBIT’s organisers are hoping for with this break from tradition.