🗣 Rob Rosenberger Profile picture
Feb 24 36 tweets 15 min read
Today marks the first anniversary of the Russia-Ukraine #cyberwar that killed <checks Microsoft's & Mandiant's reports> no one.

Let's go over last year's mass cyberwar #panic. We'll begin with one of the earliest calls to #boycott @Kaspersky:
There was an immediate feeling that everyone must cancel all Kaspersky subscriptions, as if customers -- especially corporate clients -- had a competitor's product waiting in the wings to replace it in some trivial fashion:
Likewise, there was an immediate plea to [translated] "remove Kaspersky from your PC. Now. Immediately." Again, as if customers -- especially corporate clients -- could do it trivially and without serious consequences:
Pleas to uninstall Kaspersky came in multiple languages, each time offering no advice to protect the customers' computers using other products or methodologies.

These pleas implied Kaspersky's products were worse than having no security at all:
Numerous folks assumed Russia would launch horrifying cyber attacks, leading to the time-honored mantra "update #antivirus software."

But this led to some interesting replies that excluded Kaspersky's antivirus product line as a survival measure:
Others worked to boycott Kaspersky, e.g. tech wonk Gary Fuller who implored Barclays UK to stop offering it for free to their customers.

Had Fuller consulted the Wayback Machine, he'd know Barclays stopped offering it as of January 2018:
An English speaker who uses[d?] Kaspersky "came on here to ask if I should move from them." To which a legit scientist and "hardline centerist [sic]" suffering from False Authority Syndrome replied:
Of note: Kaspersky still supported its American customer base as if, you know, they were still ✌️customers.✌️ Here's a tweet on 25 February where they intervened for a customer who didn't get satisfaction from Kaspersky's U.S. support branch:
Still, this didn't stop a soccer reporter named Jim Boardman from straight-up accusing Kaspersky of "actively working to assist Putin’s efforts in Ukraine."

Spoiler alert: Boardman has presented no evidence to support his accusation:
(Moving forward in the Twitter timeline, I now must filter on "verified" accounts because the Teeming Millions went ballistic over Kaspersky. It'll calm down a few more days into the timeline, but I'll leave the filter in place because it's easier.)
Facing a slew of tweets to say ANYTHING against (repeat: "against") the war in Ukraine, billionaire oligarch Eugene Kaspersky himself walked the line for the company he founded. He composed two tweets starting here:
Kaspersky's second tweet stated the obvious: "The main thing we can do in this situation is provide uninterrupted functioning of our products and services globally." He excluded no one, not even Ukrainians, in his "globally" remark:
(We need to "open paren" here with my concern that @e_kaspersky's bio simultaneously labels him CEO of a company he founded while claiming "Views are my own." Your views ALWAYS reflect your company's views, Eugene. Delete that disclaimer from your Twitter bio. Conversely, …
@RobertMLee has NO such "views are my own" disclaimer in his Twitter bio. He founded Dragos, he launched a cybersecurity comic strip, and he owns up to the fact he always speaks at all times for those things. Okay, now let's go back to the main storyline. "Close paren!")
Now TO BE HONEST, I offer Eugene Kaspersky high marks given the well-known situation where oligarchs beholden to Putin occasionally fall from hotel & hospital windows. I've not discussed this about Kaspersky in classified USIC environments but I'll say it openly right here…
To wit: Kaspersky's success is NOT truly "beholden" to Putin. Cybersecurity wasn't "divvied up" when the USSR fell; Eugene built his global empire from the ground up. He's truly unique among the billionaire oligarchs in this regard.

Furthermore, Kaspersky's products alone…
…go directly into the end users' hands. All other oligarchs' products flow outward in some raw form before they reach the end customer (yes, even bulk electricity).

And I'll point to Facebüük & Über if you debate me on Kaspersky's ability to gather #intelligence on customers.
Still, many folks in the global cybersecurity community didn't care for Kaspersky's milquetoast phrasology. #infosec #influencer Lesley Carhart posted seven replies, saying in their humble opinion that Kaspersky should've kept his laptop shut:
I said "many folks" and I'm not done yet. #infosec influencer Rik Ferguson's own daughter has a stake in this war (see below) and Rik, too, told Eugene Kaspersky it was "Better to have stayed silent" than to tweet in the style of Calvin Milquetoast:
It was "OG" cybersecurity journalist Larry Seltzer who chimed in with the most salient point of any reply to Kaspersky's milquetoast commentary on the war:
Eugene Kaspersky's milquetoast commentary later showed up in a statement quoted in a VICE/Motherboard article where Germany's intelligence organ labeled their security products as (shall we say) a "movie plot threat" to the global Internet:
Of course I call Germany's fears a "movie plot threat" because that's what it is. They fear Kaspersky is the guy in the driver's seat and German customers are the ones in the passenger seat in this movie scene:
Face it: the #cybersecurity industrial complex LOVES to fantasize about a Russion billionaire like Eugene Kaspersky, who publicly secures customers' laptops around the globe while secretly implementing his long-term plan to achieve world domination:
Now, if you're an "OG" Vmyths reader, you know I've cautioned that ANY #antivirus firm can turn on its paying customers. I've documented both Symantec & McAfee cozying up to the FBI after the Wall Street Journal outed them for arming China with offensive virus technology…
…and if you go back to 2006, you'll find my keynote speech where I caution it's NOT in the best interests of the U.S. gov't for Russian citizens to work at U.S. #antivirus firms that occasionally obtain malware samples from *classified* documents:
But hey, it's 2023! A full year since Russia launched a 3-day #cyberwar to topple Ukraine! Certainly by now we must have HARD EVIDENCE that Kaspersky Lab is holding hostage every paying customer outside of Russia. Right, @JimBoardman? RIGHT?!?
Here lies the problem: soccer reporter Jim Boardman has offered no proof that Kaspersky Lab's software proved malicious anywhere on Earth.

Hell, not even Ukraine's gov't claims Kaspersky Lab attacked them in any way!

Yet everyone was so SURE of their beliefs in 2022.
Members of the #cybersecurity industrial complex have told me for DECADES "our past is behind us; we're not the panic-driven fearmongers we used to be."

Yet here our industry stands with spit running down our lip that somehow didn't splatter itself on Kaspersky's reputation.
At this point some of y'all will gripe "cyberwar IS coming, Rob! We can be wrong a million times but it WILL happen some day!"

I agree. Furthermore, I believe when that day finally comes, you probably WON'T be seen as "The Boy Who Cried Wolf."

Let me explain…
Our industry enjoys a mainstream news #gravitas that no other #apocalyptic cult can achieve. We're the people who secure the Internet from which all life flows! You can't receive one watt of electricity nor a drop of tap water without it! Your bank account and…
…your prescription refills and your Taylor Swift tickets and your Uber rides and your pets' Chewy subscription all depend on the Internet!

It must be secured and, hey, our industry is the one behind it all! If not for us, the entire world would perish!
I'm serious: the mainstream media buys into our #doomsday cult like no other. You'd never get airtime wearing a sandwich board saying "THE END OF THE INTERNET IS NIGH!" But you'll get airtime on The View wearing a business suit and telling the hosts "RANSOMWARE KILLS BABIES!"
This is why you get away with screaming "#CYBERWAR!" relentlessly. The Court of Public Opinion is ultimately prosecuted by the media, and the media loves our industry's doomsday cult. We've been perfecting our schtick since 1988:
It's also why anyone (not just Jim Boardman) can #slander & #libel Eugene Kaspersky! "He's an evil inhuman Russian! Putin will tell him to destroy every customer's PC outside of Russia and Kaspersky will do it with glee because all Russians hate the rest of the world!"
Our industry will do this again. And again. And again. We collectively can't help ourselves. It's in our DNA.

If, say, Belarus invades Poland this summer, we'll see another shit-ton of tweets screaming "NOW Kaspersky is going to destroy all Polish customers' PCs!"
And our global industry will collectively *believe* its own hype as it always does. It will believe its own slander & libel as it always does.

Because we're a doomsday cult. Why would be believe anything else after all these decades?

@threadreaderapp please unroll

• • •

Missing some Tweet in this thread? You can try to force a refresh

Keep Current with 🗣 Rob Rosenberger

🗣 Rob Rosenberger Profile picture

Stay in touch and get notified when new unrolls are available from this author!

Read all threads

This Thread may be Removed Anytime!


Twitter may remove this content at anytime! Save it as PDF for later use!

Try unrolling a thread yourself!

how to unroll video
  1. Follow @ThreadReaderApp to mention us!

  2. From a Twitter thread mention us with a keyword "unroll"
@threadreaderapp unroll

Practice here first or read more on our help page!

More from @vmyths

Jan 5
"in which I address some criticisms (some fair, others not)" ⤵️🤨

Let's talk cybersecurity.

Historically, those who were critiqued felt victimized. These victims often lumped non-critique #heckling with legit #criticism to shield their egos.

The use of #comedy tools in…
…legitimate criticism led many (perhaps most) victims in #cybersecurity to cry out that humor negates legitimacy: "the stakes are too high for <THIS|ME>to be taken so lightly!"

Yet these same victims adore e.g. Jon Oliver for his brutal use of #comedy in legitimate criticism.
And here we arrive at the crux of the matter:

The victims, not the #elements of legitimate #criticism, decide what is "fair" in cybersecurity.

This way, anything that is not ✌️criticism✌️ may be labeled as such so victims can associate legit critics to their SCUM counterparts.
Read 10 tweets
Dec 19, 2022
553 days ago, Steve Morgan's astronomically large yet unexplained #guesstimate for "the cost of cybercrime" exceeded the entire U.S. national debt.

Morgan has bragged that his wild-ass guess is already larger "than the global drug trade":
"Staggering" is ✌️right✌️ — it amazes me how often Steve Morgan's absurdities #dupe cyber experts like @dralissajay, @WaleMicaiah, @lhmphaphuli, @KenBeattyJr, @eSentire, @LilyLopate, etc.

So, let's chart him against the GLOBAL GROSS DOMESTIC PRODUCT
This chart plots Steve Morgan's asinine #guesstimates against WorldBank.org's figures for the 2015-2021 Global Gross Domestic Product with projections up to 2024. For 2025 onward, these charts show a 2.5% increase from an acceptable 2-3% for a healthy global GDP.
Read 10 tweets
Dec 16, 2022
Yes: John McAfee.

What we call "the cybersecurity industry" [d]evolved from the #antivirus industry that formed in 1988 when John proposed "NCSA" as a media con game. It later split in two (think "Good/Evil Kirk"), and the good stuff became what we know today as ICSA Labs.
John's antics appealed to reporters infatuated with the newfangled idea of a computer virus. Some vendors (e.g. Solomon's) shunned it but others (e.g. Panda) couldn't help but play along.

Still, the allure of media exposure tainted nearly everything it touched. There was no…
…ethical foundation in these early days. SANS formed to fill this hole but it struggled at first to make inroads. The late @howardas formed an ethics team inside the White House that ultimately vetted SANS, and he pushed it with every fiber of his being.
Read 5 tweets
Nov 28, 2022
Let's talk cybersecurity #jokes while we still can.

You probably don't take on a company like @McAfee or a person like @CybersecuritySF like *I* do. But most of you DO enjoy a joke that uses #sarcasm, #burlesque, #irony, and/or #satire to make its point…
…and that's something I've done in our industry for three decades. PC Magazine columnist @THErealDVORAK labeled me "a comic provocateur" for using the comedian's tools of the trade. My "#antivirus industry persona" predates The Colbert Report. I was…
…blogging about the #antivirus industry before Google's formation. My 120+ "audio rants" predate YouTube. My website visitors routinely crippled what you know as Mae West. I got snapped up at *the* apex of the Internet bubble and I laughed all the…
Read 11 tweets
Aug 4, 2022
An innocent questioner came to me asking "Why do you start [see chart below] at 2021?"

And it stumped me. Because I've studied Steve Morgan's tweets enough to know he's touted "$3 trillion" since at least 2018.

So, why DID I start at 2021? Quite simply…
…I had Morgan's more recent #guesstimates in front of me when I first decided to "chart the math."

Really, though, his multi-trillion $$$ guesstimates date back to 2016. And they're not … exactly … "scientific," if you know what I mean:
Morgan's original multi-trillion $$$ #guesstimate waffled as it [d]evolved from 2016 through 2017 depending on whom he cited:
Read 16 tweets
Jul 1, 2022
Monthly reminder that I study today's global medical PANdemIC through the lens of many past computer virus panics. Click the "panic button" to read more!
Yesterday was #NickoSilar's birthday. Our industry spouts an #UrbanLegend that she died in a hospital #ransomware attack … yet the truth is a bit complicated for our collective reductionist beliefs.

Let's study the facts surrounding this baby's tragic death, shall we? Image
First, I need to caveat my role in this sad affair. I offer my expertise pro bono to the law firm representing the attending physician who delivered #NickoSilar on that fateful day. My specific goal is to protect Dr. Parnell from Springhill Medical Center's legal team.
Read 19 tweets

Did Thread Reader help you today?

Support us! We are indie developers!

This site is made by just two indie developers on a laptop doing marketing, support and development! Read more about the story.

Become a Premium Member ($3/month or $30/year) and get exclusive features!

Become Premium

Don't want to be a Premium member but still want to support us?

Make a small donation by buying us coffee ($5) or help with server cost ($10)

Donate via Paypal

Or Donate anonymously using crypto!


0xfe58350B80634f60Fa6Dc149a72b4DFbc17D341E copy


3ATGMxNzCUFzxpMCHL5sWSt4DVtS8UqXpi copy

Thank you for your support!

Follow Us on Twitter!