Malware Warriors

Around the world, the Czech Republic is perhaps most famous for its beer, super models, hockey players and charming cities. Which is already pretty good by most international standards. What is less known but no less impressive is its power status in the field of antivirus protection. Indeed, the Czech Republic (and Slovakia) are most likely protecting your computer from nefarious code right now. The countries of the former Czechoslovakia produce several of the top antivirus programs in the world. It’s an unexpected accomplishment and one we’d like to investigate further.

Jakub Truschka, the marketing specialist of the Brno-based company TrustPort defines a computer virus as “a program that is able to replicate itself and spread from one computer to another.” Igor Hák, the Chief Technical Director of the Czech branch of ESET (a Slovak company), further explains that currently “malware” is a term that’s come into existence to incorporate not just viruses, but other types of malicious codes, like worms, trojans, rootkits, spyware and so on. These exotic-sounding threats are quite real and can not only delete important files on your computer or your smartphone, but subvert the infrastructure of countries (like the recent Stuxnet worm’s attack on Iran’s nuclear program) and will soon be able to turn your coffee maker and toaster against you.

As Igor Hák of ESET recounts, “many other virus discoveries quickly followed, which sparked the idea to devise a universal software solution to counter these then relatively unknown computer threats.” The Velvet Revolution of 1989 had a profound impact in freeing the brilliant minds of the former Czechoslovakia to turn this idea into commerce. Formed in the early 1990s, a number of companies have come to lead the field. As of 2011, Avast’s “avast!” product line has more than 135 million active users, ESET has offices in more than 180 countries of the world, and this past month (January 2012) the Brno-based AVG Technologies, whose product is incorporated into the MS Windows Security Center, filed a $125 million IPO. All these companies continually rank in the top ten of security software firms in the world (interestingly, the top company is currently the Russian Kaspersky Lab).

So why Czech Republic and Slovakia? What makes the region so successful in churning out computer security experts? There is no simple answer. Jakub Truschka of TrustPort sees it in terms of the high level of education and skill level of the local programmers, which is an ideal export “for a country with rather limited natural resources”. Lyle Frink, the PR manager of AVAST says that “because the computers here were behind those in the US, programmers had to be more skilled in writing programs that consumed less computer resources. This turned into a professional advantage.” Igor Hák of Eset does not know if there is anything special in the local water, but also thinks “both countries benefit from quality graduates of technical universities. Since the company’s beginnings, ESET’s success is strongly linked with the exceptional skills of our employees.”

While early computer viruses were mostly created by young computer enthusiasts, who wanted to test their skills and to let the world know who they were, Igor Hák of ESET says that “currently nearly all threats are made just for money.” Spammers often take over the computers of unsuspecting users to help spread their messages and products. Jakub Trushka of TrustPort suspects it goes even further – “production of malicious software has fallen into the hands of organized groups, who simply added computer crime to other criminal methods they had been using before. Their basic goals are to take control of someone else’s computers, to use them as a platform for further attacks, and in the end, as a means of making money.”

Jakub Truschka of TrustPort confirms that “bringing an insider’s perspective into play can hugely help the anti-malware struggle… it is sort of a never-ending battle. The antivirus companies develop new methods of detection and destruction of threats, the cybercriminals look for new direct or indirect ways to circumvent the protective measures.” So there is potentially an incentive for young programmers to create viruses because it can lead to fame and jobs. Of course, some of them end up behind bars, and this is not to say that most people at antivirus companies started out making the viruses – that is just not true. Yet the relationship between those who try to destroy your computer and those who protect it is certainly complex. And if you’re wondering if there is a sure-fire way to stay clear of computer viruses, Lyle Frink of AVAST jokes: “Well, if you write on paper with a pen or pencil, your security needs are greatly limited.”