Mikko Hyppönen is pacing backwards and forwards on the stage, along with his trademark darkish blonde ponytail resting on an impeccable teal go well with. A seasoned speaker, he’s making an attempt to make an necessary level to a room filled with fellow hackers and safety researchers at one of many business’s world annual meet-ups.
“I typically name this ‘cybersecurity Tetris’,” he tells the viewers with a critical face, reeling off the foundations of the basic online game. While you full a complete line of bricks, the row vanishes, leaving the remainder of the bricks to fall into a brand new line.
“So your successes disappear, whereas your failures pile up,” he tells the viewers during his keynote at Black Hat in Las Vegas in 2025. “The problem we face as cybersecurity folks is that our work is invisible… whenever you do your job completely, the tip result’s that nothing occurs.”
Hyppönen’s work, nonetheless, has definitely not been invisible. As one of many business’s longest serving cybersecurity figures, he has spent greater than 35 years combating malware. When he began within the late Nineteen Eighties, the time period “malware” was nonetheless removed from on a regular basis parlance; the phrases as an alternative have been laptop “virus” or “trojans.” The web was nonetheless one thing few folks had entry to, and a few viruses relied on infecting computer systems with floppy disks.
Since then, Hyppönen estimated he has analyzed hundreds of various sorts of malware. And because of his frequent talks at conferences all around the world, he has change into one of the vital recognizable faces and revered voices of the cybersecurity neighborhood.
Whereas Hyppönen has spent a lot of his life making an attempt to maintain malware from moving into locations it’s not presupposed to, now he’s nonetheless doing a lot of the identical, albeit a barely totally different tack: His new problem is to guard folks in opposition to drones.
Hyppönen, who’s Finnish, informed me throughout a current interview that he lives about two hours away from Finland’s border with Russia. An more and more hostile Russia and its 2022 full-scale invasion of Ukraine, the place the majority of deaths have reportedly come from unmanned aerial assaults, have made Hyppönen consider he can have renewed affect by combating drones.
For Hyppönen, it’s also a matter of recognizing that whereas there are nonetheless long-standing issues to resolve on this planet of cybersecurity — malware is just not going wherever and there are many new issues on the horizon — the business has made big strides over the past twenty years. An iPhone, Hyppönen introduced up for example, is an especially safe machine. The cybersecurity points of drone warfare, however, stay nearly uncharted territory.
From viruses and worms to malware and adware…
Hyppönen began early in cybersecurity by hacking video video games in the course of the Nineteen Eighties. His love for cybersecurity got here from reverse engineering software program to determine a strategy to take away anti-piracy protections from a Commodore 64 video games console. He realized to code by growing journey video games, and sharpened his reverse engineering abilities by analyzing malware at his first job at Finnish firm Information Fellows, which later turned the well-known antivirus maker F-Safe.
Since then, Hyppönen has been on the entrance traces of the struggle in opposition to malware, witnessing the way it developed.
Within the early years, virus writers developed their malicious code typically completely out of ardour and curiosity to see what was potential with code alone. Whereas some cyberespionage existed, hackers had but to find methods to monetize hacking by in the present day’s requirements, like ransomware assaults. There was no cryptocurrency to facilitate extortion, nor a legal market for stolen information.
Form.A, for instance, was one of the vital widespread viruses within the early Nineties, which contaminated computer systems with a floppy disk. A model of that virus didn’t destroy something — generally simply displaying a message on the individual’s display screen, and that was it. However the virus travelled world wide, together with touchdown on the analysis stations on the South Pole, Hyppönen informed me.
Hyppönen recounted the notorious ILOVEYOU virus, which he and his colleagues have been the primary to find in 2000. ILOVEYOU was wormable, that means it unfold routinely from laptop to laptop. It arrived by way of electronic mail as a textual content file, purportedly a love letter. If the goal opened it, it might overwrite and corrupt some information on the individual’s laptop, after which ship itself to all their contacts.
The virus contaminated over 10 million Home windows computer systems worldwide.
Malware has modified dramatically since then. Nearly nobody develops malware as a pastime, and creating malicious software program that self-replicates is virtually a assure that it’ll get caught by cybersecurity defenders able to neutralizing it rapidly, and doubtlessly catching its creator.
Nobody does it for the love of the sport anymore, in line with Hyppönen. “The age of viruses is firmly behind us,” he mentioned.
Seldom will we now see self-spreading worms — with uncommon exceptions, such because the harmful WannaCry ransomware assault by North Korea in 2017; and the NotPetya mass-hacking marketing campaign launched by Russia later that 12 months, which crippled a lot of the Ukrainian web and energy grid. Now, malware is sort of completely utilized by cybercriminals, spies, and mercenary adware makers who develop exploits for government-backed hacking and espionage. These teams usually keep within the shadows, and wish to hold their instruments hidden to proceed their actions and to keep away from cybersecurity defenders or legislation enforcement.
The opposite variations in the present day are that the cybersecurity business is now estimated to be price $250 billion. The business has professionalized, partially as a necessity, to struggle the rise in malware assaults. Defenders went from gifting away their software program without spending a dime, to turning it right into a paid service or product, mentioned Hyppönen.
Computer systems and newer innovations like smartphones, which started to take off in the course of the early 2000s, have change into a lot more durable to hack. If the instruments to hack an iPhone or the Chrome browser price six-figures or perhaps a few million {dollars}, Hyppönen argued, this successfully makes an exploit so costly that solely the extremely resourced, like governments, can use them, somewhat than financially motivated cybercriminals. That’s an enormous win for shoppers, and for the cybersecurity business that’s a job nicely carried out.
From combating spies and criminals… to countering drones
In mid-2025, Hyppönen pivoted from cybersecurity to a unique type of defensive work. He turned the chief analysis officer at Sensofusion, a Helsinki-based firm that develops an anti-drone system for legislation enforcement businesses and the army.
Hyppönen informed me that was motivated to get right into a growing new business due to what he noticed occurring in Ukraine, a warfare outlined by drones. As a Finnish citizen, who serves within the army reserves (“I can’t inform you what I do, however I can inform you that they don’t give me a rifle as a result of I’m far more harmful with a keyboard,” he tells me), and with two grandfathers who fought the Russians, Hyppönen is aware of the presence of an enemy simply over his nation’s border.
“The state of affairs could be very, essential to me,” he tells me. “It’s extra significant to work combating in opposition to drones, not simply the drones that we see in the present day, but additionally the drones of tomorrow,” he mentioned. “We’re on the aspect of people in opposition to machines, which sounds slightly bit like science fiction, however that’s very concretely what we do.”
The cybersecurity and drone industries could seem leagues aside from each other, however there are clear parallels between combating malware and combating drones, in line with Hyppönen. To struggle malware, cybersecurity corporations have provide you with mechanisms, often known as signatures, to determine what’s malware and what’s not after which detect and block it. Within the case of drones, Hyppönen defined, defenses contain constructing techniques that may find and jam radio drones, and by recognizing frequencies which can be getting used to manage the autonomous automobiles.
Hyppönen defined that it’s potential to determine and detect drones by recording their radio frequencies, often known as their IQ samples.
“We detect the protocol from there and construct up signatures for detecting unknown drones,” he mentioned.
He additionally defined that in case you detect the protocol and frequencies used to manage the drone, you too can attempt to conduct cyberattacks in opposition to it. You possibly can trigger the drone’s system to malfunction, and crash the drone into the bottom. “So in some ways, these protocol stage assaults are a lot, a lot simpler within the drone world as a result of step one is the final step,” Hyppönen mentioned. “In the event you discover a vulnerability, you’re carried out.”
The technique in combating malware and combating drones is just not the one factor that hasn’t modified in his life. The cat-and-mouse recreation of studying how one can cease a menace, after which the enemy studying from that and devising new methods to get round defenses, and on and on, is similar on this planet of drones. After which, there’s the identification of the enemy.
“I spent an enormous a part of my profession combating in opposition to Russian malware assaults,” he mentioned. “Now I’m combating Russian drone assaults.”
