{"id":3489166,"date":"2026-04-04T13:00:00","date_gmt":"2026-04-04T13:00:00","guid":{"rendered":"https:\/\/techingeek.com\/index.php\/2026\/04\/04\/following-years-of-battling-malware-this-cybersecurity-expert-is-currently-infiltrating-drones\/"},"modified":"2026-04-04T13:00:00","modified_gmt":"2026-04-04T13:00:00","slug":"following-years-of-battling-malware-this-cybersecurity-expert-is-currently-infiltrating-drones","status":"publish","type":"post","link":"https:\/\/techingeek.com\/index.php\/2026\/04\/04\/following-years-of-battling-malware-this-cybersecurity-expert-is-currently-infiltrating-drones\/","title":{"rendered":"Following years of battling malware, this cybersecurity expert is currently infiltrating drones."},"content":{"rendered":"
Mikko Hypp\u00f6nen is moving back and forth on the stage, with his distinct dark blonde ponytail cascading over a pristine teal suit. An experienced speaker, he aims to convey a significant message to an audience filled with hackers and security researchers at a global annual gathering of the industry.<\/p>\n
\u201cI frequently refer to this as \u2018cybersecurity Tetris\u2019,\u201d he states to the audience with a grave expression, outlining the rules of the classic video game. Completing an entire line of blocks causes that row to disappear, allowing the remaining ones to drop into a new line.<\/p>\n
\u201cYour victories vanish, whereas your setbacks accumulate,\u201d he communicates to the audience during his keynote at Black Hat in Las Vegas in 2025. \u201cThe difficulty we encounter as cybersecurity professionals is that our efforts remain unseen\u2026 when you execute your tasks flawlessly, the ultimate outcome is that nothing occurs.\u201d<\/p>\n
Nonetheless, Hypp\u00f6nen\u2019s contributions have certainly been noticeable. As one of the cybersecurity field’s most enduring figures, he has dedicated over 35 years to combating malware. When he began in the late 1980s, the term \u201cmalware\u201d was not yet commonly used; the terms predominantly employed were computer \u201cvirus\u201d or \u201ctrojans.\u201d The internet was still a privilege for a select few, with some viruses relying on infecting computers via floppy disks.\u00a0<\/p>\n
Since that time, Hypp\u00f6nen estimates he has scrutinized thousands of various types of malware. Thanks to his regular presentations at global conferences, he has emerged as one of the most identifiable figures and esteemed voices within the cybersecurity sector.<\/p>\n
While Hypp\u00f6nen has devoted much of his life to preventing malware from entering prohibited areas, he is now engaged in a somewhat similar endeavor, albeit with a different focus: His current task is to safeguard individuals from drones.\u00a0<\/p>\n
Hypp\u00f6nen, a Finnish national, mentioned during a recent interview that he resides about two hours from Finland\u2019s border with Russia. An increasingly antagonistic Russia and its 2022 full-scale invasion of Ukraine, where the majority of casualties are reportedly due to drone attacks, have led Hypp\u00f6nen to believe he can make a significant impact by addressing drone threats.<\/p>\n
For Hypp\u00f6nen, it is also crucial to acknowledge that while enduring challenges in the cybersecurity realm persist\u2014malware remains a constant threat, and new issues loom on the horizon\u2014the industry has achieved remarkable advancements over the past twenty years. He cited the iPhone as an example of an exceptionally secure device. In contrast, the cybersecurity elements of drone warfare still represent largely uncharted territory.<\/p>\nImage Credits:<\/strong>courtesy of Mikko Hypponen<\/span><\/figcaption><\/figure>\n
From viruses and worms to malware and spyware\u2026<\/strong><\/h2>\n
Hypp\u00f6nen\u2019s entry into cybersecurity began with hacking video games during the 1980s. His passion for the field arose from reverse engineering software to find a way to bypass anti-piracy measures on a Commodore 64 home computer. He honed his coding skills by creating adventure games, and refined his reverse engineering talents by investigating malware at his first job with Finnish company Data Fellows, which later became the well-known antivirus provider F-Secure.\u00a0<\/p>\n
Since then, Hypp\u00f6nen has been at the forefront of the battle against malware, observing its transformation.<\/p>\n
In the early days, virus creators often wrote their malicious code purely out of enthusiasm and curiosity to explore the limits of coding. While some instances of cyberespionage were present, hackers had yet to realize monetization strategies for hacking akin to those seen today, such as ransomware attacks. There was no cryptocurrency facilitating extortion or a black market for stolen data.<\/p>\n
Form.A, for instance, was among the most prevalent viruses in the early 1990s, which spread by floppy disk. A variation of that virus did not cause damage\u2014often merely displaying a message on the user\u2019s screen. Yet, this virus traversed the globe, including making it to research stations at the South Pole, as Hypp\u00f6nen noted.<\/p>\n
Hypp\u00f6nen recalled the notorious ILOVEYOU virus, first identified by him and his colleagues in 2000. ILOVEYOU was a worm, meaning it propagated automatically from one computer to another. It arrived through email as a text file, supposedly a romantic letter. If the recipient opened it, it would overwrite and damage some files on their computer, and then distribute itself to all their contacts.\u00a0<\/p>\n
This virus infected over 10 million Windows computers globally.<\/p>\n
The landscape of malware has drastically changed since then. Hardly anyone develops malware purely as a hobby anymore, and crafting self-replicating harmful software practically guarantees quick detection by cybersecurity experts equipped to neutralize it and possibly apprehend its creator.<\/p>\n
According to Hypp\u00f6nen, nobody engages in it for the thrill any longer. \u201cThe era of viruses is firmly in the past,\u201d he stated.\u00a0<\/p>\n
Instances of self-replicating worms are now rare\u2014except for a few notable cases, such as the damaging WannaCry ransomware attack attributed to North Korea in 2017 and the NotPetya widespread hacking campaign launched by Russia later that year, which severely impacted the Ukrainian internet and power infrastructure. Currently, malware is predominantly utilized by cybercriminals, espionage agents, and mercenary spyware developers who create exploits for state-sponsored hacking and surveillance. These entities typically operate clandestinely, aiming to conceal their tools to maintain their operations and evade cybersecurity defenders or law enforcement.\u00a0<\/p>\n
Another notable change is that the estimated worth of the cybersecurity industry has reached $250 billion. The field has professionalized, partly as a necessity, in reaction to the rise in malware assaults. Defenders transitioned from offering their software without cost to monetizing it through paid services or products, noted Hypp\u00f6nen.\u00a0<\/p>\n
Computers and newer innovations such as smartphones, which started gaining traction in the early 2000s, have become significantly more challenging to hack. If the resources required to exploit an iPhone or the Chrome browser amount to six figures or even several million dollars, Hypp\u00f6nen argued, this makes an exploit prohibitively expensive, limiting accessibility to only well-funded entities, like governments, rather than financially motivated cybercriminals. This is a considerable victory for consumers and a testament to the achievements of the cybersecurity sector.<\/p>\nImage Credits:<\/strong>courtesy of Mikko Hypponen<\/span><\/figcaption><\/figure>\n
From fighting spies and criminals\u2026 to countering drones<\/strong><\/h2>\n
In mid-2025, Hypp\u00f6nen transitioned from cybersecurity to a different realm of defense work. He took on the role of chief research officer at Sensofusion, a Helsinki-based firm that creates a drone defense system for law enforcement and military agencies.\u00a0<\/p>\n
Hypp\u00f6nen expressed that his enthusiasm for entering this emerging field was influenced by the developments in Ukraine, a conflict characterized by drone warfare. As a Finnish citizen with military reserve duties (\u201cI can\u2019t disclose my role, but I can share that they don\u2019t equip me with a rifle as I am far more dangerous with a keyboard,\u201d he shared), and with two grandfathers who battled the Russians, Hypp\u00f6nen is keenly aware of the adversary just beyond his nation\u2019s frontier.<\/p>\n
\u201cThe situation holds significant importance for me,\u201d he stated. \u201cIt feels far more relevant to work against drones, covering not just the current drones we see, but also those of the future,\u201d he emphasized. \u201cWe are positioned alongside humans confronting machines, which may seem somewhat science fiction-like, yet that is precisely what we do.\u201d<\/p>\n
While the fields of cybersecurity and drone defense may appear worlds apart, Hypp\u00f6nen notes evident similarities between countering malware and countering drones. To tackle malware, cybersecurity firms have developed mechanisms known as signatures to recognize which software is malware and which is not, and subsequently detect and neutralize it. In the context of drones, Hypp\u00f6nen elaborated that defenses involve crafting systems capable of locating and jamming drone radio signals while recognizing the frequencies controlling the unmanned vehicles.\u00a0<\/p>\n
Hypp\u00f6nen explained that it is feasible to identify and monitor drones by capturing their radio frequencies, referred to as their IQ samples.\u00a0<\/p>\n
\u201cWe extract the protocol from that information and develop signatures for detecting unidentified drones,\u201d he described.\u00a0<\/p>\n
He further elucidated that if the protocol and frequencies controlling the drone are identified, it is possible to initiate cyberattacks against it. This could cause the drone\u2019s system to fail, crashing it to the ground. \u201cIn many respects, these protocol-level attacks are much more straightforward in the drone realm because the initial step is also the concluding step,\u201d Hypp\u00f6nen emphasized. \u201cIf a vulnerability is found, you\u2019re finished.\u201d<\/p>\n
The parallels in strategies employed in combating malware and confronting drones are not the only aspects of his life that remain unchanged. The perpetual cat-and-mouse dynamic of deriving methods to counter a threat, while the adversary adapts and formulates new strategies to bypass defenses continuously, applies equally to the domain of drones. Additionally, there\u2019s the identity of the adversary.\u00a0\u00a0<\/p>\n
\u201cI have devoted a substantial portion of my career to resisting Russian malware strikes,\u201d he stated. \u201cNow I am standing against Russian drone strikes.\u201d<\/p>\n","protected":false},"excerpt":{"rendered":"
Mikko Hypp\u00f6nen is moving back and forth on the stage, with his distinct dark blonde ponytail cascading over a pristine teal suit. An experienced speaker, he aims to convey a significant message to an audience filled with hackers and security researchers at a global annual gathering of the industry.<\/p>\n
\u201cI frequently refer to this as \u2018cybersecurity Tetris\u2019,\u201d he states to the audience with a grave expression, outlining the rules of the classic video game. Completing an entire line of blocks causes that row to disappear, allowing the remaining ones to drop into a new line.<\/p>\n
\u201cYour victories vanish, whereas your setbacks accumulate,\u201d he communicates to the audience during his keynote at Black Hat in Las Vegas in 2025. \u201cThe difficulty we encounter as cybersecurity professionals is that our efforts remain unseen\u2026 when you execute your tasks flawlessly, the ultimate outcome is that nothing occurs.\u201d<\/p>\n
Nonetheless, Hypp\u00f6nen\u2019s contributions have certainly been noticeable. As one of the cybersecurity field’s most enduring figures, he has dedicated over 35 years to combating malware. When he began in the late 1980s, the term \u201cmalware\u201d was not yet commonly used; the terms predominantly employed were computer \u201cvirus\u201d or \u201ctrojans.\u201d The internet was still a privilege for a select few, with some viruses relying on infecting computers via floppy disks.\u00a0<\/p>\n
Since that time, Hypp\u00f6nen estimates he has scrutinized thousands of various types of malware. Thanks to his regular presentations at global conferences, he has emerged as one of the most identifiable figures and esteemed voices within the cybersecurity sector.<\/p>\n
While Hypp\u00f6nen has devoted much of his life to preventing malware from entering prohibited areas, he is now engaged in a somewhat similar endeavor, albeit with a different focus: His current task is to safeguard individuals from drones.\u00a0<\/p>\n
Hypp\u00f6nen, a Finnish national, mentioned during a recent interview that he resides about two hours from Finland\u2019s border with Russia. An increasingly antagonistic Russia and its 2022 full-scale invasion of Ukraine, where the majority of casualties are reportedly due to drone attacks, have led Hypp\u00f6nen to believe he can make a significant impact by addressing drone threats.<\/p>\n
For Hypp\u00f6nen, it is also crucial to acknowledge that while enduring challenges in the cybersecurity realm persist\u2014malware remains a constant threat, and new issues loom on the horizon\u2014the industry has achieved remarkable advancements over the past twenty years. He cited the iPhone as an example of an exceptionally secure device. In contrast, the cybersecurity elements of drone warfare still represent largely uncharted territory.<\/p>\nImage Credits:<\/strong>courtesy of Mikko Hypponen<\/span><\/figcaption><\/figure>\n
From viruses and worms to malware and spyware\u2026<\/strong><\/h2>\n
Hypp\u00f6nen\u2019s entry into cybersecurity began with hacking video games during the 1980s. His passion for the field arose from reverse engineering software to find a way to bypass anti-piracy measures on a Commodore 64 home computer. He honed his coding skills by creating adventure games, and refined his reverse engineering talents by investigating malware at his first job with Finnish company Data Fellows, which later became the well-known antivirus provider F-Secure.\u00a0<\/p>\n
Since then, Hypp\u00f6nen has been at the forefront of the battle against malware, observing its transformation.<\/p>\n
In the early days, virus creators often wrote their malicious code purely out of enthusiasm and curiosity to explore the limits of coding. While some instances of cyberespionage were present, hackers had yet to realize monetization strategies for hacking akin to those seen today, such as ransomware attacks. There was no cryptocurrency facilitating extortion or a black market for stolen data.<\/p>\n
Form.A, for instance, was among the most prevalent viruses in the early 1990s, which spread by floppy disk. A variation of that virus did not cause damage\u2014often merely displaying a message on the user\u2019s screen. Yet, this virus traversed the globe, including making it to research stations at the South Pole, as Hypp\u00f6nen noted.<\/p>\n
Hypp\u00f6nen recalled the notorious ILOVEYOU virus, first identified by him and his colleagues in 2000. ILOVEYOU was a worm, meaning it propagated automatically from one computer to another. It arrived through email as a text file, supposedly a romantic letter. If the recipient opened it, it would overwrite and damage some files on their computer, and then distribute itself to all their contacts.\u00a0<\/p>\n
This virus infected over 10 million Windows computers globally.<\/p>\n
The landscape of malware has drastically changed since then. Hardly anyone develops malware purely as a hobby anymore, and crafting self-replicating harmful software practically guarantees quick detection by cybersecurity experts equipped to neutralize it and possibly apprehend its creator.<\/p>\n
According to Hypp\u00f6nen, nobody engages in it for the thrill any longer. \u201cThe era of viruses is firmly in the past,\u201d he stated.\u00a0<\/p>\n
Instances of self-replicating worms are now rare\u2014except for a few notable cases, such as the damaging WannaCry ransomware attack attributed to North Korea in 2017 and the NotPetya widespread hacking campaign launched by Russia later that year, which severely impacted the Ukrainian internet and power infrastructure. Currently, malware is predominantly utilized by cybercriminals, espionage agents, and mercenary spyware developers who create exploits for state-sponsored hacking and surveillance. These entities typically operate clandestinely, aiming to conceal their tools to maintain their operations and evade cybersecurity defenders or law enforcement.\u00a0<\/p>\n
Another notable change is that the estimated worth of the cybersecurity industry has reached $250 billion. The field has professionalized, partly as a necessity, in reaction to the rise in malware assaults. Defenders transitioned from offering their software without cost to monetizing it through paid services or products, noted Hypp\u00f6nen.\u00a0<\/p>\n
Computers and newer innovations such as smartphones, which started gaining traction in the early 2000s, have become significantly more challenging to hack. If the resources required to exploit an iPhone or the Chrome browser amount to six figures or even several million dollars, Hypp\u00f6nen argued, this makes an exploit prohibitively expensive, limiting accessibility to only well-funded entities, like governments, rather than financially motivated cybercriminals. This is a considerable victory for consumers and a testament to the achievements of the cybersecurity sector.<\/p>\nImage Credits:<\/strong>courtesy of Mikko Hypponen<\/span><\/figcaption><\/figure>\n
From fighting spies and criminals\u2026 to countering drones<\/strong><\/h2>\n
In mid-2025, Hypp\u00f6nen transitioned from cybersecurity to a different realm of defense work. He took on the role of chief research officer at Sensofusion, a Helsinki-based firm that creates a drone defense system for law enforcement and military agencies.\u00a0<\/p>\n
Hypp\u00f6nen expressed that his enthusiasm for entering this emerging field was influenced by the developments in Ukraine, a conflict characterized by drone warfare. As a Finnish citizen with military reserve duties (\u201cI can\u2019t disclose my role, but I can share that they don\u2019t equip me with a rifle as I am far more dangerous with a keyboard,\u201d he shared), and with two grandfathers who battled the Russians, Hypp\u00f6nen is keenly aware of the adversary just beyond his nation\u2019s frontier.<\/p>\n
\u201cThe situation holds significant importance for me,\u201d he stated. \u201cIt feels far more relevant to work against drones, covering not just the current drones we see, but also those of the future,\u201d he emphasized. \u201cWe are positioned alongside humans confronting machines, which may seem somewhat science fiction-like, yet that is precisely what we do.\u201d<\/p>\n
While the fields of cybersecurity and drone defense may appear worlds apart, Hypp\u00f6nen notes evident similarities between countering malware and countering drones. To tackle malware, cybersecurity firms have developed mechanisms known as signatures to recognize which software is malware and which is not, and subsequently detect and neutralize it. In the context of drones, Hypp\u00f6nen elaborated that defenses involve crafting systems capable of locating and jamming drone radio signals while recognizing the frequencies controlling the unmanned vehicles.\u00a0<\/p>\n
Hypp\u00f6nen explained that it is feasible to identify and monitor drones by capturing their radio frequencies, referred to as their IQ samples.\u00a0<\/p>\n
\u201cWe extract the protocol from that information and develop signatures for detecting unidentified drones,\u201d he described.\u00a0<\/p>\n
He further elucidated that if the protocol and frequencies controlling the drone are identified, it is possible to initiate cyberattacks against it. This could cause the drone\u2019s system to fail, crashing it to the ground. \u201cIn many respects, these protocol-level attacks are much more straightforward in the drone realm because the initial step is also the concluding step,\u201d Hypp\u00f6nen emphasized. \u201cIf a vulnerability is found, you\u2019re finished.\u201d<\/p>\n
The parallels in strategies employed in combating malware and confronting drones are not the only aspects of his life that remain unchanged. The perpetual cat-and-mouse dynamic of deriving methods to counter a threat, while the adversary adapts and formulates new strategies to bypass defenses continuously, applies equally to the domain of drones. Additionally, there\u2019s the identity of the adversary.\u00a0\u00a0<\/p>\n
\u201cI have devoted a substantial portion of my career to resisting Russian malware strikes,\u201d he stated. \u201cNow I am standing against Russian drone strikes.\u201d<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"Default","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-3489166","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"_links":{"self":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/posts\/3489166"}],"collection":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/comments?post=3489166"}],"version-history":[{"count":0,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/posts\/3489166\/revisions"}],"wp:attachment":[{"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/media?parent=3489166"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/categories?post=3489166"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/techingeek.com\/index.php\/wp-json\/wp\/v2\/tags?post=3489166"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}
![\"a](\"https:\/\/techcrunch.com\/wp-content\/uploads\/2026\/04\/mikko-hypponen-1.jpeg\")
![\"a](\"https:\/\/techingeek.com\/wp-content\/uploads\/2026\/04\/following-years-of-battling-malware-this-cybersecurity-expert-is-currently-infiltrating-drones.jpg\")