ESET grew out of the ashes of communist rule in Czechoslovakia, and has emerged as the central European poster child for security and technology that now spans 180 countries across the globe.
Back in the late 1980s, as Slovakia shoved off the weight of communist rule, ESET's founders created NOD32, a piece of antivirus software that has continued to be a staple for the firm and it has just been launched in its ninth iteration.
"The idea was to help people in need and our founders were basically driving around Slovakia trying to clean PCs," explained Juraj Malcho, ESET chief research officer, during V3's visit to the firm's HQ in Bratislava.
Yet over the past few years the security sector has seen somthing of an antivirus backlash with many claiming it is ill-suited to protect firms against more modern security threats.
Malcho, though, is dismissive of these arguments, claiming they are "PR stunts" to help market new products that are actually still using the same old technology.
"They are seemingly advanced [the new tools] but if you check out papers from Virus Bulletin you will be surprised how many times you will see 10-year old technology being described," he said.
"They talk about machine learning and all these other things which obviously we have been doing for years. Reliability is not something you earn in one, two, three or even five years.
"We have been here for 20 years, or more, and reliability is something that you can only build."
The inevitable march toward mobile
Technology has changed a lot in 20 years. Indeed, as internet users make the move from desktop computers to smartphones, ESET has been forced to move with the times.
Alongside this mass mobile migration has come the inevitable rise in security vulnerabilities as cyber criminals gravitate towards the most popular and widely used devices.
Righard Zwienenberg, ESET senior research fellow, explained that research clearly shows that, much like desktop systems, no operating system is safe from cyber attack, including Android and iOS.
"The [mobile] banking trojan threat is not going anywhere. iOS has problems, aggressive ransomware is spreading, and malware affects applications on Google Play. Everybody is seeing this problem, and it is increasing in size," he said.
"If we look at all the malware only a small portion is trojans. The majority is potentially unwanted applications [PUAs] which are already a big problem on the desktop and have found their way into the mobile space."
It is common for these PUAs to be bundled with seemingly normal software downloads, often containing strains of malware and invasive adware-style toolbars that are installed on a victim's system. More often than not, it is impossible to opt out.
Yet mobile systems are increasingly being bombarded with malware usually seen on desktop computers, including advanced ransomware and trojans in gaming applications.
Attacks on the Android platform are especially notable, according to Zwienenberg, especially as some actually disguise themselves as antivirus software.
"In 2013, we had the first fake antivirus lockscreen. It's called Android defender, and it tried to scam you out of money. But if you didn't pay, after a while it encrypted the lockscreen as well. Not the most difficult to remove, but it was one of the first to be combined," he said.
This combination of malicious antivirus program with a form of ransomware, is representative of the lengths cyber criminals will go to develop attack routes to mobile.
Yet Zwienenberg believes that the spread of this form of malware is down to human nature.
"It is hidden inside applications that promise online pornography or a video viewer or even popular games like Grand Theft Auto 5. People are triggered by that to download these fake applications," he said.
Looking back at recent mobile incidents such as the XcodeGhost malware attack against Apple or the Android Stagefright vulnerability, Zwienenberg explained that malicious software is beginning to find third-party routes into popular app stores.
"Google, like Apple, say if you get everything from our store you're safe. There is no guarantee that official stores are safe and Google Play is no exception. There are really dangerous applications in there," he warned.
One way the criminals breach these stores is by latching on to popular gaming applications such as Minecraft and Angry Birds, often posing as free versions of the software.
"They go after popular games or call it a ‘cheat' version and that is their infection vector. Minecraft is really popular and that's why you have a lot of ‘cheats' and a lot of them are trojanised. Malware is increasing in diversity and so is adversity activity," Zwienenberg said.
The tech industry vs the government
The relationship between governments and the tech industry has often been turbulent, especially in a country with a history like Slovakia's. As it turns out, from the perspective of ESET, the threat from nation states is not all that different to the threat from cyber criminals.
Governments use malware, the only difference being that when they do it's deemed legal. A notable example of the private sector being caught out in this way involved Italian firm Hacking Team.
The company sold snooping software to governments and major companies across the world, but was hacked earlier this year, revealing the methods it used to infiltrate systems.
WikiLeaks released the Hacking Team databases in a searchable format, and ESET researchers quickly jumped on the chance to mine the data for relevant information, including mentions of ESET. They found several.
"It was quite a bit of fun," Peter Kosinar, security researcher at the firm, told V3.
However, after analysing the information, the researchers found that the main purpose of the Hacking Team malware was not to steal data, but to avoid detection.
"It is more important for this software to stay invisible than to actually steal data from the user because if [a target] finds it they can take steps they would not have taken otherwise, which is bad if you are trying to catch a real criminal," Kosinar told V3.
These targets, as previously documented, included the repressive regimes in countries like Sudan, Uzbekistan and Russia. Furthermore, it was uncovered that human rights campaigners were targeted using Hacking Team surveillance ‘solutions'.
Yet, previous to the leak, Kosinar said that Hacking Team software was spotted as a consistent piece of malware.
"We were seeing them as a regular piece of malware appearing on a system rather than a specific [tool] for surveillance," he told V3. "From our point of view if it behaves like malware we try our best to fight it."
However, Kosinar said that government use of surveillance malware often highlights the inconsistency of the law that currently governs cyber operations.
"The same technologies that protect the good guys from being spied on prevent the bad guys from being tracked by law enforcement," he explained.
"The need for police to be able to bypass security measures is going to be there. Whether it is done for a good or bad purpose is a question of ethics. As with any software program, what can be used can also be abused."
The notion that the US government, and other major administrations, can ‘cheat' when it comes to surveillance comes up regularly in conversation.
"The size of the problem got much bigger when governments got involved because their funding can't be compared to the bad guys' funding. The whole cybercrime economy is already bigger than the protection economy," said Palo Luka, chief technology officer at ESET.
Malcho agrees: "One of the things to bear in mind when dealing with security is that you need to spend as much money in the defence as there is in the offence. So if all you do is buy a £50 solution it's not going to protect you from sophisticated attacks."
Luka painted a dark picture when it comes to future trends in cybercrime. "In traditional crime, drugs and human trafficking for example, there is a lot of money involved and you have Mafia guys causing trouble. We are fighting cyber criminals who attack for a different reason," he said.
"They are not the guys that kidnap your children or beat you up, but it's probably because there still isn't enough money in the cybercrime economy so this might change.
"When the cybercrime economy grows it may actually attract these hardcore Mafia criminals, and at the same time you have governments that are also using cyber space to do their thing and we wonder who will be the first to knock on our doors?"
It could go either way, according to Luka. "We have been feeling quite safe, we don't have problems walking on the streets, we don't take any special precautions like the police sometimes do when fighting organised crime. So who will be the first to knock on our doors? Will it be the Mafia guys, the hitmen or the agents in black suits?" he said.
"I don't know the answer, but there are some suggestions from the industry that it may actually be the governments, so it will be interesting how it evolves."
Users are told that their non-existent 'iPhoneID' is expiring soon
Expansion of SDK intended to expand Amazon Alexa ecosystem
Locky returns from a prolonged rest with two new variants
AMD lambasted over Radeon RX Vega pricing that will add an extra £100 to RX Vega 56 and 64 graphics cards
Company accused of failing to tell anyone that the launch prices were only introductory offers