{"id":901815,"date":"2026-04-27T03:28:06","date_gmt":"2026-04-27T08:28:06","guid":{"rendered":"https:\/\/newsycanuse.com\/index.php\/2026\/04\/27\/after-fighting-malware-for-decades-this-cybersecurity-veteran-is-now-hacking-drones\/"},"modified":"2026-04-27T03:28:06","modified_gmt":"2026-04-27T08:28:06","slug":"after-fighting-malware-for-decades-this-cybersecurity-veteran-is-now-hacking-drones","status":"publish","type":"post","link":"https:\/\/newsycanuse.com\/index.php\/2026\/04\/27\/after-fighting-malware-for-decades-this-cybersecurity-veteran-is-now-hacking-drones\/","title":{"rendered":"After fighting malware for decades, this cybersecurity veteran is now hacking drones"},"content":{"rendered":"
\n

Mikko Hypp\u00f6nen is pacing back and forth on the stage, with his trademark dark blond ponytail resting on an impeccable teal suit. A seasoned speaker, he is trying to make an important point to a room full of fellow hackers and security researchers at one of the industry\u2019s global annual meetups.<\/p>\n

\u201cI often call this \u2018cybersecurity Tetris,\u2019\u201d he tells the audience with a serious face, rattling off the rules of the classic video game. When you complete a whole line of bricks, the row vanishes, leaving the rest of the bricks to fall into a new line.<\/p>\n

\u201cSo your successes disappear, while your failures pile up,\u201d he tells the audience during his keynote<\/a> at Black Hat in Las Vegas in 2025. \u201cThe challenge we face as cybersecurity people is that our work is invisible\u00a0\u2026 when you do your job perfectly, the end result is that nothing happens.\u201d<\/p>\n

Hypp\u00f6nen\u2019s work, however, has certainly not been invisible. As one of the industry\u2019s longest serving cybersecurity figures, he has spent more than 35 years fighting malware. When he started in the late 1980s, the term \u201cmalware\u201d was still far from everyday parlance; the terms instead were computer \u201cvirus\u201d or \u201ctrojans.\u201d The internet was still something few people had access to, and some viruses relied on infecting computers with floppy disks<\/a>.\u00a0<\/p>\n

Since then, Hypp\u00f6nen estimated he has analyzed thousands of different kinds of malware. And thanks to his frequent talks at conferences all over the world, he has become one of the most recognizable faces and respected voices of the cybersecurity community.<\/p>\n

While Hypp\u00f6nen has spent much of his life trying to keep malware from getting into places it is not supposed to, now he is still doing much of the same, albeit a slightly different tack: His new challenge is to protect people against drones.\u00a0<\/p>\n

Hypp\u00f6nen, who is Finnish, told me during a recent interview that he lives about two hours away from Finland\u2019s border with Russia. An increasingly hostile Russia and its 2022 full-scale invasion of Ukraine, where the majority of deaths<\/a> have reportedly come from unmanned aerial attacks, have made Hypp\u00f6nen believe he can have renewed impact by fighting drones.<\/p>\n

For Hypp\u00f6nen, it is also a matter of recognizing that while there are still long-standing problems to solve in the world of cybersecurity \u2014 malware is not going anywhere and there are plenty of new problems on the horizon \u2014 the industry has made huge strides over the last two decades. An iPhone, Hypp\u00f6nen brought up as an example, is an extremely secure device. The cybersecurity aspects of drone warfare, on the other hand, remain almost uncharted territory.<\/p>\n

\"a
Image Credits:<\/strong>courtesy of Mikko Hypp\u00f6nen<\/span><\/figcaption><\/figure>\n

From viruses and worms to malware and spyware\u2026<\/h2>\n

Hypp\u00f6nen started early in cybersecurity by hacking video games during the 1980s. His love for cybersecurity came from reverse-engineering software to figure out a way to remove anti-piracy protections from a Commodore 64 home computer. He learned to code by developing adventure games and sharpened his reverse-engineering skills by analyzing malware at his first job at Finnish company Data Fellows, which later became the well-known antivirus maker F-Secure.\u00a0<\/p>\n

Since then, Hypp\u00f6nen has been on the front lines of the fight against malware, witnessing how it evolved.<\/p>\n

In the early years, virus writers developed their malicious code often exclusively out of passion and curiosity to see what was possible with code alone. While some cyberespionage existed, hackers had yet to discover ways to monetize hacking by today\u2019s standards, like ransomware attacks. There was no cryptocurrency to facilitate extortion, nor a criminal marketplace for stolen data.<\/p>\n

Form<\/a>, for example, was one of the most common viruses in the early 1990s, which infected computers with a floppy disk. A version of that virus did not destroy anything \u2014 sometimes just displaying a message on the person\u2019s screen, and that was it. But the virus traveled around the world, including landing on the research stations at the South Pole, Hypp\u00f6nen told me.<\/p>\n

Hypp\u00f6nen recounted the infamous ILOVEYOU virus<\/a>, which he and his colleagues were the first to discover in 2000. ILOVEYOU was wormable, meaning it spread automatically from computer to computer. It arrived via email as a text file, purportedly a love letter. If the target opened it, it would overwrite and corrupt some files on the person\u2019s computer, and then send itself to all their contacts.\u00a0<\/p>\n

The virus infected over 10 million Windows computers worldwide.<\/p>\n

Malware has changed dramatically since then. Virtually no one develops malware as a hobby, and creating malicious software that self-replicates is practically a guarantee that it will get caught by cybersecurity defenders capable of neutralizing it quickly and potentially catching its author.<\/p>\n

No one does it for the love of the game anymore, according to Hypp\u00f6nen. \u201cThe age of viruses is firmly behind us,\u201d he said.\u00a0<\/p>\n

Seldom do we now see self-spreading worms \u2014 with rare exceptions, such as the destructive WannaCry ransomware attack<\/a> by North Korea in 2017, and the NotPetya mass-hacking campaign launched by Russia<\/a> later that year, which crippled much of the Ukrainian internet and power grid. Now, malware is almost exclusively used by cybercriminals, spies, and mercenary spyware makers who develop exploits for government-backed hacking and espionage. Those groups typically stay in the shadows and want to keep their tools hidden to continue their activities and to avoid cybersecurity defenders or law enforcement.\u00a0<\/p>\n

The other differences today are that the cybersecurity industry is now estimated to be worth $250 billion. The industry has professionalized, in part as a necessity, to fight the increase in malware attacks. Defenders went from giving away their software for free to turning it into a paid service or product, said Hypp\u00f6nen.\u00a0<\/p>\n

Computers and newer inventions like smartphones, which began to take off during the early 2000s, have become much harder to hack. If the tools to hack an iPhone or the Chrome browser cost six figures or even a few million dollars, Hypp\u00f6nen argued, this effectively makes an exploit so expensive that only the highly resourced, like governments, can use them, rather than financially motivated cybercriminals. That\u2019s a huge win for consumers, and for the cybersecurity industry that\u2019s a job well done.<\/p>\n

\"a
Image Credits:<\/strong>courtesy of Mikko Hypp\u00f6nen<\/span><\/figcaption><\/figure>\n

From fighting spies and criminals\u00a0\u2026 to countering drones<\/h2>\n

In mid-2025, Hypp\u00f6nen pivoted from cybersecurity to a different kind of defensive work. He became the chief research officer at Sensofusion, a Helsinki-based company that develops an anti-drone system for law enforcement agencies and the military.\u00a0<\/p>\n

Hypp\u00f6nen told me that was what motivated him to get into drone security, a developing new industry, because of what he saw happening in Ukraine, a war defined by drones. As a Finnish citizen, who serves in the military reserves (\u201cI can\u2019t tell you what I do, but I can tell you that they don\u2019t give me a rifle because I\u2019m much more destructive with a keyboard,\u201d he tells me), and with two grandfathers who fought the Russians, Hypp\u00f6nen is acutely aware of the presence of an enemy just over his country\u2019s border.<\/p>\n

\u201cThe situation is very, very important to me,\u201d he tells me. \u201cIt\u2019s more meaningful to work fighting against drones, not just the drones that we see today, but also the drones of tomorrow,\u201d he said. \u201cWe\u2019re on the side of humans against machines, which sounds a little bit like science fiction, but that\u2019s very concretely what we do.\u201d<\/p>\n

The cybersecurity and drone industries may seem leagues apart from one another, but there are clear parallels between fighting malware and fighting drones, according to Hypp\u00f6nen. To fight malware, cybersecurity companies have come up with mechanisms, known as signatures, to identify what is malware and what is not and then detect and block it. In the case of drones, Hypp\u00f6nen explained, defenses involve building systems that can locate and jam radio drones, and by recognizing frequencies that are being used to control the autonomous vehicles.\u00a0<\/p>\n

Hypp\u00f6nen explained that it\u2019s possible to identify and detect drones by recording their radio frequencies, known as their IQ samples.\u00a0<\/p>\n

\u201cWe detect the protocol from there and build up signatures for detecting unknown drones,\u201d he said.\u00a0<\/p>\n

He also explained that if you detect the protocol and frequencies used to control the drone, you can also try to conduct cyberattacks against it. You can cause the drone\u2019s system to malfunction, and crash the drone into the ground. \u201cSo in many ways, these protocol-level attacks are much, much easier in the drone world because the first step is the last step,\u201d Hypp\u00f6nen said. \u201cIf you find a vulnerability, you\u2019re done.\u201d<\/p>\n

The strategy in fighting malware and fighting drones is not the only thing that hasn\u2019t changed in his life. The cat-and-mouse game of learning how to stop a threat, and then the enemy learning from that and devising new ways to get around defenses, and on and on, is the same in the world of drones. And then, there\u2019s the identity of the enemy.\u00a0\u00a0<\/p>\n

\u201cI spent a big part of my career fighting against Russian malware attacks,\u201d he said. \u201cNow I\u2019m fighting Russian drone attacks.\u201d<\/p>\n<\/div>\n

When you purchase through links in our articles, we may earn a small commission<\/a>. This doesn\u2019t affect our editorial independence.<\/em><\/p>\n

Lorenzo Franceschi-Bicchierai
Read More<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"

Mikko Hypp\u00f6nen is pacing back and forth on the stage, with his trademark dark blond ponytail resting on an impeccable teal suit. A seasoned speaker, he is trying to make an important point to a room full of fellow hackers and security researchers at one of the industry\u2019s global annual meetups. \u201cI often call this<\/p>\n","protected":false},"author":1,"featured_media":901816,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[168,2403],"tags":[5078,7649],"class_list":{"0":"post-901815","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-after","8":"category-fighting","9":"tag-after","10":"tag-fighting"},"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/901815","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/comments?post=901815"}],"version-history":[{"count":0,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/posts\/901815\/revisions"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media\/901816"}],"wp:attachment":[{"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/media?parent=901815"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/categories?post=901815"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/newsycanuse.com\/index.php\/wp-json\/wp\/v2\/tags?post=901815"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}