Back to blog
Join the tech's most influential at RISE. Get your ticket.
-
RISE is bringing together world-leading founders, CEOs and tech experts with the most promising startups from across the globe on May 31-June 2 in Hong Kong. Security expert Mikko Hyppönen will be giving a Centre Stage talk – here he talks us through the mistakes he's made.
Mikko Hyppönen carries his failures with him. Having worked in computer security for a quarter of a century, he says he’s racked up a long list of mistakes. And not the good kind of mistakes either.
“Many have been mistakes where there's been no lessons learned, or ones I haven’t been able to recover from,” he says. In particular the 13-year-old he couldn’t save from a life of hacker crime.
Mikko is Chief Research Officer at Finnish cybersecurity firm F-Secure. He describes himself as a reverse engineer and computer security guy. He analyses online attacks and follows underground movements.
He unwittingly became a spokesperson, a term he’s still reluctant to use, for the fight against online crime when he helped send a fax to Reuters’ London desk back in 1994.
The first Windows virus had been discovered in Sweden. It was infecting Windows 3.1 systems and was the first reported virus that didn’t attack MS-DOS or spread on floppy disks. While examining the malware in F-Secure’s HQ, Mikko and the team realised something: this was news.
“We typed up a press release, and then we had it in our hands, thinking, 'OK, what do you do with a press release?' We had no idea, because we had never done one. So we figured out the fax number for Reuters in London and sent it. They ran the story and it was printed all over the world. Folks started ringing me,” says Mikko.
It's business, but it still feels noble, says Mikko
Maybe if he’d decided to pursue an “interesting” rather than “rewarding” career, one that didn’t bring him into contact with people in need, his mistakes and failures would matter less to him. Mikko doesn’t however have that luxury, and while successes may bring higher highs, his losses still cut.
He says that he regularly comes face-to-face with young teenage hackers, people on the “dark side”, who are involved in illegal activity online. He’s often contacted by worried parents of smart teenage boys desperate to see their children change. “It’s always a son; very few ladies or girls,” he says.
They might be involved in running botnets, a number of coordinated computers typically used to send spam emails, or carrying out denial-of-service attacks where access to an online network is suspended. Other times they might be hanging out with Anonymous. Mikko still makes the mistake of thinking these teenagers can be saved.
“I always jump to the conclusion that I know what their problem is, and I know how to fix it. I've failed multiple times in doing exactly that. I've explained to them how they have to change their path, how they are robbing themselves of their future,” says Mikko.
It all makes perfect sense to Mikko, but he finds himself unable to get through. They listen and understand – they just don’t take his advice.
After meeting Mikko, these boys “continue on their merry ways into mayhem”, ignoring that he’s told them they’re cutting themselves out of a legitimate career in tech. After a number of years, the boys typically graduate to financial crime: credit card theft and keylogging, selling software that can collect strangers’ PayPal and online banking logins. "It's very easy to steal money if you know how to run botnets," says Mikko.
He says that he sometimes meets these hackers years later and finds them still engaged in online crime. One particular case stands out.
“There was this really smart 13-year-old who I really tried to convert. Now he's 19, and he's going to go to jail soon. It bothers me on many different levels. But I suppose the biggest reason it bothers me is that I've failed,” says Mikko.
He takes it personally. “It’s the kind of failure that bothers me for many years to come. I think about how I could've changed that. I wish I could've changed that. But I was unable to,” he says.
Mikko on Web Summit Centre Stage in 2015

Mikko Hyppönen tells us about the mistakes he's made – Catch him on RISE Centre Stage
“It’s the kind of failure that bothers me for many years to come”
After answering those first phone calls, Mikko became F-Secure’s go-to media guy. When journalists would call for a comment, the phone would be passed to him. He handled the previous case after all. It brought a level of prominence that Mikko hadn’t sought but has nevertheless proved adept at handling. Foreign Policy named him as one of their top 100 global thinkers in 2011, and his Ted Talk on cyber-crime in the same year is the web’s most-viewed computer security talk. Mikko didn’t get into online security to talk about it though. He says that as a geek and a nerd who likes working with computers, any number of different options were open to him. He could be building database systems, writing operating systems or making games. Interesting, but not rewarding options, he says. “They are not as rewarding as being able to help people. Of course it's a job. Of course it's a business. We charge for this, but it still feels like you're doing something noble. Because what you're doing is helping people. People who’ve had their systems compromised or data stolen,” says Mikko.
