Mikko Hyppönen pivots from malware to drone hacking, veteran researcher says Ukraine war exposes unmapped security gaps in unmanned systems, cyber incidents increasingly have physical consequences

Images

Image Credits:courtesy of Mikko Hypponen Image Credits:courtesy of Mikko Hypponen

Lorenzo Franceschi-Bicchierai techcrunch.com

Mikko Hyppönen spent three decades dissecting computer viruses; now he is trying to break drones.

At a Black Hat conference keynote in Las Vegas, Hyppönen described security work as “cybersecurity Tetris”: when defenders succeed, nothing happens, and the absence of an incident quickly disappears from view. When they fail, the damage remains visible and accumulates. In an interview with TechCrunch, the Finnish researcher said that logic has pushed him toward a field where the failures are increasingly physical: drones.

Hyppönen, a long-time malware analyst and former chief research officer at F-Secure, lives roughly two hours from Finland’s border with Russia. He told TechCrunch that Russia’s full-scale invasion of Ukraine, and the way small unmanned systems have become routine instruments of attack, has changed his sense of where his work matters most. In Ukraine, he noted, unmanned aerial attacks account for a large share of deaths, and the security questions around drones remain comparatively under-mapped.

The shift also reflects how the consumer computing stack has hardened. Hyppönen pointed to the iPhone as an example of a device that is now “extremely secure” compared with earlier eras. That does not mean malware is gone, but it does mean that much of the easy exploitation has moved elsewhere: into supply chains, misconfigurations, and systems that were not built with hostile environments in mind.

Drones fit that description. They combine radios, sensors, navigation, and often commodity software, then get deployed into crowded airspace above cities, critical infrastructure, and battlefields. The industry has scaled faster than the defensive tooling around it, leaving basic questions—what can be spoofed, jammed, hijacked, or turned against its operator—open to whoever tests them first.

Hyppönen’s own path into security began with curiosity rather than geopolitics. He started by hacking video games in the 1980s, reverse engineering copy protection on a Commodore 64. He learned to code by making adventure games, and then moved into malware analysis at Data Fellows, the Finnish firm that later became F-Secure. In the early years, he said, virus writers were often motivated by experimentation and reputation, not money. Ransomware, cryptocurrency-enabled extortion, and industrialised data theft came later.

That history matters because drones are now at a similar inflection point: a technology that began as hobbyist hardware is becoming a commercial utility and a weapon, before the defensive norms are established. The demand for counter-drone solutions is rising, but the market is also fragmented—civil aviation rules, national security constraints, and proprietary vendor ecosystems all limit what can be tested and shared.

Hyppönen’s argument is that the next wave of “cyber” incidents will not stay inside laptops and phones. When the compromised device has rotors and a payload, the cost of a software mistake is measured in injuries, not downtime.

At Black Hat, he told the audience that in security, success is invisible. In drone security, he is betting that invisibility will be harder to tolerate.