Mikko Hyppönen is pacing the stage, his trademark dark blonde ponytail resting against an impeccable teal suit. He is addressing a room full of hackers and security researchers at one of the industry’s premier annual gatherings, trying to distill a complex career into a single, relatable concept.
“I often call this ‘cybersecurity Tetris’,” Hyppönen tells the audience, his expression serious as he outlines the rules of the classic video game. When a player completes a line of bricks, the row vanishes, allowing the remaining blocks to fall into place.
“So your successes disappear, while your failures pile up,” he says during his keynote at Black Hat in Las Vegas in 2025. “The challenge we face as cybersecurity people is that our work is invisible… when you do your job perfectly, the end result is that nothing happens.”
For Hyppönen, however, the work has rarely been invisible. As one of the cybersecurity industry’s longest-serving figures, he has spent more than 35 years on the front lines fighting malware. When he began his career in the late 1980s, the term “malware” was not yet everyday parlance; the threats were known simply as computer “viruses” or “trojans.” The internet was a niche utility, and infections often spread via floppy disks.
Now, Hyppönen is applying that decades of defensive experience to a modern, physical frontier. After a career defined by keeping malicious code out of computers, his new challenge is protecting people from drones.
Hyppönen, a Finnish citizen, lives approximately two hours from Finland’s border with Russia. The geopolitical tension in the region, exacerbated by Russia’s 2022 full-scale invasion of Ukraine, has driven his strategic pivot. In Ukraine, reports indicate that the majority of casualties have resulted from unmanned aerial attacks. This reality has convinced Hyppönen that he can have a renewed impact by shifting his focus to drone defense.
For Hyppönen, the move is similarly a recognition of the cybersecurity industry’s maturity. While malware remains a persistent threat, the sector has made significant strides over the last two decades. Hyppönen points to the iPhone as an example of an extremely secure device. In contrast, the cybersecurity aspects of drone warfare remain largely uncharted territory.
The Evolution of Digital Threats
Hyppönen’s journey into security began in the 1980s, hacking video games. His passion for the field ignited while reverse engineering software to remove anti-piracy protections from a Commodore 64 console. He learned to code by developing adventure games and sharpened his reverse engineering skills analyzing malware at Data Fellows, the Finnish company that later became the antivirus giant F-Secure.
In those early years, virus writers often operated out of passion and curiosity rather than profit. There was no cryptocurrency to facilitate extortion, nor a criminal marketplace for stolen data. Form.A, for instance, was a common virus in the early 1990s that infected computers via floppy disk. Some versions did not destroy data, merely displaying a message on the screen. Yet, the virus traveled globally, even reaching research stations at the South Pole.
Hyppönen and his colleagues were the first to discover the infamous ILOVEYOU virus in 2000. It was a worm that spread automatically via email, purportedly a love letter. If opened, it corrupted files and mailed itself to all contacts, eventually infecting over 10 million Windows computers worldwide.
According to Hyppönen, the landscape has shifted dramatically. “The age of viruses is firmly behind us,” he said. Self-replicating malware is now rare because it is easily detected. Today, malicious software is almost exclusively the domain of cybercriminals, spies, and state-backed actors who prefer to retain their tools hidden to maintain access.
The industry itself has professionalized, growing into an estimated $250 billion market. Defenders have moved from giving away software for free to offering paid services. Modern devices like smartphones have become significantly harder to compromise. Hyppönen argues that if hacking tools cost six figures or millions of dollars, only highly resourced entities like governments can afford them, effectively shielding average consumers from financially motivated criminals.
From Code to Kinetic Defense
In mid-2025, Hyppönen transitioned from traditional cybersecurity to a different kind of defensive work, becoming the chief research officer at Sensofusion. The Helsinki-based company develops anti-drone systems for law enforcement and the military.
Hyppönen stated that his motivation to enter this developing industry stemmed from the conflict in Ukraine. As a Finnish citizen who serves in the military reserves, he is acutely aware of the threats near his country’s border. “I can’t tell you what I do, but I can tell you that they don’t give me a rifle because I’m much more destructive with a keyboard,” he noted regarding his reserve duties.
“The situation is very, very important to me,” Hyppönen said. “It’s more meaningful to work fighting against drones, not just the drones that we see today, but also the drones of tomorrow. We’re on the side of humans against machines, which sounds a little bit like science fiction, but that’s very concretely what we do.”
While the industries may seem distinct, Hyppönen sees clear parallels between fighting malware and countering drones. In cybersecurity, defenders apply “signatures” to identify and block malicious code. In drone defense, systems locate and jam radio drones by recognizing the frequencies used to control them.
Hyppönen explained that defenders can identify drones by recording their radio frequencies, known as IQ samples. “We detect the protocol from there and build up signatures for detecting unknown drones,” he said.
Once the protocol and frequencies are identified, defenders can attempt cyberattacks against the drone itself, causing the system to malfunction and crash. “So in many ways, these protocol level attacks are much, much easier in the drone world because the first step is the last step,” Hyppönen said. “If you find a vulnerability, you’re done.”
The strategic dynamic remains unchanged: a continuous cat-and-mouse game where defenders stop a threat, and adversaries devise new ways to bypass those defenses. The identity of the enemy, however, has remained consistent for Hyppönen.
“I spent a big part of my career fighting against Russian malware attacks,” he said. “Now I’m fighting Russian drone attacks.”
As drone technology continues to evolve, the intersection of cybersecurity and physical safety will likely become increasingly critical. Hyppönen’s move signals a broader trend where digital defense expertise is being applied to kinetic threats, ensuring that the “invisible work” of security professionals continues to protect humans in an increasingly automated world.
For more updates on cybersecurity trends and defense technology, stay tuned to time.news.
