Our guest today is Alexey Lukatsky, a well-known information security specialist and business consultant at Cisco. The main topic for the conversation was an extremely interesting area - the safety of modern cars and other vehicles. If you want to know why drones are hacked even more often than cars and why agricultural machinery manufacturers block unauthorized repairs of their machines at the firmware level, read on!

About the safety of modern cars

There is a dangerous misconception among most people that a car is something unique, different from a regular computer. Actually this is not true.

In Israel, Cisco has a separate division that deals with automotive cybersecurity. It appeared after the acquisition of one of the Israeli startups working in this area.

A car is no different from a home or corporate network, as evidenced by various studies examining what an attacker can do to a car. It turns out that cars also have computers, only they are small and inconspicuous. They are called ECU (Electronic Control Unit), and there are dozens of them in a car. Each power window, brake system, tire pressure monitoring, temperature sensor, door lock, on-board computer system, and so on are all computers, each of which controls its own piece of work. Through such computer modules, you can change the logic of the car. All these modules are combined into a single network, the length of the cables is sometimes measured in kilometers, the number of interfaces is in the thousands, and the amount of code is millions of lines for a normal on-board computer and, in general, all electronic components (including spaceship there are fewer of them). According to various estimates, up to 40% of a modern car is electronics and software. The volume of software in premium cars is up to a gigabyte.
I do not take into account the production of the Russian automobile industry, where, fortunately (from a safety point of view), there is no serious computer stuffing. But if we consider almost all foreign automakers, then all of them are now computerizing even the most budget models of their cars.

Yes, there are computers in cars. Yes, they have their own data exchange protocols, which are not something secret: you can connect to them, intercept data and modify it. As cases from the practice of such manufacturers as Toyota, Chrysler Jeep, GM, BMW, Chevrolet, Dodge and Mercedes-Benz show, attackers have become quite good at analyzing what is happening inside the car and have learned to analyze the interaction of the outside world with the car. Experts estimate that 98% of all tested software applications in cars (which account for up to 90% of all innovations) have serious defects, and some applications have dozens of such defects.

Now, as part of various projects in Europe and America, so-called smart roads are being created(for example, projects EVITA, VANET, simTD). They allow the car to exchange data with the road surface, traffic lights, parking lots, control centers traffic. The car will be able to automatically, without human intervention, control traffic, traffic jams, parking, reduce speed, receive information about traffic incidents so that the built-in navigator can independently rebuild the route and guide the car along less crowded highways. All this interaction now, unfortunately, occurs in a practically unprotected mode. Both the car itself and this interaction are almost not protected in any way. This is due to the general misconception that systems of this kind are very difficult to study and are of little interest to anyone.

There are also business-related problems. In business, whoever gets to market first rules. Accordingly, if a manufacturer was the first to introduce a certain new product to the market, it occupied a large share of this market. Therefore, security, which requires a lot of time for implementation and, most importantly, for testing, always pulls many businesses back. Often, because of this, companies (this applies not only to cars, but to the Internet of Things as such) either postpone security until later, or do not deal with it at all, solving a more mundane task - to quickly release a product to the market.

Known hacks that occurred earlier were associated with tampering with brakes, turning off the engine while driving, intercepting vehicle location data, and remotely disabling door locks. This means that attackers have quite interesting opportunities to perform certain actions. Fortunately, so far such actions have real life is not being produced, rather it is a so-called proof-of-concept, that is, some kind of demonstration of the capabilities of stealing a car, stopping it while moving, intercepting control, and so on.

What can you do with your car today? Hack the transport management system, which will lead to road accidents and traffic jams; intercept the PKES signal and steal the car; replace routes via RDS; arbitrarily accelerate the car; block the brake system or engine while driving; replace POI points in the navigation system; intercept location or block the transmission of location information; block the transmission of a theft signal; steal content from the entertainment system; make changes to the operation of the ECU and so on. All this can be accomplished both through direct physical access, through a connection to the vehicle’s diagnostic port, and through indirect physical access via a CD with modified firmware or through the PassThru mechanism, as well as through wireless access at close range (for example, Bluetooth) or long-distance distances (for example, via the Internet or mobile application).

In the future, if vendors do not think about what is happening, this can lead to dire consequences. There are quite simple examples that do not yet indicate that hackers have actively taken on cars, but are already applicable in real life. For example, suppression of built-in tachographs that have GPS or GLONASS sensors. I have not heard of such cases with GLONASS in Russian practice, but in America there were precedents with GPS when attackers suppressed the signal of an armored car of collectors and drove it to an unknown place in order to destroy it and take out all the valuables. Research in this area was carried out in Europe, in the UK. Such cases are the first step towards attacks on a car. Because, fortunately, I have never heard of everything else (stopping the engine, turning off the brakes while driving) in real practice. Although the very possibility of such attacks suggests that manufacturers and, most importantly, consumers should think about what they are doing and what they are buying.

It is worth saying that even encryption is not used everywhere. Although encryption may be initially provided for by the design, it is not always enabled, because it loads the channel, introduces certain delays and can lead to the deterioration of some consumer characteristics associated with the device.

In a number of countries, encryption is a very specific type of business that requires permission from government agencies. This also imposes certain restrictions. The export of equipment containing an encryption function is subject to the so-called Wassenaar Arrangements on the export of dual-use technologies, which also include encryption. The manufacturer is required to obtain an export permit from its country of production and then obtain an import permit from the country into which the product will be imported. If the situation with software has already calmed down, although it has its own difficulties and limitations, then there are still problems with such newfangled things as encryption in the Internet of Things. The fact is that no one knows how to regulate this.

However, there are also advantages to this, because regulators are still almost not looking towards encryption of the Internet of things and cars in particular. For example, in Russia the FSB very strictly controls the import of software and telecommunications equipment containing encryption functions, but does little to regulate encryption in drones, cars and other computer hardware, leaving it outside the scope of regulation. The FSB does not see this as a big problem: terrorists and extremists do not take advantage of this. Therefore, for now, such encryption remains outside of control, although formally it falls under the law.

Also, encryption, unfortunately, is very often implemented at a basic level. When, in fact, this is a regular XOR operation, that is, replacing some characters with others according to a certain simple algorithm that is easy to select. In addition, encryption is often implemented by non-experts in the field of cryptography, who take ready-made libraries downloaded from the Internet. As a result, vulnerabilities can be found in such implementations that allow you to bypass the encryption algorithm and, at a minimum, intercept data, and sometimes invade the channel to replace it.

Demand for car safety

Our Israeli division has a solution called Autoguard. This is a small firewall for cars that controls what's going on inside and interacts with the outside world. Essentially, it analyzes the commands exchanged between the elements of the on-board computer and sensors, controls access from the outside, that is, it determines who is and who is not allowed to connect to the internal electronics and hardware.

In January 2018 in Las Vegas, at the largest electronics exhibition CES, Cisco and Hyundai Motor Company announced the creation of a car new generation, which will use Software Defined Vehicle architecture and be equipped with the latest network technologies, including cybersecurity mechanisms. The first cars should roll off the assembly line in 2019.

Unlike consumer electronics and enterprise IT solutions, automotive security is a very specific market. There are only a few dozen consumers in this market all over the world - equal to the number of automobile manufacturers. Unfortunately, the car owner himself is not able to improve the cybersecurity of his “iron horse”. As a rule, projects of this kind are not only not advertised, but they are not in the public domain, because these are not millions of companies that need routers, and not hundreds of millions of users who need secure smartphones. These are only three to four dozen automobile manufacturers who do not want to draw attention to how the car protection process is structured.

Many manufacturers take protection lightly, others are just taking a closer look at this area, conducting various tests, because there are specifics here related to the life cycle of the car. In Russia, the average lifespan of a car is five to six years (in the central regions and large cities three to four years, and in the regions seven to eight years). If a manufacturer now thinks about introducing cybersecurity into its automobile line, then this solution will reach the mass market in ten years, not earlier. In the West the situation is slightly different. Cars are changed there more often, but even in this case it is too early to say that the cars are sufficiently equipped with protection systems. Therefore, no one wants to draw much attention to this topic.

Attackers may now begin to attack cars or provoke vehicle recalls due to computer security problems. This can be very costly for manufacturers because there are always vulnerabilities. Of course they will be found. But recalling thousands or hundreds of thousands of vulnerable vehicles each time because of a vulnerability is too expensive. Therefore, this topic is not widely heard, but large manufacturers, of course, are working and thinking about the prospects of this market. According to GSMA estimates, by 2025, 100% of cars will be connected to the Internet (so-called connected cars). I don’t know to what extent Russia is included in these statistics, but the world’s auto giants are included in them.

Safety of other modes of transport

Vulnerabilities exist in all types of vehicles. These are air transport, sea transport, freight transport. We will not take pipelines into account, although they are also considered a mode of transport. Any modern vehicle contains quite powerful computer hardware, and its development is often carried out by ordinary IT specialists and programmers who make classic mistakes when creating their code.

From a development point of view, the approach to such projects is slightly different from what is done by Microsoft, Oracle, SAP or Cisco. And testing is not carried out at the same level. Therefore, there are known cases of finding vulnerabilities and demonstrating the ability to hack aircraft or maritime transport. That is why no vehicles should be excluded from this list - their cybersecurity today is not at a very high level.

With drones the situation is exactly the same and even simpler, because it is a more mass market. Almost anyone has the opportunity to buy a drone and take it apart for research. Even if a drone costs several thousand dollars, you can buy it together, analyze it, and find vulnerabilities. Then you can either hijack such devices, or land them on the fly, intercepting the control channel. You can also cause them to fall and cause damage to the owner, or steal packages that drones are transporting if they are used to transport goods and shipments.

Considering the number of drones, it is clear why attackers are actively studying this particular market: it is more monetized. The situation in this area is even more active than with cars, because there is a direct benefit for the “bad guys”. It is not present when a car is broken into, not counting possible blackmail of the automaker. In addition, you can go to jail for blackmail, and the procedure for obtaining a ransom is much more complicated. Of course, you can try to get money from the automaker legally, but there are very few people who make money by searching for such vulnerabilities legally and for money.

When manufacturers block updates

Recently there was an interesting case - a manufacturer of agricultural machinery. I don’t see anything supernatural or contrary to business practice from the manufacturer’s point of view in this situation. He wants to take control of the software update process and bind his customers to him. Since warranty support is money, the manufacturer wants to continue to make money from it, reducing the risk of customers leaving for other equipment suppliers.

Almost all companies working in IT-related areas “live” by this principle. as well as companies - manufacturers of cars, agricultural machinery, aircraft or drones that implement IT at home. It is clear that any unauthorized intervention can lead to dire consequences, so manufacturers are closing the possibility of updating the software independently, and I understand them perfectly well here.

When a consumer does not want to pay for warranty support for equipment, he begins to search on various warez sites for firmware to update. This may, on the one hand, lead to him updating his software for free, but on the other hand, it may cause damage. In particular, in Cisco’s practice there was a case when companies that did not want to pay for support (in this case, of course, not for automobile or agricultural machinery, but for ordinary network equipment) downloaded firmware somewhere on hacker forums. As it turned out, these firmwares contained “bookmarks”. As a result, for a number of customers, information passing through network equipment leaked out to unidentified persons. There were several companies in the world that encountered this.

If we continue the analogy and imagine what can be done with agricultural machinery, the picture will be sad. In theory, it is possible to block the operation of agricultural machinery and demand a ransom to restore access to machines that cost hundreds of thousands of dollars or even millions. Fortunately, as far as I know, there have been no such precedents yet, but I do not rule out that they may appear in the future if this practice continues.

How to improve vehicle safety

The instructions are very simple: you need to understand that the problem exists. The fact is that for many managers there is no such problem; they consider it either far-fetched or not very in demand from the market and, accordingly, are not ready to spend money on it.

Three or four years ago, the Connected Car Summit was held in Moscow, where they talked about various newfangled things related to automation and computerization of cars. For example, about location tracking (car sharing connected to the Internet) and so on. I gave a presentation there on car safety. And when I talked about various examples of what can be done with a car, many companies, manufacturers and car sharing companies came up to me after the talk and said: “Oh, we didn’t even think about that. What do we do?"

There are few car manufacturers in Russia. After the speech, a representative of one of them came up to me and said that for now they don’t even think about computer security, because the level of computerization is very low - first they need to understand what can be added to the car in terms of computer stuffing. When I asked this representative if they were going to think about security at all, he replied that it was being considered very long term. This is the key point: you need to think about the fact that computer security is an integral part, it is not an external “add-on” function, but a property of a modern car. This is half the success in ensuring transport safety.

Second necessary step- hire specialists, internal or external. We need people who can legally break existing solutions and look for vulnerabilities in them. Now there are individual enthusiasts or companies that are engaged in either pentesting or security analysis of cars and their computer hardware. There are few of them, because this is a fairly narrow market in which you cannot expand and earn a lot of money. I don’t know anyone in Russia who would do something like this. But there are companies that are engaged in security analysis and do quite specific things - testing automated process control systems and the like. They could probably try their hand at cars.

The third element is the implementation of secure development mechanisms. This has long been familiar to developers of conventional software, especially since Russia recently adopted the corresponding GOST standards for safe software development. This is a set of recommendations on how to write code correctly so that it is more difficult to hack, how to avoid constructs that would lead to buffer overflows, data interception, data tampering, denial of service, and so on.

The fourth step is the implementation of technical security solutions, that is, the use of special chips in cars, building a security architecture. The developers should have architects who deal specifically with security issues. They can also deal with the architecture of the car from the point of view of protection, the architecture of the control system. Because you can always attack not the car itself - it is much more effective to hack the control system and gain control over all the cars.

As recently happened with online cash registers, which suddenly stopped working on the day of the centenary of the FSB. After all, an online cash register is, roughly speaking, the same car: it has computer hardware and firmware. The firmware stopped working instantly, and a quarter of the entire retail market stopped working for several hours. It’s the same with cars: poorly written code, vulnerabilities found in it, or hacking of the control system can lead to quite dire consequences. But if in the case of online cash registers the losses were measured in billions, then in the case of cars there will be casualties.

Although with cars it is not necessary to expect hacking or interception of control of tens of millions of vehicles. It is enough to hack just a few of them, and there will be chaos on the road. And if the fact of the hack becomes public, you can be sure that the media will trumpet it to the whole world, and car owners will be horrified by the “prospects” that have opened up.

In general, three levels of protection of modern vehicle. This is the built-in cybersecurity of the car itself (immobilizer, PKES, secure internal communications between ECUs, anomaly and attack detection, access control, trusted security modules); security of communications (protection of external communications with the road infrastructure control center, the manufacturer of the car or its individual parts, protection of downloading applications, content, updates, protection of tachographs); and the safety of road infrastructure.

What and where to study for a specialist

IT professionals who are or want to develop code for cars, vehicles, or drones may want to start by learning about secure development (SDLC). That is, you need to study what secure development is in general. It must be admitted that these additional knowledge don't bring in extra money. Today, no one is punished for ignorance of the basics of secure development, there is no responsibility, so it remains at the discretion of the IT specialist himself. At first it may be competitive advantage for a specialist, because few places teach this, which allows you to stand out from others. But in the field of car security, the Internet of things, and drones, this is not the most popular requirement for an employee. Unfortunately, we must admit that IT specialists do not pay much attention to this topic.

Safe development is self-learning in its purest form. Because there are practically no courses of this kind, they are all made only to order, and, as a rule, this corporate training. This topic is also not included in the federal state educational standards, so all that remains is self-study or taking courses from companies that deal with code analysis. There are such companies - among Russian players, for example, Solar Security or Positive Technologies. There are many more of them in the West, for example IBM, Coverity, Synopsys, Black Duck. They conduct various seminars on this topic (both paid and free), where you can gain some knowledge.

The second direction for IT specialists is architects. That is, you can become a security architect for this kind of projects, for the Internet of things in general, because they are built, plus or minus, according to the same laws. This is a central control system from the cloud and a bunch of sensors: either narrowly focused, such as a drone, or sensors integrated within a car or larger vehicle that need to be properly configured, implemented, designed. It is necessary to take into account various threats, that is, so-called threat modeling is necessary. It is also necessary to take into account the behavior of a potential violator in order to understand his potential capabilities and motivation, and based on this, design mechanisms to repel future threats.

You can find a lot of useful materials on the Internet. You can also read various presentations from conferences such as DEF CON and Black Hat. You can look at the materials of the companies: many publish on their websites quite good presentations and whitepapers, descriptions of typical errors in the code, and so on. You can try to find presentations from specialized events on car security (for example, Automotive Cybersecurity Summit, Vehicle Cyber ​​Security Summit, Connected Cars Summit, CyberSecureCar Europe).
In addition, now the Russian regulator FSTEC of Russia (Federal Service for Technical and Export Control) has a number of initiatives, in particular, it is proposed to post on the Internet typical errors that programmers make in code, and to maintain a certain database of such errors. This has not yet been implemented, but the regulator is working in this direction, although they do not always have enough resources.

After the leak of the CIA and NSA cyber arsenal to the Internet, anyone, even a “home hacker,” can feel like a special agent. After all, he owns almost the same arsenal. This forces architects to think completely differently about how they build their systems. According to various studies, if you think about security at the design stage, then X amount of resources will be spent on its implementation. If you change the architecture already at the stage of industrial operation, this will require thirty times more resources, time, human and money.

An architect is a very fashionable and, most importantly, very lucrative profession. I can’t say that in Russia there are such specialists high demand, but in the West, a security architect is one of the highest paid professions; the annual income of such a specialist is about two hundred thousand dollars. In Russia, according to the Ministry of Labor, there is a shortage of approximately 50–60 thousand security workers every year. Among them are architects, administrators, managers and those who model threats - this is a very wide range of security specialists who are regularly in short supply in Russia.

However, architects are also not taught in universities. Basically this is retraining, that is, appropriate courses, or self-study.

In Russia, corporate training is mainly practiced. Because it's not a mass market and training centers do not include this as a course in their programs. This is done only to order. In theory, this should initially be included in public education in universities. To lay the foundations for proper design of various architectures. Unfortunately, federal state educational standards are written by people who are very far from reality and practice. Often this former people in uniform, who do not always know how to correctly design systems, or they are familiar with this in a very specific way: their knowledge is related to state secrets or the fight against foreign technical intelligence, and this is a slightly different experience. This experience cannot be called bad, but it is different and of little use in the commercial segment and the Internet of things. Federal State Educational Standards are updated very slowly, approximately once every three to four years, and mostly cosmetic changes are made to them. It is clear that in such a situation there are not enough specialists and there will be a shortage.

Working at Cisco

Cisco has development in Russia. Work is currently underway to create an open stack-based platform for service providers and data centers. We also have a number of agreements with Russian companies, who are engaged in individual projects for us. One of them is the Perspective Monitoring company, which writes separate handlers for network traffic to recognize various applications, which are then embedded in our network security tools. In general, we, like most global IT companies, have several development centers around the world, and regional offices perform the functions of marketing, support, and sales.

We have an internship program for university graduates - a year in Europe, at our academy. Before this, they go through a big competition, and then they are sent to one of the European capitals for a year. Upon return, they are distributed to our offices in Russia and the CIS countries. These are engineers who design systems and support them, as well as people who do sales.

Sometimes we have vacancies when someone gets promoted or leaves the company. These are mainly either engineering positions or sales-related positions. Considering the level of Cisco, in this case we do not recruit students, but people who have worked in some position for more than one year. If he is an engineer, then he must have enough Cisco certification. What is needed is not a basic CCNA; as a rule, a minimum of CCNP is required, and most likely, a specialist must undergo CCIE certification - this is the maximum level of Cisco certification. There are few such people in Russia, so we often have a problem when we need to find engineers. Although in general the rotation in the company is not very large, it is measured at 1–2% per year. Despite the economic situation, American companies in Russia pay very well, the social package is good, so usually people don’t leave us.

I have been working in the field of information security since 1992. Worked as an information security specialist in various government and commercial organizations. Worked his way up from an encryption software programmer and administrator to an analyst and business development manager in the field of information security. He had a number of certifications in the field of information security, but stopped chasing badges. At the moment I am giving my all to Cisco.

Published over 600 printed works in various publications - “CIO”, “Director of Information Service”, “National Banking Journal”, “PRIME-TASS”, “Information Security”, “Cnews”, “Banking Technologies”, “Analytical Banking Journal” , “Business Online”, “World of Communications. Connect", "Results", "Rational Enterprise Management", "Mergers and Acquisitions", etc. In the mid-2000s, he stopped counting his publications as a futile exercise. Currently I am running a blog on the Internet, “Business Without Danger.”

In 2005, he was awarded the Documentary Telecommunication Association award “For the development of infocommunications in Russia”, and in 2006 - the InfoForum award in the “Publication of the Year” category. In January 2007, he was included in the rating of 100 people of the Russian IT market (I still don’t understand why). In 2010, he won the Lions and Gladiators competition. In 2011, he was awarded a diploma from the Minister of Internal Affairs of the Russian Federation. At the Infosecurity conference he received the Security Awards three times - in 2013, 2012 and 2011 (for educational activities). For the same activity, or rather for blogging, in 2011 he received the Runet Anti-Prize in the “Safe Roulette” nomination. In 2012, he was awarded by the Association of Russian Banks for his great contribution to the development of security banking system Russia, and in 2013 at the Magnitogorsk forum received the award “For methodological support and achievements in banking security.” Also in 2013 and 2014, the DLP-Expert portal was named the best speaker on information security. During his time at Cisco, he was also awarded a number of internal awards.

In 2001 he published the book “Attack Detection” (the second edition of this book was published in 2003), and in 2002, co-authored with I.D. Medvedovsky, P.V. Semyanov and D.G. Leonov - the book “Attack from the Internet”. In 2003 he published the book “Protect Your Information With Intrusion Detection” (on English language). Throughout 2008-2009, he published the book “Myths and Misconceptions of Information Security” on the bankir.ru portal.

I am the author of many courses, including “Introduction to attack detection”, “Attack detection systems”, “How to link security with an enterprise’s business strategy”, “What is hidden in the legislation on personal data”, “Information security and organizational theory”, “Efficiency measurement Information Security", "Information Security Architecture and Strategy". I give lectures on information security in various educational institutions and organizations. I was the moderator of the RU.SECURITY echo conference on the FIDO network, but abandoned this matter due to the exodus of most specialists to the Internet.

For the first time in the Russian press I addressed the topic:

• Business information security
• Security of mergers and acquisitions
• Measuring the effectiveness of information security
• SOA Security
• Billing system security
• Deceptive systems
• IP telephony security
• Data storage system security
• Hotspot security
• Call center security
• Applications of situation centers in information security
• Mobile spam
• Mobile operator network security
• And many others.

Married, raising a son and daughter. I try to devote free time to my family, although exhausting work for the benefit of the Motherland and the employer leaves almost no such time. A hobby turned into a job, or a job turned into a hobby, is writing and information security. I have been involved in tourism since childhood.

PS. Photos for Internet publications (download above or via

ABOUT tweet, it would seem obvious. To blog like Lukatsky, you have to be Lukatsky. But let's take a deeper look at the methods and motivation for running your own blog.Blogging is a drug. Even if today you have already written a bunch of posts, tweets and comments on all possible social media, you want more and more. The more information that interests you falls on you, the more blogs, pages, and sites you want to consume. The more channels you have to distribute your information, the more ways you need to communicate with the outside world.

The real value of any blog for its owner is affordable way communicate information to a wider audience. In addition, a blog allows you to increase your own self-esteem, hide your weaknesses inside, and, on the contrary, put your virtues out.

Desire to create your own brand

The first reason for starting your own blog is the desire to say something to your audience. The world is becoming information-saturated, the demand for useful and timely information is growing, giving new opportunities to people who see this as a way to unlock their potential.

The second reason is quite selfish - the desire to create your own brand, that is, by doing what you love, to derive personal benefit from it (ops, casually formulated the dream of any hacker).

Let's figure out if you have the prerequisites to create own brand on social networks.

First of all, when choosing a topic for blogging, you need to focus on something. You have a problem of choice.

1. Brand of the information reported (it is assumed that this is some kind of exclusive, a la Arustamyan from football with its pseudo-news).

2. The brand of an expert - it must be earned, and this is a long and thorny path. Colleagues in the workshop should recognize you as a specialist in the ability to convey high-quality information in an accessible form.

3. Brand of knowledge - in order to transmit knowledge to an audience, you must first obtain it, and this is work that may not pay off. In any case, you need to increase your potential as a representative of the profession.

4. Well, as the most common option, you just talented person, you are bursting with the desire to become famous and it doesn’t matter to you what to write/talk about (most novice bloggers think so).

You need to learn to present the material in such a way that it is a) understandable, b) relevant, and then whatever you like: interesting, exciting, aphoristic, easy, with humor. After all, writing or public speaking are skills that can be learned and come with experience.

Most people (in the context of this article - bloggers) are engaged in either interpreting other people's ideas (exactly what I am doing now), or aggregating news press releases (events, vacancies, etc.), including broadcasting news of their own brand/product , publishing the necessary content from exhibitions, conferences, presentations, etc. But even in this case, not many people can package information into high-quality material (we are not considering professional journalists). And why? The news presentation of materials suits most target audience. With the modern shortage of time and abundance of materials, the reader does not have enough strength or patience for more.

Despite the statement in the title, although not like Lukatsky, you have everything you need to become a famous blogger - a person who knows how to write and is ready to devote all his free time to this activity.

This requires only five terms.

First, you need luck (and this is one of the reasons why you will not become Lukatsky). Not everyone is as lucky as Lukatsky. He has knowledge, experience and most importantly - modern technologies security. It is important (and it shows) that he receives the support of his company. What was once just a hobby for Lukatsky has become a new approach for the company to convey the necessary information. Due to its popularity in social media, Lukatsky’s blog became a brand within the company (I doubt that this was a well-thought-out strategy, at least initially). This has become part of the business that Lukatsky represents ( Cisco ). He sincerely loves what he does and his interest is transmitted to the audience. He cares not only about the subject area of ​​his activity, but also about the state of the industry as a whole, and this is captivating.

The second is a cocktail of internal energy, personal charisma and experience

Public speaking requires charisma and a strong personality. Lukatsky is invited to various events because he is able to explain complex things in simple language (this is a skill that needs to be learned) and has excellent knowledge of the subject area.

Fourth - see the forest before the trees

You need to see/feel/know the problems of the blog's target audience. Leading bloggers provide invaluable assistance in solving problems among readers of their blogs. Taking material and packaging it into clear and interesting blog posts is something they do regularly and well.

A blog is not only a method of conveying information, but also an opportunity for career growth(there is no prophet in his own country). Lukatsky is an example of creating new position in the company - an interpreter of the subject area to attract new audiences.

And finally, fifth, blogging requires iron discipline. to regularly (the more often the better) publish material on your blog.

Well, as an additional, optional option, it is advisable to regularly conduct training seminars to popularize your brand.

To paraphrase a famous saying: people will forget what you wrote, people will forget what you said, people will not forget what they understood thanks to you. Now everyone is broadcasting that Lukatsky is holding a seminar on personal data tomorrow (maybe this is a form of PR, robots have been broadcasting for a long time, using IVR -technology or are there really still remote villages in Russia in Kamchatka, whose residents did not attend Lukatsky’s seminars according to personal data?). But seriously, his articles, presentations, slides are distributed to all audiences and live their own life and this is normal, it strengthens the brand.
So, you won’t be able to blog like Lukatsky. And who has ever stopped this?! As Andrey Knyshev joked: “The one who climbed higher simply climbed earlier.”