Panda Security Insight

In my last post I talked about the need for cyber-security to become a priority. I also believe that the media could lend us a hand in generating awareness about the problem among the general public. Last week an article was published about the discovery of a zombie network controlled by a botnet called ‘Kneber’. According to the information available to date, it has infected some 75,000 computers in 2,500 organizations worldwide, also compromising user accounts on popular social networks. Kneber employs the infamous Zeus Trojan, which first appeared in 2007 and has been infecting computers ever since.
 
In fact, the number of computers affected is relatively low in comparison with other similar networks. The difference however is the coverage it has received in the media. We must bear in mind that what is not reported, simply doesn’t exist as far as the general public is concerned. Yet we work in a complex sector, and it is often very difficult to differentiate between what is important and what isn’t. The same applies to the media.  One criteria used to establish the significance of an issue is the number of affected users, but it isn’t the only one. If it is only massive attacks that get reported, we could be feeding the misconception that these are isolated cases, when the truth is that security labs are investigating these types of attacks on a daily basis. For users to fully comprehend the importance of proper protection and security, they must understand that apart from the massive attacks they hear about through the media, there are numerous threats which are surreptitiously targeting users every day, stealing their data or identity for financial gain.

These cyber-attacks are carried out by criminal organizations that earn millions every month through business models deployed across a channel that allows for anonymity and makes it difficult to track down the perpetrators, for a number of reasons: recruiting of ‘money mules’ to do the dirty work and cover the tracks of the real criminals; lack of legitimate tools and security personnel equipped to combat them, and an uncoordinated response from those responsible for security at an international level.

Although as security vendors we work to identify these new threats and offer solutions to our clients, it is not enough. Nowadays, cyber-crime is organized, and has evolved to the point that, as soon as we offer solutions or dismantle networks such as Kneber, criminals are able, in less than 24 hours, to adapt the code of bots and Trojans and redeploy the network, once again evading security systems.
 
In conversations I have had with others in the security industry, in public administration and the security forces, we tend to agree that we need to work together if we really want to combat cyber-crime. However, this will not be possible until we are able to make governments, companies and users aware of the real dimension of the problem. This is where the media comes in, as a vehicle for security information, awareness and education. In short, it can help us make cyber-crime a priority. Only in this way can we alert users to the true panorama, and jointly work to improve a situation which is steadily worsening.

Tweet This Post 

Malware, Raising of awareness, security

One of the bonuses for us at Panda Security of organizing the Security Blogger Summit is that we get the chance to interact a lot with the panelist during their stay in Madrid. Having lunch at Botin has become a tradition.   Botin is acknowledged as the oldest restaurant in the world as it was founded in 1725.  Being a technology company, taking our panelist to such a place makes a nice contrast.

On Thursday we had a very interesting lunch with some of the panelists, including Brian Krebs, Joseph Menn, Kurt Wismer, Marc Cortes, Yago Jesus, Javier Sanz.  As always, food was great.  In addition we had time to discuss various  hot topics on security.

I was most surprised about a statement by Joseph:  some of the largest cybercrime gangs out there are protected by some of the largest governments in the world.  He has recently published a book which is very interesting to read on the topic.  Most at lunch agreed with the statement and with the fact that neither governments nor police organizations or judges do much against cybercrime and that it is not really at the top of the agenda.  When I asked why, they all responded that the reason is basically that Governments don’t really understand how big the problem is and neither police or judges have the tools, jurisdiction or desire to make it a priority given that they don’t understand much about the problem.  As they later said in the Summit, for cyber security to become a priority for Governments “someone would have to die so that it becomes a social problem” … as Joseph said, we are not far away from that anyway.

I have been saying for a long time that the cost of doing nothing is far larger than taking action and I normally use the analogy with tobacco.  At a given point in time, governments worldwide realized that, in addition to killing large portions of their population, tobacco had a big economic impact: absenteeism, cost to the National Health Systems, etc.  Only then they took action.  It took them years … Lets learn from our mistakes.

Technology is an integral part of our lives already and it will only grow in importance.  Ignoring cyber security is a recipe for disaster.  It is not just asking people to use a security solution, it is making them aware of the threats and have privacy in mind when using today’s tools and social media services, it is protecting critical infrastructure, it is legislating, chasing and punishing those that benefit from cybercrime, it is teaching kids at school how to use technology safely and responsively, etc.

Users are not only not aware of the dangers, but living under the perception that the digital world is secure, and as we know, that is not the case.  Let me finish with a real life example: before giving a training at a public school on cyber security a friend asked for the names of those in the class he was going to speak.  For one week, and using only social media sites, he “investigated” all in the class.  The day he spoke in front of the class, he began telling the kids where they had spent their weekend, the home addresses and telephone numbers, and many other many personal details about most of them. The kids were shocked and wondered how he had found all the information.  Now that he had caught their attention, my friend went on to explain that one should be wary of who invites you as a friend in a social site and simple things like how to establish adequate privacy settings on social sites like Facebook or Tuenti … which was the only mean he had used to get all that information.

If we can’t find any other good enough reason, at least we need to bring cyber security to the front page of the newspapers … for the sake of our kids.  They are at risk and they don’t even know it.

Tweet This Post 

Uncategorized