MOSCOW: "All we're trying to do is save the world," says Eugene Kaspersky, founder of the Kaspersky Lab, one of Russia's top software companies and maker of a leading antivirus product.
Together we gazed out at the frozen vistas of Russia's capital as we discussed the threats that will face business users and consumers this year and into the future. The biggest threat, claims Kaspersky, is Internet crime.
Kaspersky had invited me to visit his company's virus lab and headquarters in a once super-secret research facility located on the northern edge of Moscow.
He showed me the efforts his company is making to fight the growing malware threat through early detection and rapid analysis. But the real danger, he says, is through targeted attacks by criminals against specific companies. Those attacks, he notes, are difficult of impossible for an antivirus or other antimalware product to protect against.
As Kaspersky explains it, the nature of today's security threat has changed dramatically. Virus creation is down significantly, while attacks aimed at separating users from their money are rising steeply. The difference is that the virus writers of old were young people trying to prove themselves. Those people, he explains, are now proving themselves with online games. Now the attacks are motivated by money.
The Targets Are Changing
The new threat includes some of the same old techniques, but they're aimed at different targets. Plus, a couple of new and troubling practices are growing.
This version of Internet crime is simple in concept, easy to carry out and effective in its ability to extract money from its victims. In this type of crime, the perpetrator gains control of a large number of machines that he uses to send traffic to a single Web site. This is usually accomplished by sending out worms with a payload that will execute a command to send out traffic when needed. Once there are enough slave computers, they flood the targeted Web site with so much traffic that it effectively becomes useless to customers. The extortionist then demands payment to make it stop.
Most users have already seen emails that pretend to be from their bank. Those emails usually ask for account information. That information is then sent to a criminal enterprise where the identity and account information is harvested and sold to other criminals. Once that happens, your financial life rapidly hits the toilet and your peace of mind goes with it. While phishing doesn't initially seem to be an immediate threat to business, in reality it is. The practice erodes consumer confidence, and it will eventually result in charge-backs for transactions that involved stolen card information. In addition, targeted phishing attacks, which are already showing up at some companies, attempt to get employees to provide access to confidential company information that might otherwise be protected by your security department.
The scary thing about malware today is that it's getting smarter and sneakier. The worms and Trojans that in the past shut down whole networks and trashed computers are now better behaved. According to Kaspersky, the creators have figured out that well-behaved software can exist on a machine for a long time before it's discovered. Meanwhile it can record keystrokes that will provide account numbers, user names and passwords and access information that a criminal needs to raid the information you’re trying to protect. Some versions will even search for information on their own, but will do it quietly so you won't notice.
The Additional Threats
And of course, all of this is in addition to traditional threats such as corrupt employees or stolen equipment. Those threats haven’t gone away and aren't likely to.
Most criminals are simply after the information, and a few thousand bucks to get a CD delivered or a laptop lifted is small change by comparison to having to create stable malware that’s hard to detect.
While the threats have changed, the means of fighting them off really haven't. On the other hand, the importance of implementing good tools has grown substantially. Just as you can no longer afford to be without antivirus software, you can also no longer afford to be without a firewall. You must also have a way to monitor the activities of your employees and to control the information that leaves the company.
Depending on the type of business you're in, the requirements for battling the growing risks of today and tomorrow have become more immediate. For example, protecting customer information is more than just a good idea; today it's the law. If you fail to meet the requirements of the government regulations that affect your company, you can go to jail. You can also be sued for gazillions of dollars and you can lose your job. Foul up badly enough and your company can go under.
If you're a consumer that fails to take these threats as seriously as you should, you can face financial ruin. The twenty dollars or so that it costs to keep your antivirus package up to date seems like a small cost by comparison. Even smaller is the cost of the free software necessary to provide a personal firewall for your computer when it's attached to the Internet. Microsoft provides that with Windows, but you can also download a free personal firewall from Zone Labs (www.zonelabs.com).
In short, the threat level is growing and the consequences are getting worse. Balance that against the relatively inexpensive countermeasures and failure to meet those growing threats becomes difficult to justify. And if you're in business, it becomes irresponsible. How would you like to explain to your boss on your exit interview that you didn't take the precautions you knew would protect the company's assets when you could have done so?
As I left Kaspersky's offices to catch the bus, the chill I felt wasn't just from the Russian winter. It was from today's changing security landscape, and the fact that too many companies, and too many ignorant consumers, will continue to ignore security steps they must take, and in doing so, endanger the rest of us.