So the financial crisis has supplanted compliance, green IT and all the other buzz words peppering vendor press releases in recent years, but are the security implications of it really that serious? Well, yes and no.

The obvious one to watch out for is phishing. As has been noted by Trend Micro and others, the disruption in commerce - with firms being bought, sold and merging - creates great opportunities for the hackers to harvest personal log-in and other details. A phishing email for example could be sent out to customers of an ailing bank, saying that the institution in question is going to be sold and needs to reconfirm all of its customers' details.

Then there is that other byproduct of an economic downturn, people are going to lose their jobs. But we're still skeptical about the predictions of Kaspersky Lab, Trend and others that this is really going to turn unemployed software engineers to the dark side. Alright, it might make one or two think twice about where their loyalties should lie, but it would be a stretch to see it severely unbalancing the delicately weighted good versus bad battle between hackers and anti-malware writers.

What's more likely is that witless people in search of some extra money to get them through these hard times are conned into becoming money mules and other members of the online fraud chain.

December 18, 2008 | Permalink | Comments (1)

The European Union (EU) has adopted a new Safer Internet Programme, which will be in place as of 1 January 2009 aimed at making the web a safer place for kids.

To support the programme, the EU has announced funding of €55m over five years. This will cover initiatives to raise public awareness and promote a safer online environment, as well as prevent harmful content from being posted on the web.

According to the EU's budget breakdown, 66 per cent or €36.3m of the overall cash pot will be spent on education and promoting a safer web for kids, while the remaining €18.7m will go on tackling harmful content.

The EU also highlighted new research from Eurobarometer, which revealed that three quarters of six- to 17-year olds use the internet, while half of 10-year-olds have a mobile phone.

However, despite kids being comfortable with technology, their parents don't appear to feel the same. The study found that more than half of parents are concerned that their offspring will be the victim of online grooming or cyber bullying. In response, the majority of parents said they did not allow their kids to give out personal details or talk to strangers on the web.

What's worrying about the study is that 41 per cent of parents also admitted they don't use any kind of web filtering or monitoring software - so it's hard to work out how they stop their children from giving out their name, age and other details online, or from chatting to strangers. About two thirds of those not using any filtering tools said this was because they trusted their children, while 14 per cent said they don't know how to get hold of or use monitoring software.

Hopefully part of the €55m funding will trickle down into practical sessions for parents on the many available web filtering tools, how they work and where they can be downloaded or purchased from - and also a useful lesson in cynicism as I'm sure lots of the kids reassuring their parents that they don't give out any personal details or chat to people they don't know online are doing exactly that.

December 10, 2008 | Permalink | Comments (0)

Here's an interesting fact for you: crab sticks do not actually contain any crab. Yup, thought you'd all be impressed. Actually I've got tons of facts. Another one I learned today is that music files are one of the four most popular mechanisms for spreading malware. Of course, i know you'll get the others - flash drives, malicious scripts and email attachments - but music files?

We learnt this at the Kaspersky Lab New Dimensions press event today, where the vodka-soaked hacks from around the globe sat before Timur Biyachuev, project manager for R&D at the vendor, for a DIY computer security lesson.

In October this year, for example, the biggest threat found by Kaspersky Lab was a Trojan Downloader named WMA Wimad.n - a Trojan masquerading as a WMA file. The Kaspersky advice is if you open a music file and your media player asks you to download a codec or read a licence agreement, don't.

The other topic of interest at today's event was the presentation given by chief security expert at Kaspersky Lab, Costin Raiu. He demoed a new feature in the firm's upcoming 2009 security product - yes, a blatant product plug, but it was still interesting. It's a new virtual keyboard function which enables users to enter sensitive information on their PC - log-in details for online banking for example - without the risk of that information being recorded by keylogging software. As he rightly explained, some banks have their own virtual keyboard tools to be used at log-in time, but these can be circumvented by Trojans which take screenshots of the computer screen, which enables the hackers to see which digits you are clicking on anyway.

It's not revolutionary but just another step in the right direction, which will probably be overcome by the criminals in time. But until then it could be a valuable tool for protecting the online assets of your customers.

December 5, 2008 | Permalink | Comments (0)

You know how the last blog posting talks about technology being the most important thing in the anti-malware industry? Well, that probably has to be qualified a little bit, because the other key message coming from the Kaspersky Lab New Dimensions press event so far has been the importance of the engineers. So, it's actually all about the technology ... and the people.

Yes, the unsung heroes of anti-malware industry were finally given their day in the sun today - well, not literally, they were still locked away in a windowless room staring at code - as Eugene Kaspersky explained how the astonishing success of the company has been down largely to attracting and keeping talented engineers. The firm is lucky enough to have access to the talent pool of graduates from Russian universities, many of which have a reputation for excellence in engineering and technology courses. But it still has difficulty in finding enough of the best, and on occasion even loses them.

According to Kaspersky, one employee had to re-locate to another software company as it became too distressing to stay on the good side of the malware war, once he found out how much some criminals were making.

That's a pretty extreme example, of course, but what is true is that competition for the best of the best is fierce. Kaspersky also has a bit of an advantage over some of its competitors, however, because of its reputation, VP of R&D Nikolay Grebennikov told me. It is well-known in the industry for innovating, and supporting its engineers with whatever projects they might find it necessary to undertake, so it has garnered a good reputation among the security researcher community. Things get done, in other words, and with the recent creation of the Global Research and Analysis Team (although most security vendors have something like this already) there is yet another lure to tempt potential white hat recruits into the Kaspersky ranks.

December 5, 2008 | Permalink | Comments (0)

If anti-virus vendor Kaspersky Lab were any more bullish right now it would be growing a pair of horns and a dislike of the colour red. At its annual press gathering in Moscow, around 30 of my esteemed counterparts in the international press - from Japan to Australia, South Africa to Argentina - were told that the firm has Symantec and McAfee firmly in its sights. In fact, COO Eugene Buyakin even went so far as to say it would be number one in the endpoint security market sooner or later.

And then chief executive Eugene Kaspersky left us in no doubt about why this will happen (despite the fact that it is actually more likely never to happen, according to most of the journalists I have spoken to here). It's because of the firm's relentless focus on R&D, on sourcing the best engineers and ploughing truckloads of rubles into innovation. Time and again we were told how Kaspersky predicted, unlike its rivals, that the security market would be lead by innovators, by those firms which seek to invest the most in technology to protect their customers.

It's actually quite refreshing to see a software vendor so unequivocally pronouncing itself utterly brilliant. Kaspersky said he doesn't recognise the current financial crisis because his firm's doing pretty well, thank you very much, although when asked exactly how much the company was worth, he replied a little more coyly: "Enough to throw you all a good party tonight". The figures don't lie though - they're forecasting year-on-year revenue growth of 100 per cent to $270m in 2008. So what is driving this rapid growth - is it the technology or just good PR and an enthusiastic and loyal partner network?

Well, we did get some answers. Kaspersky is certainly trying to move beyond traditional AV by providing products which incorporate user-community driven white- and blacklisting, alongside static and dynamic application analysis, vulnerability scanning, behavioural analysis and in-the-cloud protection. The latter is all about harnessing the internet and the power of its customer base to detect if an application should be allowed to run or not and react in real-time to new threats.

It's a big step up from the old paradigm of pushing out AV signature updates to users, sometimes hours after the virus has been discovered. But it's something Kaspersky's rivals are also either doing or thinking about. Trend Micro is a big proponent of in-the-cloud protection systems and you can be sure that other players in the space will add this string to their bows at some point.

So is the fact that they're at the forefront of technological innovation enough to make a dent in Symantec's and McAfee's market share?

Well, Kaspersky has admitted it needs to focus more on the corporate market and may find it difficult to persuade the risk-averse CSO to abandon his investments with the big two and go with the little Russian dynamo. But with further developments of Kaspersky's corporate offering including enhanced heuristic and emulation technologies and new ways of detecting malware based on similarity techniques, it will certainly be interesting to see the vendor try.

December 4, 2008 | Permalink | Comments (0)