According to the latest internet security report from PandaLabs hackers are breaking all established records when it comes to the nefarious business of creating new threats.

The security firm said that it had recorded five million new strains of malware in just the last three months. Alarmingly most were banking trojans, the rest a mix of adware, worms, hacking tools and spyware. Trojans took a 38 per cent share of all infections, adware was responsible for 18.68 per cent, and worms 14 per cent. Country to country, Taiwan was found to have the most active infections, 29 per cent, but is closely followed by the US and the UK, which both have roughly 25 per cent.

The risk of infection continues to worsen, according to PandaLabs, which paints a bleak picture of the future. "We are currently receiving some 50,000 new examples of malware everyday, this compares to 37,000 just a few months ago. There is no reason to believe that the situation will improve in the coming months," explained Luis Corrons, technical director at PandaLabs.

PandaLabs said that crooks would throw almost every resource at their disposal in order to infect the maximum number of machines. It said that these varied from social networking attacks to search engine manipulation. The firm also fingered a few firms for exposing their users to potential risks. It called one of the vulnerabilities patched by Microsoft, 'Striking', and another, 'Alarming'.

What with all these risks out there PandaLabs suggests that users install some web security software. You shouldn't need to look too far to find a supplier of that.

October 1, 2009 | Permalink | Comments (0)

Most online users simply ignore 'invalid certificate' warnings despite the security risks involved, according to a recent study by Carnegie Mellon University.

Although VeriSign, one the biggest names behind web certification, recently announced that it has issued more than four million Secure Sockets Layer (SSL) certificates, the research brings into question just how useful they are.

"Everyone knew that there was a problem with these warnings, our study showed dramatically how big the problem was," said Joshua Sunshine, co-author of the Carnegie Mellon paper.

Although warnings can come up due to various technical issues, they exist to help protect users from being redirected to various fake sites or to help catch out typo-squatting, where online fraudsters set up sites with URLs almost identical to their target to catch out those who accidentally misspell an address when typing it in.

According to the study, most internet users simply don't know what the certificates are or what the warnings mean, while others believe they just have to me more careful on sites where these warnings appear.

Interestingly, the results seem to depend a lot on which browser was being used, primarily because the various developers use different language and prompts when displaying certificate warnings.

As a result, users of Mozilla's Firefox 3 browser were the least likely to click through after being shown a warning, and several security warnings created by the researchers themselves were even more effective. According to VerSign, this highlights the need for education and obvious prompts that can help even inexperienced web users to be aware when something may be wrong.

"This research reminds us of the importance of providing usable tools for end users to differentiate between an authentic and an inauthentic web site and emphasises the importance of educating end users on how to use those tools," said Tim Callan, vice president of product marketing at VeriSign.

"That's why the industry has created new interface conventions like the green address bar to make it easier than ever for end users to distinguish between a real site and counterfeit site."

July 28, 2009 | Permalink | Comments (2)

The European Union (EU) has adopted a new Safer Internet Programme, which will be in place as of 1 January 2009 aimed at making the web a safer place for kids.

To support the programme, the EU has announced funding of €55m over five years. This will cover initiatives to raise public awareness and promote a safer online environment, as well as prevent harmful content from being posted on the web.

According to the EU's budget breakdown, 66 per cent or €36.3m of the overall cash pot will be spent on education and promoting a safer web for kids, while the remaining €18.7m will go on tackling harmful content.

The EU also highlighted new research from Eurobarometer, which revealed that three quarters of six- to 17-year olds use the internet, while half of 10-year-olds have a mobile phone.

However, despite kids being comfortable with technology, their parents don't appear to feel the same. The study found that more than half of parents are concerned that their offspring will be the victim of online grooming or cyber bullying. In response, the majority of parents said they did not allow their kids to give out personal details or talk to strangers on the web.

What's worrying about the study is that 41 per cent of parents also admitted they don't use any kind of web filtering or monitoring software - so it's hard to work out how they stop their children from giving out their name, age and other details online, or from chatting to strangers. About two thirds of those not using any filtering tools said this was because they trusted their children, while 14 per cent said they don't know how to get hold of or use monitoring software.

Hopefully part of the €55m funding will trickle down into practical sessions for parents on the many available web filtering tools, how they work and where they can be downloaded or purchased from - and also a useful lesson in cynicism as I'm sure lots of the kids reassuring their parents that they don't give out any personal details or chat to people they don't know online are doing exactly that.

December 10, 2008 | Permalink | Comments (0)

You know how the last blog posting talks about technology being the most important thing in the anti-malware industry? Well, that probably has to be qualified a little bit, because the other key message coming from the Kaspersky Lab New Dimensions press event so far has been the importance of the engineers. So, it's actually all about the technology ... and the people.

Yes, the unsung heroes of anti-malware industry were finally given their day in the sun today - well, not literally, they were still locked away in a windowless room staring at code - as Eugene Kaspersky explained how the astonishing success of the company has been down largely to attracting and keeping talented engineers. The firm is lucky enough to have access to the talent pool of graduates from Russian universities, many of which have a reputation for excellence in engineering and technology courses. But it still has difficulty in finding enough of the best, and on occasion even loses them.

According to Kaspersky, one employee had to re-locate to another software company as it became too distressing to stay on the good side of the malware war, once he found out how much some criminals were making.

That's a pretty extreme example, of course, but what is true is that competition for the best of the best is fierce. Kaspersky also has a bit of an advantage over some of its competitors, however, because of its reputation, VP of R&D Nikolay Grebennikov told me. It is well-known in the industry for innovating, and supporting its engineers with whatever projects they might find it necessary to undertake, so it has garnered a good reputation among the security researcher community. Things get done, in other words, and with the recent creation of the Global Research and Analysis Team (although most security vendors have something like this already) there is yet another lure to tempt potential white hat recruits into the Kaspersky ranks.

December 5, 2008 | Permalink | Comments (0)

Internet and messaging security firm Websense has uncovered its first Christmas virus scam, and we aren't even out of November.

The scam, which is so devilish it can only have come from the Grinch, offers a lucky email recipient the chance to feel like they have the sort of friends who send out tedious e-cards, but has a nasty little payload.

Yep, apparently some swine has spoofed a reputable firm's type of message and put a stinky pile of malicious code in the back of it. Websense said that a URL within the postcard leads the recipient to a .exe file. If downloaded, this creates a backdoor on their computer which allows access to and control of the compromised machine. And all this from a Christmas message celebrating the season of goodwill.

However, it's difficult to not be dismayed with the type of person who would be conned by such a virus. "During the install process an image called xmas.jpg is displayed to the user as a distraction technique," Websense explains. A distraction technique - what are they, monkeys? It's amazing the impact a picture of some elves in Santa's grotto can have on IT security best practice.

Author: David Neal

November 28, 2008 | Permalink | Comments (0)

Some of the advice on offer at security events is interesting, thought-provoking, pertinent and pretty useful for those working in the IT industry; and lots of it is grandmother-sucking-eggs type stuff. And yet it still apparently needs to be said.

At the ISSE security show in Madrid this year, which has always claimed to have one of the more discerning audiences on the security conference circuit - ie the great and good from the information security community - one or two presentations fell into the later category.

Case in point. A presentation on SME security by a researcher from Cardiff University told us that SMEs aren't very good at security. Well, to be fair there was a little more to it than that.

Specific points raised from the research were that very few small firms have requirements in place for security; few test their backup data, even if they actually back up; and most tellingly, only around a quarter said they actually know what information assets they have.

A bit worrying, especially when you consider that SMEs employ about two-thirds of the workforce and contribute in total more to the economy than large organisations.

And then the more useful stuff for security chiefs. Many in the security industry get a lot of value from sharing best practice, looking at the things their peers are doing that have proven to work.

And so Roland Muller, corporate information security officer from Daimler Financial Services, explained the value of security assessments in a multinational organisation. To put it simply: they're very valuable. But the key points Muller made for anyone wanting to do similar were:

1) Get management buy-in for any security assessment scheme.

2) Link the scheme to international standards, rather than a local approach.

3) Maintain regular contact with management and local security guys: "The people who are always the victims".

4) User education is vital: "Policies are written by security guys for security guys. You need a simple way to bring the message to people," Muller said.

October 8, 2008 | Permalink | Comments (1)

You won't believe what people leave on the back seat of black cabs!

What's that? Oh. You would believe it? Because you have forgotten things in the past, and it is actually a fairly common thing? Ah, well. Never mind that now, because just in case you personally have never left an artificial leg, aunt or sticky deposit in a cab, a technology firm called Credant Technologies has done some research into what people do leave behind.

Surprise, surprise that the small, fall-out-of-pocket-sized mobile phone is a fairly regularly forgotten item. A "staggering" 55,843 mobile phones have been left in cabs over the last six months, just in London. That's enough to fill something rather large, or perhaps 12,000 taxis - frustratingly, we can't be sure without having access to this mountain of gadgetry.

Still, when compared to the number of other items left behind, lost mobiles beat all comers.

Twelve dead pheasants? Artificial limbs? Hop off, you can't compete with the mobile army. And as for false teeth - there would have to be a lot of sunken jaws in the metropolis if they are to be seen as serious competitors.

Apparently Credant surveyed 300 cabbies for the research, which has something to do with a security software solution it offers. But we can't help but wonder if they mean 300 drivers polled during expenses-funded rides to and from any number of "let's go to the pub and think of another survey" brainstorming sessions.

We would give them a call, but we've all just come back from the pub in a cab, and yeah... that's right, we can't be bothered.

Author: David Neal

September 16, 2008 | Permalink | Comments (0)

And lo there was a great wailing and gnashing of teeth in Apple headquarters. Is this called the big apple maybe? Less than 24 hours after the firm had fixed a ‘security hole’ that let people, quite reasonably, play the music they had paid for on any devices they want – not just iPods - the software wizards struck again.

There’s an important lesson here; one that the industry has problems learning. There is no such thing as a foolproof security system. A thousand engineering wage slaves will never be able to outperform tens of thousands of amateurs – people who break such systems for the sheer joy of it.

Expect this story to run and run, with Apple’s next move neatly countered by improved software. This is a race Apple can’t win. Instead it should open its proprietary systems and let music be free.

March 23, 2005 | Permalink | Comments (0)