Bookmark this site

^Search our news archive of 5,958,300 headlines
Free Membership. »More
Last update: New York 01:28
London 06:28
Tokyo 15:28

Already registered?
One News Page » Category » Technology » Wednesday, 4 November 2009 » Malware enemy of the state
Information / Related NewsOpen Full Story in New Window

Malware: enemy of the state

guardian.co.uk Reported by guardian.co.uk
 on Wednesday, 4 November 2009
 (2 weeks ago)
Related Tweets Related Tweets
Related Headlines Related Headlines
Open full story in new window Full news story

As the government begins its crackdown on illegal filesharers, it may be that an even bigger threat comes from malwareThe British government wants to stop filesharing to protect copyright owners, but shows no similar enthusiasm for protecting the general public from malware, which is arguably more important to us - and perhaps to the nation.
After all, what happens to e-commerce if people don't feel secure enough to buy things, do their banking or interact with government online?One problem is trying to determine the size of the problem because antivirus software suppliers and journalists may sometimes exaggerate the threat.
The antivirus companies benefit from shock-horror stories, and we are often happy to write them, especially if the threats have catchy names - Melissa, Blaster, Slammer, Conficker.
Scare stories prompt people to spend money on new or upgraded antivirus protection, so they become more secure, and everybody's happy.
Or, more likely, scared.The risk of exposureDavid Emm, a UK-based antivirus expert with Russian supplier Kaspersky Lab, says: "We're adding 5,000-6,000 [malware] records to our database every day, but it doesn't mean people are exposed to them.
Online crime is like offline crime: we all know people get knifed, and potentially we're all vulnerable to attack, but there are things we can do to minimise the risk."Examples for PC users include running up-to-date antivirus software and firewalls, keeping your operating system and applications patched, not repeating or recycling passwords, and watching for the padlock when using secure sites."It's dangerous for us as an industry to talk up the overall level of threats," adds Emm.
"The threat's genuine, but it's not a juggernaut that's going to run you down."The growth in Mac and Linux use and the increased security of more recent Microsoft software - including Windows 7, Vista and IE8 - has helped encourage "social engineering" and indirect attacks such as phishing, fake antivirus programs, and malware bundled with video codecs or pirate software.
Indeed, there's now a fuzzy line between malware and legitimate software.David Harley, ESET's director of malware intelligence says the UK's biggest malware in October "was actually a 'possibly unwanted program' - an adware toolbar - with 4.02% of detections." There are toolbars with "serious Trojan functionality," he says, but he won't name names "because of the risk of legal difficulties".
In many cases, then, computer security firms are trying to protect us from ourselves.How many PCs are actually infected, and to what level, seems impossible to find out.
Microsoft has just published its seventh Security Intelligence Report (SIR) using data from running its Malicious Software Removal Tool (MSRT) on 450m PCs and OneCare or Defender on more than 100m.
Microsoft UK's head of security Cliff Evans describes it as "the most comprehensive view of the internet threat landscape".The bad news is that worm infections doubled in the first half of 2009, that "Conficker has had a big impact" with about 6m-7m infections at any one time, and "Taterf is specifically targeting people on online role-playing games.
Criminals have decided that worms are a form of attack that should be revisited," he says.But the number of "cleans" in the UK is 4.9 per 1,000 runs, says Evans.
That's only half of one per cent.
Are you more likely to be mugged in the street?Microsoft's numbers won't show the full threat, because MSRT is only run when it delivers patches.
People who have auto-updates turned on probably run antivirus software and firewalls as well, so perhaps their PCs should really be safer.
In places such as China, Russia and Latin America where piracy is rife, and pirate versions of Windows may be heavily pre-infected with Trojans and backdoors, the infection rate is much higher.Still, what researchers call the "threat landscape" has changed dramatically in the past few years, as vandalism has been replaced by organised crime.
Rik Ferguson, senior security advisor at Trend Micro, says around 92% of threats now come from the web, and the growth of malware is being "rocket-fuelled by the firmly established and very lucrative underground economy dealing in stolen information and machines (bots)".
He says: "We have identified over 100m bot-compromised IPs globally, of which 23m are active."Botnets (networks of compromised PCs) concern all of us because they are rented out to scammers who want to send out billions of spam emails, or to attack web servers and hold companies to ransom.
The botnet infection may not have much impact on the person who owns a PC, but it affects the rest of us.Battling the botConficker has been of great interest as it's the best botnet we've seen, though it was also lucky: Microsoft had patched the hole before it got going, so companies and government organisations that don't use its auto-update service were most affected.
Rodney Joffe, chief technologist at Neustar and a member of the Conficker Working Group, says that, in the UK, it infected one of the largest high-street retail chains, a hotel chain, one of the larger universities, a couple of city councils and a London borough, among others.
Clean-up costs have been enormous.Joffe has watched the code improve and now says: "Conficker is rock solid.
The level of sophistication is mind-boggling: it does everything right.
It's going to become the platform of choice for the distribution of malware." As it's the leading example of anti-antivirus technology, it's easy to see Conficker as a frightening indicator for the future.
However, Eric Sites, chief technology office of Sunbelt Software and also a member of the Conficker Working Group, believes "it could be the last of the megabots".He says: "The most successful cybercrime is designed to be parasitic in nature, striving to survive for long periods of time undetected.
Conficker's notoriety has shown that the bigger the bot, the less effective it may end up becoming.
Too much attention means little activity and little gain." What Conficker did achieve was to get people working together to fight it, with F-Secure's chief research officer Mikko Hyppönen saying: "Over my 20-year career in information security, Conficker Working Group has been the single best example of cross-industry co-operation." It's one of the few global threats to get a real global response.Still, one of the points that emerges from Microsoft's SIR is thatsome countries, such as Austria, Finland and Japan, are doing better than others.Acting on impulseIn Finland, for example, they follow up on widely available information about infected computers and actually do something about them.
Finland's Computer Emergency Response Team (CERT) runs an Autoreporter service that tells local IT administrators about breaches and prompts them to act.
SIR quotes Erka Koivunen, head of Finland's CERT, saying: "As a result, the infected computers get treated fast or risk losing connectivity." Botnets don't last long on Finland's networks.What Finland can do, the UK can do.
If the government thinks it's appropriate to cut people off for filesharing, why isn't it appropriate to cut them off if their PCs are part of a botnet? Trend Micro's Ferguson adds: "More ISPs should follow the lead of ComCast in the US, which has begun using pop-ups to notify customers it believes to be infected.
While the headline-grabbing initiatives focus on international espionage and teenage hacker recruitment, the reality is that if we can deprive criminals of their stockpile of compromised machines, we would severely impact their ability to operate."In the future, it seems the most successful criminal malware will be super-stealthy infections that users don't even know they've got.
If that happens, a co-operative community of antivirus companies, researchers, ISPs, police forces and other government agencies may be our only hope.Next week: the threat to the web

Twitter   Tweet the News!91
Twitter login: password:
Register to store your twitter account details
There don't appear to be any related tweets.
Be the first to tweet the news!
Recent related news
Huffington Post
7 hours ago - World		Information / Related NewsOpen Full Story in New WindowRuss Wellen: Can Nuclear Terrorists Be Deterred?
THE DEPROLIFERATOR -- As you no doubt know, deterrence is the product of a balance of power --... »related headlines & tweets»
Industry Standard
9 hours ago - Computer Industry		Information / Related NewsOpen Full Story in New WindowGoogle Chrome OS: Everything You Need to Know
Unless you live in a cave, don't care at all about technology or have been distracted by Sarah... »related headlines & tweets»
guardian.co.uk
17 hours ago - World		Information / Related NewsOpen Full Story in New WindowMichael Tomasky: The war on Christmas starts early
Some of you may not be aware, but here in the states we have a fine Christmas tradition, of fairly... »related headlines & tweets»
guardian.co.uk
20 hours ago - Entertainment		Information / Related NewsOpen Full Story in New WindowDigested classic: Darkness at Noon by Arthur Koestler
'The grammatical fiction of personal guilt prompted another toothache, in the course of which... »related headlines & tweets»
AfterDawn.com
20 hours ago - Technology		Information / Related NewsOpen Full Story in New WindowGoogle introduced Chrome OS
Google has now officially announced information about its Chrome operating system at the press... »related headlines & tweets»
NY Daily News
21 hours ago - Entertainment		Information / Related NewsOpen Full Story in New WindowGatecrasher: Ex-pal raining on Jay-Z's parade
Just as it was announced yesterday that Jay-Z's "Empire State of Mind" hit No. 1 on the Billboard Hot... »related headlines & tweets»
betanews
1 day ago - Technology		Information / Related NewsOpen Full Story in New WindowFive improvements for IT managers in 2010
By Ed Moyle, TechNewsWorld Every year around this time, everyone from antimalware companies to... »related headlines & tweets»
Industry Standard
1 day ago - Computer Industry		Information / Related NewsOpen Full Story in New WindowWhat Chrome OS Means for Business
Today in Mountain View, Google held a press event to announce details of its upcoming Chrome OS. What... »related headlines & tweets»
guardian.co.uk
1 day ago - Sports		Information / Related NewsOpen Full Story in New WindowDylan Hartley is happy to be a front-row thorn between two roses
• England's Kiwi-born hooker ready to make No2 shirt his own• 'All Blacks see me as an... »related headlines & tweets»
guardian.co.uk
1 week ago - Technology		Information / Related NewsOpen Full Story in New WindowWar beneath the web
Hacking websites used to be a way to show off. Now, as Charles Arthur reports in our series about... »related headlines & tweets»
Post this: FacebookFacebook  EmailE-mail  TwitterTwitter  MixxMixx  StumbleUponStumbleUpon  FriendFeedFriendFeed
Newsdesk
Top News
Front Page
Most Popular
All Latest
Business & Finance
Business
Markets
Money
Property
Sports Latest
Sports
World News
Politics
World
Africa
Americas
Asia-Pacific
Europe
Middle East
UK
US
Lifestyle & Interests
Lifestyle
Health
Entertainment
Celebrities
Automotive
Sci-Tech
Science
Technology
Computer Industry
Internet
Corporate News
Press Releases
Environmentally friendly: One News Page is hosted on servers powered solely by renewable energy
© 2009 One News Page Limited. All Rights Reserved.  |  About us  |  Press Releases  |  Terms and Conditions  |  Privacy Policy  |  Content Accreditation
News Tags  |  One News Page - Top Headlines RSS Feed Top News RSS Feed  |  News for my Website  |  Archive  |  Advertise  |  Help  |  Contact us  |  Bookmark
-