THE BATTLE RAGES
Field Report
Six months ago, if you had asked me “which is the bigger problem, viruses or spywareâ€, I would have said spyware. That is the exact time you should have given me a swift kick to my chair shaped rear. TODAY (August 27,2008): 2.8 BILLION REPORTED STOLEN IN ONE HEIST. Here’s the quote from Scotland’s Sunday Herald. “AN INTERNATIONAL criminal gang has pulled off one of the most audacious cyber-crimes ever and stolen the identities of an estimated eight million people in a hacking raid that could ultimately net more than 2.8 billion in illegal funds.†That’s just one heist and one instance of what’s going on at an unimaginable pace. Another recent example is the SEK8 Million stolen from the Swedish bank, Nordea.
Like many others I thought formal “virus†threats had been reduced by the flood of AV software being thrown at us daily. I’m not sure when I stepped into this pile of confusion, but what is taking place is an increase in all forms of malware. No longer satisfied with the common infections of the past, custom code is the name of today’s game. Custom code written on a contract basis by the brightest young graduates. Technoliterate Crime Corps are targeting specific audiences, like CEOs, or single bank and retail groups. These heists net millions and sometimes billions with the click of a mouse.
The one point to take from this is, we’re losing the war on cyber crime. While I’m feeling snug and smug behind my oversized LCD monitor, the bad guys are robbing us blind. They are following slick, professional business models to net gigantic profits. They are as structured and well-run as any Wall Street Corporation and probably showing better profits.
Kaspersky Labs reports processing 1.5 million malware samples every year and expects to reach 2 million sometime in 2008. That includes 5 malware samples every two minutes and 17 trojans every 30 minutes. “It doesn’t look like we’re on the winning sideâ€, said Roel Schouwenberg, senior tech assistant, of Kaspersky.
If you think all cyber crimes are committed behind the cloak of the Internet, then think again. It’s becoming more common to see crime syndicates infiltrating AV vendors with actual people, spies, pretending to work for your favorite software company. What we are viewing as protective software could be code specifically structured and recorded for future infection. The thought is chilling.
Arms Inventory
When your side is losing there are many questions that need to be asked, answered, and acted upon. Without this there is no hope of holding the line, much less advancing on the enemy.
Do we use AV (antivirus) and AS (antispyware) software? The answer to that is unequivocally, YES. By all accounts including PC Pitstop’s recent poll, over 98% of us use this protection. I found that figure surprising given the increasing threats, so the problem doesn’t seem to be apathy on the part of the public.
The next obvious question is whether the protection we’re using is effective. By now most everyone knows that a single solution is probably not enough. I first used a router before I had anything to route to. It was the protection it afforded that I was after. It makes a great firewall and I suggest it to everyone.
Hopefully, we all know to use only one AV (antivirus) at a time. We also know that many people will use an additional online scan for the protection that multiple libraries and malware definitions can provide. I run online scans regularly. A little wiser now, I monitor the running processes on my computer as much as I run AS (anti spyware) programs. The OverDrive report of running processes and AS programs like Spybot and Exterminate, are a perfect combination. I’m including some places that offer free scanning below.
FREE ONLINE SCANS
PC Pitstop OverDrive
Trendmicro
Pitstop Virus Scan
Judging from all the latest surveys we’re doing a great job of using the weapons provided. Firewalls, Antivirus, Process Libraries, Spyware prevention and removal tools, are all there and we are taking advantage of them. Other than the sheer number of threats being fired at us minute by minute, what is it that’s contributing to our demise? What is it that we don’t know?
Well, for one thing I don’t know why some people never have problems with spwyare or virus infections and others have nothing but problems. I don’t know who pays for software and who uses free. I know the number of people using free vs. paid is almost exactly 50/50 but I don’t know the breakdown by age. Couldn’t find reliable sources anywhere. Is my tech savvy 18-year-old neighbor more likely to use free than Aunt Lottie? Is free software more likely to have out of date definitions than paid?
I’ve heard more than one person say they thought AV companies were infecting machines to sell more AV software. While I don’t believe that for a minute, I do believe that software vendors have been infiltrated. I do believe there are successful spies placed into security companies without being detected. Are they there to sell more software? NO, but remember, it’s what we don’t know that will hurt us, and right now we still have lots more questions.
___________________________More To Follow__________________________
VIRUS WARS II
September 18-25 Newsletter
1. Targets Defined
2. Mission Orders
3. Plan Of Attack