Know your enemy

Trend Micro underlines what must be done to stave off network threats

Tags: MalwareTrend Micro Middle EastUnited Arab Emirates
  • E-Mail
Know your enemy Last year there were almost eight million new malicious files over the 12 month period. - Rik Ferguson, senior security analyst and solutions architect, Trend Micro.
By  Julian Pletts Published  August 2, 2009 Network Middle East Logo

Rik Ferguson, senior security analyst and solutions architect at Trend Micro, is an expert in IT security and on his recent visit to the region he was heard talking about the proliferation of what he calls the ‘underground economy'.

"Every business model that exists in the legitimate business world is replicated in the criminal world, to the point that we see malware with service level agreements," explained Ferguson, who also pointed out that he has even come across malware with end-user license agreements. He advises corporate end-users to be fully aware of the massive challenge they face and the sophistication the undergound economy has taken on.

"Last year there were almost eight million new malicious files over the 12 month period," said Ferguson. "So that is how they are defeating more classical anti-virus and anti-malware detection technology, by changing what the files look like all of the time."

There is often still that sense of ‘it won't happen to me' when it comes to malicious programmes. Education, explains Ferguson, is key to combatting security problems and this complacency.

There are two simple things CIOs must do at the very least to prevent serious malware infections. Luckily these can be done free of charge and will help to instantly increase the security of your network.

"Number one, patch your systems. It is very simple I know, but people do not do it. I am talking about patching your operating systems and applications that you use. It is all equally important. The only way, in some 90-something percent of cases, that you will be susceptible to being affected by a drive-buy download is if you have something that is not patched, because the way that they infect is by using a known vulnerability. If you patch everything most cannot have an effect - there are still what we call zero-day vulnerabilities, that there is no protection against - but they are a lot less common than the known vulnerabilities," explained Ferguson.

Enterprises must offer their users some form of training when it comes to the proper use of IT systems to avoid falling foul of dangerous infections. Trend Micro says this is something it has been, and will continue, to get involved with at a corporate level, through seminars and invited educational events, and through its channel in regions such as the Middle East.

"Number two is education. If companies would have sessions with their employees, or ISPs would offer education to their customers, that would massively raise the level of awareness and reduce the level of compromise. Education is the absolute cornerstone of any security initiative. Security depends on awareness and education," added Ferguson.

Although it is already seeing some assistance, Trend Micro would like to see a greater level of cooperation from internet service providers into tackling the problem as well: "They can then say [to a customer] that ‘you may not realise that your machine is infected or is a bot and we are going to quarantine you until your machine is cleaned up' - why not?" proclaimed Ferguson.

However, the answer might be that at the moment it is just not economically viable.

"I think one of the problems is the price of connectivity to the internet is being driven down massively, so ISPs or XSPs can't afford to offer value added services because their margins are very small anyway. So if they are going to start supplying clean feeds to their customers, customers will have to start being prepared to pay a little bit more money for their feeds," he said.

The future of fighting cyberattacks includes battling to open end-user eyes to the potential dangers.

"The weakest link in the chain when it comes to security is people," said Ferguson. "And people continue to be more exploited than systems and they will continue to be more exploited than systems. Consequently this also means we will see a rise in voice attacks and things like voice-over-IP might add to this."

Add a Comment

Your display name This field is mandatory

Your e-mail address This field is mandatory (Your e-mail address won't be published)

Security code