Long gone are the days when PC security mostly meant installing anti-virus software and keeping it updated.
Today, the digital assault on our money and privacy is expanding and changing at a truly mind-boggling pace.
Cyber crime and privacy theft now threaten our mobile phones and tablets, our email and phone calls, retailers’ credit-card terminals, and all online sales and services — potentially any digital device or network with some form of onboard computing capability. (How long will it be before we’re regularly updating the antihacking capabilities of our cars’ onboard computers?)
Defending us against the mounting cyber threat are thousands of security professionals, many of whom met at the recent RSA Conference in San Francisco. Although the main focus of the conference’s attendees was enterprise and government security, it was clear from my talks with show vendors that end users — all of us who connect with the World Wide Web — are the ultimate victims of cybercrime. And, in many cases, we’re also the weakest link in the anti-malware chain, according to security experts.
As I did nearly a year ago (see the March 21, 2013, Top Story, “The malware wars: How you can fight it”), I sat down with security expert Andrew Brandt at the conference and discussed the latest in the battle against malware. Andrew is Solera Networks’ director of threat research, Advanced Threat Protection Group.
The honey pot — luring malware to open servers
With malware code changing with chameleon-like rapidity, security companies are constantly looking at new malware to understand how hackers are operating, how they smuggle their malicious code onto our digital systems, and what actions the code performs when it activates. Security companies must then rapidly adjust their defenses accordingly.
Looking for new threats is what Brandt does all day. Working out of an underground bunker, he monitors an array of intentionally vulnerable PCs.
Notes from the RSA Conference on security