The Fearful State of Malware Today
Simply stated, it's really getting out of hand.
A number of recent articles in the technology press make it increasing clear that the following themes are true as it pertains to malware today:
- We are increasingly falling behind on detection and mitigation of malware.
- The motivation for malware has moved from hobbyists to organized crime.
- Because of #2, the gap with #1 is only going to get worse unless we make fundamental changes.
A look at just two of these articles, show just how elaborate the malware game has become:
There are several problems here which feed upon each other. One, for a variety of reasons, home users still don't get it. (This is mostly an education issue, because there is often so much fear-mongering on the part of the press when relating issues of security, that people just tune it out. We need to get better about how we communicate these issues.)
The second problem is that insufficient resources are being put into place at the corporate level to address these types of threats. It was easy to put resources towards security (relatively easy, anyway) when the threats were bold and obvious: Mass worms and floods of email viruses.
Now, however, as the primary perpetrators graduate from the ranks of juvenile offenders and bored twenty-somethings into the realms of organized crime, the approach, persistence and sophistication of the efforts has increased significantly.
Suffice it to say that we are in a perilous state, with tools that are not adequate for the task, and a greater need of both funding and awareness. And the fear tactics which carried us through the worm era will no longer be effective in the era of targeted attacks, if only because you can only cry "the sky is falling..." but so many times before you're tuned out.
Today's threats are much harder to detect -- even when you suspect that they exist on any given system. It was easy to articulate the nature of the threat when the mainstream media was busy reporting about companies that were being knocked off the Internet by massive worm attacks. It's not so easy to articulate the level of risk when those companies -- and possibly your company -- are being infiltrated by stealthy targeted attacks, which are not getting any publicity.
We need better visibility into our networks from a Security tools perspective.
We need better corporate support (in terms of policies that will be enforced to keep business risk manageable).
We need for people to understand that Information Security is not something they bolt on, but something that should be embedded in whatever they do.
We need home users to take care of their systems.
We need vendors to make security easier to use regularly.
We need users -- business and home -- to stop turning off security because of convenience.
We need more people to read the book, Beyond Fear by Bruce Schneier.
About Logik!
Andrew S. Baker aka ASB aka Logik!
Andrew is an accomplished, hands-on IT Executive with a solid track record of providing timely and cost-effective business solutions using technology. With over 16 years experience in Information Technology, he has proven to be effective both as a Team Leader and as an individual contributor in designing, deploying, securing and maintaining enterprise networks.
His personal interests include Astronomy, Basketball, Bible Study, Chess, Comics, Computers,
Family Life Ministries, Reading and Strategy/Role Playing games...
Some of his contributions include several whitepapers on technology and Information Security, the UltraTech Knowledgebase, various postings to technology mailing lists and forums, active participation on LinkedIn Answers, along with a number of interviews for articles published in industry magazines.
A condensed version of
Andrew's current resume is available here.