I spent a day at Infosec2012 this week. I could easily have spent another day there as I only met a fraction of the people that would have been good to talk to. It’s not often I say that about a trade show.
I stopped by the Sophos stand for a looksee. James Lyne, Director of Technology Strategy of Sophos does a magnificent talk on security. He prefaces the talk with a warning not to visit any of the websites he mentions yourself because of the certainty of picking up malware. I’d take his advice.
James picks up malware for a living! On any given day the Sophos labs identify 185,000 new discrete pieces of malware. Yes you did read that right. One hundred and eighty five thousand different pieces of malicious code designed to try and penetrated your computing device with a view to stealing your cash, new every day.
This malware is computer generated and churned out in a wholesale manner. The whole game is run by organised crime and is big business. Customers get access to a control panel that they use to organise criminal “campaigns”. This control panel (screenshot inset – hacked by JL) gives them feedback on their successes – how many machines infected with what, for example. They can also use it to pick their “threat vector” ie what sort of virus/trojan/malware they want to use for their particular spamshot/offensive.
These platforms even have APIs so that crooks can build them into their own resources or add their own specific features!
The gangs involved collaborate. They collate data on anti-malware products produced by Sophos, McAfee et al and can tell in real time whether these companies can detect specific threats. In real time! They also collectively contribute to produce a blacklist of IP addresses used by security products manufacturers so that they block access to their online resources from these addresses.
Many people get caught out. Very many people. They must otherwise these guys would not be in business and I’m sure that most of us know someone who has lost cash or had their PC compromised.
What on earth can you do to protect yourselves in the face of such criminal activity? Sometimes there is nothing you can do as many devices have known vulnerabilities. I saw James Lyne tap into an iPad using a fake hotspot and steal some data. He used a known iPad vulnerability. I switched off the WiFi on my own iPad and even considered wiping all those hotspot credentials stored on my pad that make it easy for me to log on the next time I visit!
It does make sense to make sure that all your software is patched up to date, especially applications such as Adobe. It might sound obvious too but don’t click on a link you aren’t sure of. It doesn’t seem to matter whether you use Microsoft, Apple or Linux. Use sensible password policies. It also makes sense, if you can, to have one separate PC that you only use for banking or ordering stuff online.
I left the show with my head buzzing and thinking I didn’t stand a chance in the big bad world of the interweb. I certainly will be reviewing our home cyber security defences. Stay safe now.
PS you should take a look at Sophos, a British company turning over £600m with 2,000 staff! Not bad.