/>
X
Tech

Malware? It's just business!

Malware, these days, is so good that it simply has to be produced by professional development teams. What's more, the criminals choose their targets with business-like decisions over expected return on investment.
Written by Stilgherrian , Contributor

Play audio version

Malware, these days, is so good that it simply has to be produced by professional development teams. What's more, the criminals choose their targets with business-like decisions over expected return on investment.

As Yuval Ben-Itzhak, chief technology officer of AVG, explains on Patch Monday this week, malware is distributed automatically, and runs on millions of target computers without causing any visible signs that something bad is happening.

"You need to have QA [quality assurance]; you need to have people that are familiar with the internals of the operating system," he said. "These are very well skilled people that have resources to make a product that will not break your PC."

Ben-Itzhak rejects the idea that the vulnerability of computers could be reduced if they were locked down to a restricted set of applications. The only reason that operating systems like Apple's OS X and iOS haven't seen much malware is because their limited market share means that it isn't worth developing the attack tools.

He also calls for mandatory reporting of all cybercrime, so that the politicians will understand that it really is a serious problem. This echoes the frustrations of Detective Superintendent Brian Hay of the Queensland Police, who believes that less than 1 per cent of online crime is reported.

My conversation with Ben-Itzhak coincided with the release of the latest AVG Community Powered Threat Report (PDF).

Meanwhile, there have been further developments since last week's episode on the voluntary internet filtering being introduced by Australian internet service providers (ISPs) in the absence of the government's mandatory system.

On Friday, Canberra-based ISP CyberOne claimed to be the first to implement filtering against the Interpol blacklist of sites hosting child exploitation material — although, it may only have been the first to announce it, since Telstra said later in the day that its filters had also gone live.

Mark Riley, chief technology officer of ContentKeeper — the company that provided CyberOne's filtering — has a few words on the Interpol blacklist.

There's also my usual look at some of last week's news headlines.

To leave an audio comment on the program, Skype to stilgherrian, or phone Sydney 02 8011 3733.

Running time: 29 minutes, 45 seconds

Editorial standards