User education key to prevent deteriorating online security

Experts warn that global security landscape is seeing a spike in "high quality" malware and stress that education is vital to preventing attacks on financial institutions and other critical infrastructures.
Written by Tyler Thia, Contributor

As malware becomes more sophisticated, the security industry needs to combat the looming threat by simplifying antivirus software, educating consumer and enterprise users on today's cyberthreats and strengthening public and private sector collaboration, urged a Sophos executive.

James Lyne, chief technologist in Sophos' office of the CTO, revealed that the online security landscape has changed, with up to 60,000 new, "high quality" malware being disseminated daily, thereby intensifying the global cybersecurity situation. These sophisticated malware, which are capable of scanning computers for confidential information, intellectual property and other critical information, are used to steal financial data, he added.

The executive was in town to speak at the Governmentware 2010 Conference and Exhbition.

He also pointed out that cybercrooks, which are often funded by organized gangs, are no longer just eyeing credit card information but any data that can reap a financial gain.

"We're seeing an increasing number of cybercriminals hacking into software design companies to steal certificates so they can sign on their malware to make it appear legitimate, bypassing traditional antivirus detectors," explained Lyne.

Strategy to fight cybercrime
As the security threat looms ominously and with no "real" solution in sight, the security expert recommended a three-pronged approach to retaliate against these cybercriminals.

Firstly, he said there is a need to modernize security technology. Instead of adding more control layers to antivirus software that end-users have to figure out and configure, security vendors should look into improving its usability so as to get people to adopt and be comfortable using these programs, Lyne urged.

Also, every level of society should be educated on the importance of online security and "simple best practices". He noted that with the advent of social engineering, which exploits people through their online usage and behavior, it is easy for the "uneducated" to be victimized.

To combat this, both schools and the corporate world have "critical" parts to play to spread the importance of safe online practices, the executive said. High level executives, for one, have been identified as one of the biggest social engineering risks for organizations, according to a ZDNet Asia report.

The increasing presence of malware posing as antivirus software is also a worrying trend, added Lyne. "[These products have] legitimate domain names, business presence, some of them even have product support, and many of these come localized in different versions."

Lastly, collaboration between private and public sector can be further strengthened to promote greater awareness and build up the talent pool for the security industry, the expert stated.

"It's happening in most countries, such as in the U.K. where Sophos is running a national competition with the Office of Cyber Security and is designed to identify potential young talents to join the security industry," he revealed.

In Singapore, the Infocomm Development Authority (IDA) works with various government agencies to promote responsible Internet usage. For instance, it issued a Code of Practice into the telecommunications regulatory framework in March this year to ensure Internet Service Providers (ISPs) adhere to security protection against cyberthreats.

Lawmakers have to be agile too, in order to keep up with the pace of cybercriminals, suggested Lyne. While it is typical that regulations can take years to implement, criminals require only minutes and seconds to carry out attacks. The Sophos executive said governments must change the way cybersecurity laws are defined to tackle cybercrime more effectively.

Raising user awareness is also something that McAfee's cybercrime strategist Pamela Warren is strongly supportive of. She explained that "zombie" computers, which are used to launch malware attacks, will be harder to create with an educated user base.

The security expert told ZDNet Asia in an interview that McAfee has set up a comprehensive Web site with the U.S. Department of Homeland Security to help educate and empower citizens on cybercrime risks.

"The Web site has a high level scanner which will tell users whether their computers are running with an updated antivirus software, if they have visited malicious websites, and if so, what are the risks. In the event of an attack, [visitors to the site] can also find out how to report the crime," said Warren, who was also in town to attend Govware 2010.

She pointed out that the initiative has been well-received with law enforcement officials and the security vendor is now looking at working with other governments to introduce such a template.

McAfee is also involved with cybersecuritycampaigns around the world, where local staff go to schools to highlight online security awareness.

Criminals hard to track
However, prevention is still a better solution than a legal cure in today's cybersecurity landscape.

According to security vendor Kaspersky Lab's report, more than 327 million attempts were made to infect users' computers in different countries around the world during the first three months of 2010. Top countries targeted by cybercrooks include China, Russia and India, the report stated. But, Sophos' Lyne said criminals behind these attacks may not be operating within these countries, thereby making prosecution an uphill task.

"For all you know, [the criminals] may be two doors away from now as we speak," he noted. "They could be pushing malware through foreign IP addresses, so it is very difficult to track their origins."

With cross-border jurisdiction lacking and the "protected status" of some of these criminals, McAfee's Warren said many of these people are still out-at-large posing a huge risk to the Internet community and critical infrastructure.

Both experts agree that while countries have to increase cooperation in areas of information sharing, an international body to police the Internet might be an effective option to further enhance cybersecurity.

Editorial standards