/>
X

Photos: Inside the malware hunters' den

How F-Secure uses Google and mobile bunkers to catch cyber criminals
By Gemma Simpson, Contributor on
40150796-1-6.jpg
1 of 5 Gemma Simpson/ZDNET

How F-Secure uses Google and mobile bunkers to catch cyber criminals

Antivirus company F-Secure's labs in Finland (pictured) are the heart of its operations monitoring and detecting malware activity around the globe.

The company has a response team which uses a variety of monitoring and detection tools to look out for suspicious cyber activity 24 hours a day, in three shifts, running between its offices in Helsinki and Kuala Lumpa.

Sean Sullivan, a technical expert with F-Secure, said the response team in charge of finding and dealing with any cyber attacks has to deal with, on average, 10,000 different samples of malware everyday and this number is "rising exponentially".

The 16-strong Finnish team hunt through reams of code to find malware in it, with automation tools also running to pick out any repetitions within the different pieces of code to prevent staff going over old ground.

Sullivan said cyber criminals are now using "malware factories" to bombard the networks with viruses and spam because they cannot beat the security companies by using complex code anymore.

The team also uses a host of other tools to hunt and identify a variety of cyber threats, including a mobile phone bunker, which they use to see how devices react to viruses, a Google Earth mash-up and a fake IP address to attract and catch fraudsters and infected machines.

Photo credit: Gemma Simpson

40150796-2-1.jpg
2 of 5 Gemma Simpson/ZDNET

One tool used by the team is World Map (pictured) – which gives a visual representation of which IP addresses of customers using F-Secure products have been infected, and where in the world they are.

The team also uses analytical tools to get an idea of how malware can affect different systems and identify what has changed before and after an attack.

Photo credit: Gemma Simpson

40150796-3-2.jpg
3 of 5 Gemma Simpson/ZDNET

Pictured is the response team's hub – with the World Map app appearing on a screen on the right hand side.

The centre screen uses a Google Earth mash-up to pick out infected IP addresses around the world.

This software works by running a 'fake' IP address with no machines attached to it, so there is no legitimate reason for anyone or anything to contact that address.

However, worms and other malware doing the rounds will contact the fake address. F-Secure can then pinpoint which IP address has made the attack, its location and what the malware is.

F-Secure's Sullivan said once an infected IP address is located there is nothing F-Secure can do directly except contact the appropriate people - such as the police – to deal with the situation.

The company also runs a Bluetooth honeypot within its offices to pick up on any infected mobile devices which may enter the building.

The honeypot's findings appear sporadically on the left hand screen in the shot – which is currently showing a 3D representation of a virus.

Photo credit: Gemma Simpson

40150796-4-5.jpg
4 of 5 Gemma Simpson/ZDNET

F-Secure's mobile bunker (pictured) is where the response team can observe and analyse viruses as they pass from mobile device to device – but within the safety of the sealed room so the virus does not contaminate any public devices.

Mobile security is a relatively new arena for the antivirus company, but as F-Secure CEO, Kimmo Alkio, recently said: "The threat level on mobile malware is not very high at the present time."

Photo credit: Gemma Simpson

40150796-5-3.jpg
5 of 5 Gemma Simpson/ZDNET

Inside the bunker there is a selection of mobile devices which are used for F-Secure investigations.

An F-Secure researcher demonstrated to silicon.com how a Bluetooth virus can pass between mobile devices.

Jarno Niemelä, senior mobile antivirus researcher at F-Secure, said: "Imagine this in a concert hall or sports hall then you can see how easily a virus can spread."

Photo credit: Gemma Simpson

Related Galleries

Holiday wallpaper for your phone: Christmas, Hanukkah, New Year's, and winter scenes
Holiday lights in Central Park background

Related Galleries

Holiday wallpaper for your phone: Christmas, Hanukkah, New Year's, and winter scenes

21 Photos
Winter backgrounds for your next virtual meeting
Wooden lodge in pine forest with heavy snow reflection on Lake O'hara at Yoho national park

Related Galleries

Winter backgrounds for your next virtual meeting

21 Photos
Holiday backgrounds for Zoom: Christmas cheer, New Year's Eve, Hanukkah and winter scenes
3D Rendering Christmas interior

Related Galleries

Holiday backgrounds for Zoom: Christmas cheer, New Year's Eve, Hanukkah and winter scenes

21 Photos
Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza
img-8825

Related Galleries

Hyundai Ioniq 5 and Kia EV6: Electric vehicle extravaganza

26 Photos
A weekend with Google's Chrome OS Flex
img-9792-2

Related Galleries

A weekend with Google's Chrome OS Flex

22 Photos
Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup
shutterstock-1024665187.jpg

Related Galleries

Cybersecurity flaws, customer experiences, smartphone losses, and more: ZDNet's research roundup

8 Photos
Inside a fake $20 '16TB external M.2 SSD'
Full of promises!

Related Galleries

Inside a fake $20 '16TB external M.2 SSD'

8 Photos