CICRA releases predictions on cyber security threats for 2012
CICRA that specialises in cyber security threat prevention through
education and penetration testing has released its predictions on cyber
security threats for 2012.
Following is excerpts of an interview with Krishnan Rajagopal, head
of consultants of CICRA on the cyber security predictions for 2012.
Malaysian National Rajagopal is also a consultant to Interpol and
several Fortune 500 companies. He is also a highly acclaimed cyber
security trainer for Certified Ethical Hacker (CEH) programme offered by
the EC-Council, USA.
Krishnan Rajagopal |
Q: Anti-virus software is always seemed to be one step behind
attacks of Viruses, Trojans, and Malwares all the time. Why is this so?
Is it because it’s like a chicken and egg situation?
A: Not really, see when a doctor wants to create a vaccine for
a real world virus what happens is - he usually starts by obtaining a
live sample of the virus and then this live sample is studied and all
attempts are made to understand how it replicates, he then tries to find
its weakness and then builds a vaccine, so that we can prevent it from
spreading.
This scene of operation also applies in the world of computer viruses
as well. When a new virus is discovered in the wild, these antivirus
coders must first get the copy of the actual virus and then what happens
is- it is broken down and then the coders try to find out how it works
and how to stop it - creating what we call as a signature.
Q: You mentioned just now social media and mobile. Social
media as we know is always a target. Will we see an improvement in
security issues of Facebook and other social media sites?
A: Most definitely. Facebook sort of has taken the lead in
this arena, it has spent massively on what we call Facebook Immune
System (FIS) and it is a complex set of algorithms that monitors every
photo that posted on the network, every status update, every click that
is made by everyone of its 800 million users. This means 25 billion
reads and writes or 650,000 actions a second. And Facebook is currently
doing well at this. It is just that when this information is public, the
hackers also know it. Herein lies the danger. Some recent threats have
rendered the FIS unusable. We could expect more of these kinds of
attacks unless these social networking sites keep their systems
up-to-date and be ahead of the attackers rather than reactive.
Q: What are some of the threats that you foresee in cloud
computing besides hacking, viruses and down time issues?
A: I would say lot of people over look this privilege user
access area. When your sensitive data is been processed outside the
enterprise that brings out a lot of risks. Because of the fact that you
simply do not know the level of security controls that are present at
your cloud vendor. That is one issue.
So you need to ask your cloud providers supply specific information
on hiring processes on their privilege users and you need to have
control over that.
Number two is the location of the data itself. Lots of people over
look that. When use cloud computing, we probably won’t even know where
our data stored. You might not even know which country your data is
stored. Try to stipulate this if it’s possible in your contractual
agreement. So at least you know where it is.And then of course try to
plan a site visit to see the physical sites.
Another area people overlook is segregation of data. In a typical
cloud provider - data in the cloud typically in a shared environment.
Your data is alongside with data of other customers and obviously most
vendors would use a common alibi of data encryption. That is not a
cure-all. What you really need to do is find out what is exactly done to
segregate data from the rest. What you have to find out is what measures
have been taken if another customer that is using the same cloud gets
attacked could it be possible that you are also a victim of same attack?
Then of course last two things that you probably need to think of are
recovery and business continuity.
Q: Aren’t they serious issues too?
A: This is always a serious issue.
And then of course the forensic investigation support. Most cloud
vendors do not have proper logging systems. What happens is,these cloud
services become very difficult to investigate because the data spread
out across many places and logs may not be there, more often than not.
When that happens again if you cannot get a contractual commitment to
support specific forms of investigation along with some sort of prove
that the cloud vendor has done this before then your best assumption is
to say that - investigation and discovery request will be impossible in
an event of an incident.
Q: Mobiles could be the big thing in 2012. All smart phones
these days have more information than some of our laptops. What are your
security concerns for smart phones in 2012?
A: Having seen into my crystal ball... smart phone users and
tablet users are at risk. Having said that again let me take you back to
the past. In the past of course cyber-criminals were interested in
credit cards. I think they have had enough of this. I think they
probably have enough cards that they don’t know what to do with it
anymore.
In 2012 what is going to happen is that your social media identity is
the target, that’s more valuable for cyber criminals than your credit
card itself. These bad guys are going to actively buy and sell social
media credentials, in forums.Best method of doing this is by combining
cloud computing and social network. We call this new form of attacks’
blended attack method’.
This is a new way. What happens is, these attackers will now go
through your social media friends as the first point of attack, and then
of course this social media (easiest point of attack) access would be
through your mobile device. We have seen that Facebook app for example
on your mobile device is less secure than a browser. We have seen that.
So when they would get in to your mobile phones, they then get in to
your Facebook...go through your list of friends and make use of the
trust that friends have on you and then carry out the next form of
attack.
Because obviously from Facebook and other social media sites you will
know who is your relative, your brother, your sister, your mother, your
father?
That’s for sure. People tend to post personal details on Facebook and
it makes it easier for the criminal to predict. For Example I could say
“I can’t wait to go to Japan next week”. Next week comes along the way
and if I just log off the actual user (i.e Britney Spears) from Facebook
and the criminal uses Britney’s account pretending to be Britney Spears
and say “Hey look, you know John, I am stuck in Japan, I don’t know what
to do...I have been robbed:(“ This is a common trend that we have
observed in 2011. I think that is going to continue. Only thing is the
first point of an attack could be the smart phone.
Q: So what can smart phone users do?
A: Thousands of mobile device attacks are coming in to smart
phones in 2012. Some of the things to look out for are like London
Olympics, US Presidential election, and Mayan calendar apocalyptic
prophecy are going to be leading to a lot of opportunities for these
cyber criminals. The reality of course is that it is no longer fiction.
In a nut shell, simple advice is:
* Password protect your phone, tablet or any other unit.
* Do not open any e-mails if you do not know the sender.
* Even if it is from a business you know- go to the browser and type
their URL / web site directly.
* Don’t answer any text messages asking for personal information,be
it a bank or anyone else. This is a new trend that we call as
SMiShing;’Phishing over SMS’.
* Never ever, ever click on links.
* Delete spam as much as you can. Don’t answer them ever. Even if
Britney Spears is asking you for a date, don’t answer that.
* Turn-off all Bluetooth devices, when you’re not using them /
actively paired.
* Every phone has got security guidelines by the vendor. Follow them.
Q: Anti-virus software providers are all going to be updating
their products very soon.If you don’t have the latest release of the
anti-virus software, is there a need to purchase the 2012 product, say I
have a one purchased year ago?
A: If you have an active subscription then you are fine. But
if not, go out and get it. As long as you have a valid subscription I
think you don’t need to get another one.
Q: What are some of the basic steps that we users need to take
in order to stay away from any sort of an attack. Since we cannot stop
telling people to be careful what you click. What are some of the
simplest basic steps that we can share?
A: I call them Britney’s Eight Steps for cyber security. There
are:
1. First of all use a firewall. Keep the threats out and keep the
hackers out as well.
2. Then install an antivirus software.
3. Keep it updated. Signatures have to be updated. Get the latest
software updates, whether it is your Operating System or your
software’s.
If someone is creating an update or a patch there is a reason for it.
Most of the time it is security related. So the idea is to keep you
tools sharp.
4. Then of course stop spyware. Have an anti-spyware if you are on
windows especially.
5. And of course make regular backups. You never know what is going
to happen, so protect your data from disaster.
6. If you are on a wireless network, make sure that you understand -
that wireless networks are vulnerable; find the proper ways to get
protected; they are all documented by the respective vendors; read them
and follow the instructions. Use a complicated password. It doesn’t mean
that when you are on WPA2 you could use the password “12345”.
7. Stop unwanted e-mails and try to have an empty spam box. Do not
answer suspicious emails or spam.Delete the spam directly.
8. Then, make sure you make efforts to browse the internet safely.
Make your browser is safe by turning on the safe browsing feature.
Avoid dodgy web sites and of course if you are suspicious about any
email address or any other thing, Google it to find out more about it
before replying to an email or a message.
Q: What is your advice on data back-ups?
A: Most of us do not take back-ups seriously. You need to
back-up your data at least once every week whether you are using a
laptop or a desktop.
If you are using a cloud service, it is easier since it automatically
syncs with your computer.
|