Founder and CEO of FirEye Inc., a network security appliance vendor, Ashar Aziz was interviewed by SearchSecurity.com abut the ever changing world of information and network security. Throughout the interview, Aziz consistently expresses his doubt that absolute information and network security is possible. Aziz maintains and elaborates on the evolving world of security- malware and botnets being his main emphasis.
Aziz maintains that it is nearly impossible to block or control the malicious activity criminals across the World Wide Web are initiating. Sometimes the malicious malware or stealthy botnets are in avertedly put out into the public domain by harmless bystanders. Whatever the case may be, Aziz states that malware and technologies such as botnets will always be adapting to the newest security measures and developments in order to allow criminals to get what they want; whether that be personal information, credit card account numbers, or data.
Modern malware has adapted in order to communicate information back to the active party seeking information. As Aziz states, “it comes in passively via a Web exploit, a .pdf attack, a JavaScript class of attack and then it’s going back out via HTTP.” Thus hackers are easily capable of theft of data or financial information. Conficker is recently popular botnet that has enjoyed some success. As Aziz explains them, “they crawl in, they crawl right back out and the machine becomes controllable.” Conficker was spreading such “drive-by downloads” through simple exploitation acts. No matter the security, Aziz maintains there will always be a risk involved with the storing of an individual’s coveted information.
Although it has been reiterated over and over again, simple security checks by all individuals are needed. Password strengths, firewall updates, and the like are just some of the common necessities required to ensure the utmost security. As Aziz alleged, security will always be a major concern for those within the information field. There is no way around the ever changing technology of computer hacking.
Source: "Modern malware, stealthy botnets, adapt quickly, expert says" SerachSecurity.com Retrieved 3 Nov 2009. (http://searchsecurity.techtarget.com/news/interview/0,289202,sid14_gci1373367,00.html).
Posts
I think that the biggest takeaway from this article is the fact that we can never be content with our security. Hackers and other criminals are consistently working to improve their methods, meaning that our security is continually becoming less effective. Therefore, we in turn need to continue to come up with new ways to improve our security. Additionally, it is important to always maintain the most basic security methods. These include simple things like using strong passwords and encrypting sensitive data. These simple measures, while not enough by themselves, can make it so that the average person is not able to compromise your security, which is always reassuring.
ReplyDeleteWell, I think that this is a reasonable conclusion to come to: that we will never be 100% safe, and that is just something that people will have to get used to. As the article says, malware will always be trying to get around the newest form of security in order to get at the sensitive data; there will always be someone who wants to break into the system. That's not to say that there aren't people who are also working hard to try to prevent these attacks, but I think that the threats will always be one step ahead of the solutions. I think that users should prolly take a more proactive approach to protect themselves with the simple measures of keeping their own security programs updated on their computers. Honestly, I think that a large part of security nowadays is the fact that users don't take these extra steps. While they are not the ultimate protections against malicious attacks, they are immensely helpful, nonetheless.
ReplyDeleteTaking this class makes me think it is even more hopeless to be very secure. There are so many ways for the "bad guys" to do their thing. Just thinking about encryption and how new technology makes it easier and faster for hackers to break immensely complicated algorithms and codes makes it easy to imagine that advances in encryption technology will have to continue to be made. The same is true for any other form of security. Also, as people come to rely more and more on technology, there is more and more information that hackers can steal. Add that to the fact that people are often lazy or stupid or simply unaware, and sometimes it's not even much of a challenge for hackers to succeed.
ReplyDeleteIt's also true though that advances in information security are continually occurring. It is a never ending race, and we just have to hope that the "good guys" can gain and keep an advantage. Then we have to actually implement those advances to protect ourselves.
This comment has been removed by the author.
ReplyDeleteIn reality, the point of this article is an enduring feature of human history.
ReplyDeleteThink about it, early civilizations built shelters and fences to keep people out, but attackers figured out ways to defeat such defenses with fire, ladders, catapults, ect.
This cycle only continued: new threat, new defense, new way to over come defense and so on. Now we are building "firewalls" around networked connections of critical data. Government agencies and militaries have whole departments to defending against threats to info security.
Nothing ever is 100% safe. But there are practices that can take care of most problems. Nevertheless, we are always at risk, and must keep our thinking several steps ahead of today's threats.
This article is like all the other things we have been talking about when dealing with security within the growing technology. People and businesses are always looking to find the the easiest and fastest way, but if you were to read this article you would realize we need to continually be more on the safe side. I believe that as the previous people mentioned that we need to always be looking for better and new methods to increase the security that is found around sensitive data. The criminals are always going to try and find new ways to steal this sensitive information. But this is a pattern that has gone one throughout time, such as bak robbers of the past people never thought they would be stopped but now we do a pretty good job of that. Finding the best way to secure this sensitive information is going to take a long time as the article talked about and there will more than likely never be a time where information in this world is perfectly safe.
ReplyDeleteI certainly agree with Aziz. While I am not an expert on technology or computers, it seems that no matter how advanced the security becomes, new ways of compromising technology are developed. This is generally the case with any sort of defense strategy. A successful defense prompts individuals to seek ways of defeating it and, inevitably, one is found. Therefore, while the future of security may look bleak, I think it only mirrors this sort of back and forth interaction between protection and hacking.
ReplyDelete