How the cyber threat landscape is evolving -- Comodo security [Q&A]
In recent years the threats faced by both individuals and businesses have changed thanks to the adoption of new technologies like the cloud, a shift towards social engineering attacks, BYOD and more.
We spoke to Egemen Tas, vice president of engineering for leading certificate authority and security software provider Comodo to get his view on current threats.
BN: How has the threat landscape for PC users changed in recent years?
ET: In the last 15 years, just like everything else, there has been an evolution of cyber-threats. In the past, we used to deal with viruses designed for a variety of purposes, from those written to annoy people to viruses that allowed attackers to control PCs. Then came the worms that were designed to spread and inflict large-scale damage to victims' networks. Today, we are dealing with viruses that act as cyber-weapons and extortion tools. While the old threats still exist, an average PC user now has much more to worry about including: secure online banking and shopping, online extortion, social media privacy and pervasive third party surveillance.
BN: What are the risks posed by increased adoption of the cloud to store data?
ET: Simply put, users' data is a password away from anyone. Previously, physical access was required and now the cloud has changed this. For consumers, they may think that the data they store is only about the file they upload to services such as Dropbox, but in reality, they are putting a lot more data into the cloud. For example, social media is an indirect data storage medium and there are genuine privacy problems in this area.
BN: Is social engineering now a bigger risk than more 'traditional' malware attacks, are people always the weakest link in the security chain?
ET: People are now more connected than ever. So there are more channels to reach people and do social engineering. In the end, viruses need to propagate and social engineering through email (i.e. spamming) is an effective method. Users can stay protected by just following a few basic security practices such as recognizing executable files and not opening the ones coming as email attachments.
BN: How can businesses ensure that their security isn't compromised by BYOD?
ET: In terms of security, compliance and enterprise data protection are two major problems of the BYOD paradigm. Much of the research and innovation is now focusing on enabling BYOD users to access enterprise data securely. Most vendors, including Comodo are focusing on containerization of enterprise applications. These applications run inside a hardened container, which provides various security features such as, encrypted data storage and encrypted communication over the internet. Admins are then able to secure only enterprise data while enabling users to use their own devices to access mission critical company data. Mobile device and data management products can be used for this purpose.
BN: As Windows has become more secure are other systems like Apple and Linux at greater risk and is complacency a factor?
ET: Microsoft's trusted computing initiative has really made a significant difference in Windows' security. However, most modern malware is targeting Windows platforms due to the fact that Windows devices are pervasive. I do not see Apple approaching security in the way that Microsoft approaches it. Apple favors a closed platform approach, where only Apple-approved applications can run. Most people are under the impression that there are no viruses for Apple's platforms. For IOS, this is currently true. However, for MAC OS X, this is not true. I think that Apple needs to build partnerships with antivirus vendors to improve the security of their platforms.
BN: Will the recent Heartbleed OpenSSL bug make online businesses take security more seriously?
ET: It has to. Since this bug was revealed, the potential for its exploitation is very high. An attacker who can steal your private keys is just like a thief who has the keys to your publicly accessible safe. At Comodo, we have many SSL customers, and we are offering them free regeneration of their certificates if they want to do so. More information about the Heartbleed bug can be found on Comodo's blog.