I have been speaking at ISSA meetings, professional associations, technology trade shows, and that kind of thing. I have also been meeting directly with corporate, government and business IT security people to brief them on the dramatic change in the how cybercrime and malware is done these days. It used to be pretty easy to tell when you were infected or hacked – usually it took down your network or email system. Now it is all about financially motivated fraud. The whole field of malicious software has changed from a destructive and highly visible process to what we are calling the “Silent Epidemic”.
This silent epidemic is a serious and growing issue based on long term analysis done by PandaLabs. This is our antivirus lab where suspicious code is caught, dissected and thoroughly analyzed. PandaLabs is also where new signatures files are created to detect this malicious code and prevent them from infecting systems protected by our products and where research and development is done on new technologies to protect consumers and businesses from cyber crime. I have been to the labs (located in Spain) and it is pretty intense.
As I was saying, I have been traveling around briefing these guys on this new silent epidemic. What this boils down to is cyber crime that is so well done, so well hidden, that it is not detected by normal network security techniques and software. This is not code written by amateurs, but neither is it in the realm of the elite hacker anymore.
Cyber crime is getting pretty sophisticated. I do briefings on things like the Russian websites that are buying goods with stolen credit cards then selling this stuff dirt cheap on the internet. I show them screen shots of cyber crime sites that sell high end hacking tools for a few hundred dollars and include a full year technical support. And then there’s the statistics that PandaLabs accumulates through their distributed detection networks, that show what percentage of PCs are infected with malware even when they have antivirus software already installed.
So I thought some people might be interested in some of this stuff. Thought you might like to know what kind of questions these IT security professionals around the country ask me and the answers I have (or don’t have) for them. These guys are truly professionals and don’t take anything at face value – it is quite a task to prove to them that this is really happening. But, once you find an active Trojan or malicious code on their secure networks – it’s quite a different story.