IGuRu.gr had a very interesting conversation with Alexandru Catalin Cosoi, PhD Chief Security Strategist of Bitdefender. We present you the interview conducted with the help of AlfaVAD's official distributor Bitdefender. For more information go to www.bitdefender.gr
iGuRu.gr: What were the new trends in Internet threats for 2014?
During 2014 we have seen an alarming increase in ransomware attacks (eg CryptoLocker, CryptoWall, etc.) along with many security vulnerabilities that have been exposed by cyber criminals and security researchers (eg Heartbleed, Shellshock, etc).
Cyber attacks and data breaches in Verizon, JP Morgan, Home Depot, and Sony have become headlines and caused millions of billions, if not billions of dollars in the above companies, turning 2014 into a milestone year for cyber criminals and security companies
iGuRu.gr: Do you have any information about Greece about threats or any other special feature?
Οι απειλές για Android αντιπροσωπεύουν την πιο αξιοσημείωτη αλλαγή στον τρόπο που το κακόβουλο software μαστίζει τους Έλληνες χρήστες. Κατά το πρώτο εξάμηνο του 2014, το κακόβουλο λογισμικό της οικογένειας Android.Trojan.SMSSend είχε φτάσει στο 51,94% του συνολικού αριθμού των αναφορών, κάτι που σημαίνει ότι ένα μεγάλο μέρος χρηστών εγκατέστησαν (κατά λάθος ίσως) κακόβουλες εφαρμογές που στέλνουν μηνύματα κειμένου σε αριθμούς υψηλής χρέωσης χωρίς να το γνωρίζει ο ιδιοκτήτης.
The second half of 2014 appears to be even more productive for this malware, as the percentage has reached 67,90% of the total number of reports from Greece.
It seems that a large number of users either chose to install (infected) third-party Marketplace applications or were victims of drive-by attacks while browsing.
Either way, we recommend anyone with an Android device to download and install a portable security solution that can protect them from any online threats (such as malicious websites or apps).
iGuRu.gr: Bitdefender has many years in the field with many successes, awards and a reliable presence in the field of security and research. Do you remember a difficult incident?
This is the kind of industry where intense competition is always difficult. Although direct competition among AV manufacturers is always a significant factor, we are always in competition with cyber criminals, as the continued development of new malware is trying to bypass security technologies.
Η Bitdefender είναι μια company ασφάλειας , πράγμα που σημαίνει ότι πραγματοποιούμε συνεχώς έρευνα και αναπτύσσουμε νέες τεχνολογίες ασφαλείας οι οποίες σχεδιάζονται για να ανιχνεύουν προληπτικά ακόμη και νέες ή άγνωστες απειλές.
We are dynamically building up scalable infrastructures that are capable of supporting all of the threats to meet the need for top security and performance.
As for the difficult incidents, every day we face a potentially difficult situation, because malware developers are never resting. As threats are becoming more complex, it is always difficult to arrive at a timely security solution that can not only repair the damage but also protect against future variants of malware.
iGuRu.gr: How do you feel about security in Greek businesses and public infrastructure?
The infrastructure in Greece is as vulnerable as in any other country. SCADA systems that monitor, regulate and control everything from street lights to water pumps and power grids energys are vulnerable and cyber threats know no borders
Most of these systems use minimal security mechanisms or no security updates, inviting almost the attackers to hit them.
The public infrastructure of each country should be protected by more than one security layer. Imagine what happens if someone gets to control the lights? In a few minutes, there will be hundreds, if not thousands, of road accidents that would cause traffic. In the worst case, lives could be lost. .
The security of public infrastructure against malicious access should be the highest priority for each country.
iGuRu.gr: What's the Future of Virus Protection?
Όσο το Διαδίκτυο λειτουργεί θα υπάρχει πάντα η ανάγκη για λύσεις ασφάλειας. Θα υπάρχει πάντα κάποιος που κάθεται πίσω από ένα φορητό υπολογιστή και προσπαθεί να αποκτήσει πρόσβαση σε λογαριασμούς e-banking, στα διαπιστευτήριά σας ή θα uses τους πόρους των υπολογιστών των θυμάτων του για να πραγματοποιήσει μια επίθεση DDoS.
Naturally, risk-reduction technologies should evolve, in addition to desktop and laptop computers, they should also respond to Internet-of-Things devices to benefit from the same top protection. Smart refrigerators, smart toasters, and even smart microwave ovens should be based on threatening technologies to avoid exposure to hazards. If your smart laundry starts sending spam, it would not be too funny, right? (Maybe it was a bit funny).
iGuRu.gr: Do you have some basic tips for iGuRu.gr readers? How could an average user be protected?
Install an anti-malware and anti-spyware. These programs can instantly detect and remove all known threats. Make sure you get it from a well-known vendor with crystal clear reputation for tracking and repairing a device, as the security of your personal information and files depends on it.
Update all your installed software. Attackers typically exploit unpatched software vulnerabilities. It is known that unapproved Java or Adobe applications are often used as the main point of violation. Of course, you'll need to update Windows regularly as well as all browsers.
Turn on your Firewall. This protective barrier can effectively 'hide' your computer from prying eyes, as attackers are constantly searching for potential victims.
Scan any removable drive. Most malware is present on infected USB flash drives, opening up access roads and much safer networks. Disinfecting all drives before using them is essential.
Powerful passwords. A code with 5 characters could be easier to remember, but a simple brute-force attack would be powerless. Make sure your passwords have at least 12 characters and use a combination of uppercase and lowercase letters along with numbers and special characters.
Avoid email from strangers. Some attackers could try to trick you into downloading infected files. Try not to click on links or open the e-mail attachments unless you are absolutely sure that the person who sends you is trustworthy. An attacker could try to create an email that is either an official government authority or even a lost cousin to be fairly believable and click on a link or open an attachment.
Watch out for Scareware. Sometimes cyber criminals try to scare you to think your computer has already been broken and the only way to be safe again is to download some dubious quality software that will clean up everything. This kind of scareware can be very effective if you do not pay attention. So do not believe that you read and be careful while browsing.
Avoid Free Wi-Fi Hotspots. Public Wi-Fi hotspots can pose a serious security risk, as it is very easy for someone to make high-jack the entire network to infect all connected devices with malicious software. If you need to use a public Wi-Fi connection, make sure you have a VPN connection and that you follow all of the above security tips.
iGuRu.gr: Are there any predictions about 2015?
2015 will probably see more ransomware appear, as it has been a very lucrative fraud technique. Various forms of CriptoWall or CriptoLocker will likely appear with new features, making security much more difficult for these threats.
In the world of mobile threats, we will probably see the same types of emerging threats as we know that malware for mobile phones tend to mimic the behavior of PC malware. So we expect mobile ransomware through drive-by attacks that will make exploit OS vulnerabilities. Considering that Google has officially halted support for Android Jelly Bean and down, almost 1 billion devices are vulnerable, and this may be the starting point for new malware coming to 2015.
The business sector should also transform security, as companies are looking for cloud-based security solutions. This solution will not only prove to be more cost-effective, but will allow small and medium-sized businesses to safely protect their businesses without being in the midst of ongoing cyber-attacks that jeopardize their intellectual property.
iGuRu.gr: Are there plans for Bitdefender CMS protection software?
No.
iGuRu.gr: How does BitDefender help her online community, other than software development?
BitDefender has always believed and is a fan of raising awareness of the online dangers of unsuspecting users. We are constantly trying to educate the online community on how to detect potentially unwanted applications or malware and how to stay safe from the threats that could jeopardize their personal data.
* IGuRu.gr thanked Mr. Alexandru Catalin Cosoi, PhD Chief Security Strategist of Bitdefender, for the updated data describing the security landscape in our country, as well as Ms. Maria Tranou for her help in this interview.
