IGuRu.gr had a very interesting conversation with Alexandru Catalin Cosoi, PhD Chief Security Strategist of Bitdefender. We present you the interview conducted with the help of AlfaVAD's official distributor Bitdefender. For more information go to www.bitdefender.gr
iGuRu.gr: What were the new trends in Internet threats for 2014?
During 2014 we have seen an alarming increase in ransomware attacks (eg CryptoLocker, CryptoWall, etc.) along with many security vulnerabilities that have been exposed by cyber criminals and security researchers (eg Heartbleed, Shellshock, etc).
Cyber attacks and data breaches in Verizon, JP Morgan, Home Depot, and Sony have become headlines and caused millions of billions, if not billions of dollars in the above companies, turning 2014 into a milestone year for cyber criminals and security companies
iGuRu.gr: Do you have any information about Greece about threats or any other special feature?
Threats to Android represent the most remarkable change in how malicious software is plaguing Greek users. In the first half of 2014, the malware of the Android.Trojan.SMSSend family had reached 51,94% of the total number of reports, which means that a large number of users installed (by mistake) malicious apps that send text messages to numbers high billing without the owner knowing it.
The second half of 2014 appears to be even more productive for this malware, as the percentage has reached 67,90% of the total number of reports from Greece.
It seems that a large number of users either chose to install (infected) third-party Marketplace applications or were victims of drive-by attacks while browsing.
Either way, we recommend anyone with an Android device to download and install a portable security solution that can protect them from any online threats (such as malicious websites or apps).
iGuRu.gr: Bitdefender has many years in the field with many successes, awards and a reliable presence in the field of security and research. Do you remember a difficult incident?
Αυτό είναι το είδος της βιομηχανίας, όπου υπάρχει έντονος ανταγωνισμός είναι πάντα δύσκολο. Αν και ο άμεσος ανταγωνισμός μεταξύ των κατασκευαστών AV είναι πάντα ένας υπολογίσιμος παράγοντας, είμαστε πάντα και σε ανταγωνισμό με τους εγκληματίες του κυβερνοχώρου, καθώς η συνεχιζόμενη ανάπτυξη νέων malware προσπαθεί να παρακάμψει τις technologies security.
Bitdefender is a security company, which means we continuously research and develop new security technologies that are designed to detect even new or unknown threats.
We are dynamically building up scalable infrastructures that are capable of supporting all of the threats to meet the need for top security and performance.
As for the difficult incidents, every day we face a potentially difficult situation, because malware developers are never resting. As threats are becoming more complex, it is always difficult to arrive at a timely security solution that can not only repair the damage but also protect against future variants of malware.
iGuRu.gr: How do you feel about security in Greek businesses and public infrastructure?
Infrastructure in Greece is vulnerable as in any other country. SCADA systems that monitor, control and control everything from street lights to water pumps and power networks are vulnerable and there are no borders in online threats
Most of these systems use minimal security mechanisms or no security updates, inviting almost the attackers to hit them.
The public infrastructure of each country should be protected by more than one security layer. Imagine what happens if someone gets to control the lights? In a few minutes, there will be hundreds, if not thousands, of road accidents that would cause traffic. In the worst case, lives could be lost. .
The security of public infrastructure against malicious access should be the highest priority for each country.
iGuRu.gr: What's the Future of Virus Protection?
Όσο το Διαnetwork λειτουργεί θα υπάρχει πάντα η ανάγκη για λύσεις ασφάλειας. Θα υπάρχει πάντα κάποιος που κάθεται πίσω από ένα φορητό υπολογιστή και προσπαθεί να αποκτήσει πρόσβαση σε λογαριασμούς e-banking, στα διαπιστευτήριά σας ή θα χρησιμοποιεί τους πόρους των υπολογιστών των θυμάτων του για να πραγματοποιήσει μια επίθεση DDoS.
Φυσικά, οι τεχνολογίες μείωσης του κινδύνου θα πρέπει να εξελιχθούν και εκτός από τους επιτραπέζιους και φορητούς υπολογιστές, θα πρέπει να ανταποκρίνονται και στις Appliances του Internet-of-Things για να επωφελούνται από την ίδια κορυφαία προστασία. Τα έξυπνα ψυγεία, οι έξυπνες τοστιέρες, ακόμη και οι έξυπνοι φούρνοι μικροκυμάτων θα πρέπει να βασίζονται σε τεχνολογίες προστασίας από απειλές για να μην εκτίθενται σε κινδύνους. Αν το έξυπνο πλυντήριο σας αρχίσει την αποστολή spam, δεν θα ήταν και πολύ αστείο, έτσι; (Ίσως ήταν λίγο αστείο).
iGuRu.gr: Do you have some basic tips for iGuRu.gr readers? How could an average user be protected?
Install an anti-malware and anti-spyware. These programs can instantly detect and remove all known threats. Make sure you get it from a well-known vendor with crystal clear reputation for tracking and repairing a device, as the security of your personal information and files depends on it.
Update all your installed software. Attackers typically exploit unpatched software vulnerabilities. It is known that unapproved Java or Adobe applications are often used as the main point of violation. Of course, you'll need to update Windows regularly as well as all browsers.
Turn on your Firewall. This protective barrier can effectively 'hide' your computer from prying eyes, as attackers are constantly searching for potential victims.
Scan any removable drive. Τα περισσότερα malware υπάρχουν σε μολυσμένες μονάδες USB flash, ανοίγοντας έτσι δρόμο πρόσβασης και σε δίκτυα πολύ πιο ασφαλή. Η απολύμανση όλων των drives πριν από τη χρήση τους είναι απαραίτητη.
Powerful passwords. A code with 5 characters could be easier to remember, but a simple brute-force attack would be powerless. Make sure your passwords have at least 12 characters and use a combination of uppercase and lowercase letters along with numbers and special characters.
Avoid email from strangers. Some attackers could try to trick you into downloading infected files. Try not to click on links or open the e-mail attachments unless you are absolutely sure that the person who sends you is trustworthy. An attacker could try to create an email that is either an official government authority or even a lost cousin to be fairly believable and click on a link or open an attachment.
Watch out for Scareware. Sometimes cyber criminals try to scare you to think your computer has already been broken and the only way to be safe again is to download some dubious quality software that will clean up everything. This kind of scareware can be very effective if you do not pay attention. So do not believe that you read and be careful while browsing.
Avoid Free Wi-Fi Hotspots. Public Wi-Fi hotspots can pose a serious security risk, as it is very easy for someone to make high-jack the entire network to infect all connected devices with malicious software. If you need to use a public Wi-Fi connection, make sure you have a VPN connection and that you follow all of the above security tips.
iGuRu.gr: Are there any predictions about 2015?
2015 will probably see more ransomware appear, as it has been a very lucrative fraud technique. Various forms of CriptoWall or CriptoLocker will likely appear with new features, making security much more difficult for these threats.
In the world of mobile threats, we will probably see the same types of emerging threats as we know that malware for mobile phones tend to mimic the behavior of PC malware. So we expect mobile ransomware through drive-by attacks that will make exploit OS vulnerabilities. Considering that Google has officially halted support for Android Jelly Bean and down, almost 1 billion devices are vulnerable, and this may be the starting point for new malware coming to 2015.
The business sector should also transform security, as companies are looking for cloud-based security solutions. This solution will not only prove to be more cost-effective, but will allow small and medium-sized businesses to safely protect their businesses without being in the midst of ongoing cyber-attacks that jeopardize their intellectual property.
iGuRu.gr: Are there plans for Bitdefender CMS protection software?
No.
iGuRu.gr: How does BitDefender help her online community, other than software development?
BitDefender has always believed and is a fan of raising awareness of the online dangers of unsuspecting users. We are constantly trying to educate the online community on how to detect potentially unwanted applications or malware and how to stay safe from the threats that could jeopardize their personal data.
* IGuRu.gr thanked Mr. Alexandru Catalin Cosoi, PhD Chief Security Strategist of Bitdefender, for the updated data describing the security landscape in our country, as well as Ms. Maria Tranou for her help in this interview.
