The personal computer is not immune to attacks by malicious users and hackers. This is true even of large enterprises that place their buck on a large network of computers and computer-based operations. Enterprises must take extreme care to see that their intellectual property is well protected from external and even internal threats. The means traditionally taken to realize this objective is to create a secure computing platform, where agents or users can only perform actions that are allowed. Nevertheless, computer viruses that destroy operating systems and its data lead the current list of IT threats that run many enterprises into bankruptcy.
Dilip Thomas (DT): BitDefender recently expanded its product portfolio with the Enterprise Manager and the Antirootkit Beta tool. Please tell us a bit more about these offerings?
Mihai Rusescu (MR): The Enterprise Manager is not really new. There have been many versions prior to this one, and a major upgrade is planned. The new version makes deployment and administration of multiple server- and desktop security solutions from BitDefender easier than ever before. The Antirootkit is in Beta, and it’s a technology demonstrator for a series of newly-developed defense mechanisms against Windows rootkits, which we feel will be a more important threat in years to come.
DT: BitDefender customers can now detect the JS.Blackworm that attacked the Yahoo! Web site and spread through Yahoo! e-mail. However, analysts are of the opinion that even if security is upgraded, hackers and malicious users will find new ways to break barriers and destroy systems. Your comments?
MR: Security solutions exist to protect users from new exploits or malware. For instance, the unique B-HAVE (Behavioral Heuristic Analyzer in Virtual Environments) technology from BitDefender emulates a virtual computer-inside-a-computer where files entering the computer are run in order to check for potential malware behaviour. If the files "misbehave", they are flagged for further analysis and blocked from executing. This works in most cases, but of course there will always be new threats.
DT: BitDefender Internet Security was recently awarded the Checkmark PC Firewall certification by West Coast Labs. Are home users at as much risk of malware and viruses as large corporations? How often do security solutions need to be upgraded?
MR: No, they are more at risk. Personal computers in an enterprise function in a context of managed IT services, security and risk mitigation included. Home users do not have such a luxury. Software should be updated on an ongoing basis, but BitDefender users need not concern themselves with this aspect. All BitDefender products receive and apply updates automatically, with no user intervention required.
DT: What are the five watchwords that large and small enterprises need to guard against, as regards computer and network security?
MR: I’d say current and past employees, third-party attackers, automated attacks (worms) and viruses. When I’m saying employees, I’m not referring only to those who wish to harm the company. An uneducated computer user is as much of a hazard in the office as an untrained crane operator would be on a construction site. Also, third-party attackers aren’t always antisocial hackers bent on destruction. Sometimes they are serious, dedicated professionals working in industrial or state-sponsored espionage services. Worms may be targeted at a particular piece of enterprise software one target company is using; viruses can be tailored to fool a specific group of users inside the corporation. The mantra to remember here is "Defense in Depth". If you’re a high-value target, you need privilege separation, antivirus solutions, rootkit and intrusion detectors, firewalls, mail and web filters, you need to protect servers and workstations alike, to watch network traffic, both internal and external, like a hawk, to educate users and look out for evildoers and then maybe when a serious attack comes, it will be detected in time.
DT: While security threats from external threats are well-written about, little is known about threats from inside the system. What are the various threats for computer security from internal sources? What is the best solution to counter these hazards?
MR: Yes, as I’ve said before, there are threats from past and current employees, malicious or not and from malicious software. These can be mitigated by a combination of sane security policies and solid security software, backed up by strong user education. BitDefender 8 free edition is two years old, a version that is nearing its planned end of life. Nevertheless, bugs are still being addressed as they surface; they are mostly due to the old code being less than adequate in facing new environments and threats. The current commercial version is 9, and it has gained a lot of praise and prizes, as well as a "Best Buy" recommendation from PC World.
DT: Recent trend has it that fingerprint scanners on personal computers will replace the need for typing in a password. How reliable is fingerprint scanning as regards protecting data on a computer system?
MR: You’re not going to like this answer, as people are tired of passwords, but… they’re not much more reliable. Many attacks have been already demonstrated against such systems. For instance, fingerprints can’t be changed like passwords. I can see a day, if biometrics gains traction in the marketplace, when malicious hackers will create and maintain databases of biometric data, to be used in attacks. Once an evil person lifts your fingerprint from, say, a glass in a bar, and your identity by other means, like say recording data off the credit card you use to pay the bartender with, any systems which you are using or indeed will ever use which authenticate you based only on that print are potentially compromised.
DT: A recent FBI report shows that computer viruses lead the list of IT threats costing companies millions of dollars in lost revenue and stolen intellectual property. This is alarming despite the fact that security solutions have been in place for ages now. Can we expect any respite from computer viruses in the near future?
MR: No. We can expect many more viruses, many of which will be targeted at applications rather than at the operating system.
DT: You have many years of experience in the internet and software arena. Tell us what are the main attributes a customer should look for while opting for a security solution?
MR: Reliability as demonstrated by past performance, good support, the presence of needed features, good price/performance ratio, permissive licensing terms.
DT: Where do you think computer and network security will stand five years from now? Will there be any developments that can not only cure, but detect and prevent threats to the computer system?
MR: There are prevention methods, like the B-HAVE technology from BitDefender, which is able to detect new viruses for which there are no signatures yet, already. However, the security software world is far from having reached a technological peak. As systems evolve, so will threats and defenses.
Mihai Rusescu, BitDefender Operations Manager for Asia Pacific, Latin America and Africa. Mihai graduated in 1997 from Finance and Banking Faculty, the Academy of Economical Studies in Bucharest. After his graduation he started his career as Financial Consultant in chemical and automotive industry. He moved to banking in 1999, being a member of the founding team for Romania International Bank and had stayed there for almost two years in money market and foreign exchange operations. He moved from banking business to internet and software industry in 2000 where together with 2 partners has founded and managing a software development company, creating the first business to business online marketplace in Romania and developing software projects for companies in Romania and Canada. After more than 4 years spent in these emerging areas, SOFTWIN recruited him to be channel sales development manager. His mission was to develop BitDefender distribution network in Asia Pacific, Northern Europe, UK and Netherlands. Starting 2006, Mihai Rusescu was appointed to manage BitDefender operations in Asia Pacific, Latin America and Africa. |
