 "'Virus, Trojan Earnings Fund Terrorist Operations'")
In a one-on-one with Biztech2.0, Mikko Hypponen, chief research officer, F-Secure, talks about the hidden side of cyber terrorism and highlights the course enterprises should take to secure their environment.
How is F-Secure using cloud computing to fight security issues?
We started using cloud computing with our latest product release two months ago i.e. the F-Secure 2009 series of products. In this particular product range, whenever users run a programme on their computer, the F-Secure software running on their computer will query online the source of the programme and the clusters on the Internet cloud involved in running it. This basically means that the safety of the programme that the user is about to run is questioned. The cloud answers back whether the file is safe to be run or not and whether to go ahead with it. This enables us (F-Secure) to function with larger databases as we are no longer restricted by the memory of the computers of our users. In our own cloud-based clusters, we can have as many large databases as we want. Database listing is of both unsafe and safe programmes.
What sort of enterprise security framework should CIOs put in place to secure their environment?
I strongly feel that for securing corporations or homes, there is a need to change security from a product to a service. The main logic here is that we do not have enough security experts in the whole world for every single company. This means that most small and medium sized companies have security experts, who do not know what they are doing. We would get much better results if they were to pull available experts from a central location and take advantage of security as a service. Getting back, CIOs should be having a layered security framework i.e. they should have security on top of security on top of security. This implies a set of products running on the workstations, gateways, servers and firewalls. So even if one layer fails, there still remains hope to counter whatever attack they may be hit with at the next layer.
Is the trend moving towards smart security where breachers are detected at the application level?
I do think that core security has to be provided by the software, because it has to be running on the machines themselves. By doing this, we can surely make security more manageable while we get rid of big problems via gateway filtering techniques like e-mail filters or firewalls or any other physical device used to filter the traffic. Regardless of other arrangements, protection on the workstation itself is essential and this has to be through software, which is necessary for many reasons. One of the reasons is that network protection mechanisms can never fully see what is going on at the workstations, they cannot scan encrypted traffic and at the very least, workstations do receive data from sources other than the network. (e.g. USB drives)
What is F-Secure’s future security roadmap?
F-Secure has been running a very thorough threat analysis process for many years. So we are monitoring that and trying to understand what the next step is. What is the next attack online criminals have in the pipeline? What is the next mechanism they will be using to steal money online? We constantly try to answer these questions and build our protection accordingly. There are more attacks these days on new platforms like mobile phone devices and smartphones.
With global recession, where do you see investments in security going?
Security is the very last area where investments may be cut. Companies do need security. Security cuts could however, be linked to lay-offs i.e. if there are lay-offs, there are lesser number of people and computers to secure. I think all other areas of IT get hurt before security does.
What are the latest trends in security to watch out for?
One thing, which we briefly touched upon is the mobile phone, which is clearly on the rise especially with new devices like the iphone. With 3G becoming more commonplace, it only fuels the usage of smartphones in general. On the PC side, the trend is that risks are moving more and more from e-mail to the Web. Now it is more likely for a PC to get infected by surfing the Web.
Where do you see cyber terrorism going?
Cyber terrorism is a problematic term unless it is clearly defined. We do see how protests and different kinds of attacks are made all the time on the net. Whether those can be categorised as cyber terrorism is a bit unclear. One thing we do see is terrorism funding being done with trojans and viruses. Viruses and Trojans are used to make money and some of that money is going back to funding terrorist operations.
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
 "Israel targets top Hamas leaders in Doha; Qatar, Iran condemn strike as violation of sovereignty")
 "Nepal: Oli to continue until new PM is sworn in, nation on edge as all branches of govt torched")
 "Who is CP Radhakrishnan, India's next vice-president?")
 "Israel informed US ahead of strikes on Hamas leaders in Doha, says White House")
