2012: The new age of malware
Malware forms aren't changing much, but the means of delivering it, and its intent, is becoming more stealth and sinister, according to Roger Thompson of ICSA Labs
By Joan Goodchild , Senior Editor
December 12, 2011 — CSO —
Smart devices, social media and increased online activity through app stores and other transaction-based websites are coming together in what one researcher says is a scary combination of factors that have dire implications for national security.
Roger Thompson, recently hired by ICSA Labs, an independent division of Verizon, as the company's first chief emerging threats researcher, says it's time for traditional security measures to move forward in a new direction. Malware has exploded to levels that antivirus software can no longer keep pace with, he said. The tactics criminals use to exploit machines is becoming ever more targeted, with social networks and smartphones to aid them in their background research on victims.
How should the industry respond? Thompson spoke with CSO about thoughts for 2012 and further when it comes to malware, and what needs to change in the fight against it.
You've mentioned that think malware lives in "ages." What is the current age of malware today, as you see it?
This most recent age is the web-attack age. It started in 2005 when things started shifting over to the web-based attacks, exploits and drive-by downloads. That's still going on and we are in an age where there's a lot of money to be made and everyone understands that. Criminals are well organized and opportunistic, and they are mostly attacking us via the web. If it were a baseball game, I would say we are in about the fourth inning. This is going to continue for some time.
But I think we are poised to enter a new age, an age of cyber war. I'm fairly confident. For example, look at the Stuxnet worm. No one knows who really did it and no one knows who the target really was, although we can all speculate. But what we may be confident of after discovering Stuxnet is that any country not thinking along the lines of cyber war before, now is.
The United States has plenty of friends in the world, but it also has plenty of people who don't like it terribly much. If they could do something, like shut off our power, they would.
I feel the new age is one where it's been proven software can damage hardware now, with Stuxnet. And, more importantly, that software can damage infrastructure — that's the part that alarms me.
And I don't believe this stuff is going to be stopped by antivirus software alone. More things need to be done at the IFC level, or possibly at the testing level. Overall, security has to step up.