Whats Next ?Alexandru BĂLAN<abalan@bitdefender.com>
Short Summary• Last year...   – Types of malware   – Should AV producers take care of Linux boxes as well     ?• Now...   ...
Last year we talked about...• Examples of malware (viruses, rootkits,  exploits, social engineering)‫‏‬• Windows people ha...
However• The industry is shifting from protecting the data to  protecting the information• If companies have any number of...
Now..• More threats (not necessarily new)‫‏‬  – Botnets  – Code running on your computer (client side    javascript)‫‏‬  –...
What do you see as tomorrows threats and defenses ?Examples:• Cisco/IOS rootkit   – Presented at EUSecWest London UK – May...
What do you see as tomorrows threats and defenses ?• Web OS – Its going to happen!• Threats from and through social networ...
What do you see as tomorrows threats and defenses ?• Phlashing – Remote DOS in any device that supports  firmware update  ...
What do you see as tomorrows threats and defenses ?• “14-Year-Old Turns Tram System Into Personal Train Set”   – A Polish ...
What do you see as tomorrows threats and defenses ?• Firewire DMA bug (connect a laptop to a firewire port, trick  the mac...
The conclusion• Innovation and allocating resources to develop a solution  for a future threat (i.e. cisco anti-rootkit) i...
The conclusion (cont)‫‏‬Because of the above, its difficult to predict and develop the  security solution for tomorrow and...
What can YOU do• Share information !• Demand more from the industry. No matter how crazy it  might sound today it might ju...
Q&A
Upcoming SlideShare
Loading in …5
×

"BitDefender - What's Next" by Alexandru Balan @ eLiberatica 2008

480 views
435 views

Published on

This is a presentation held at eLiberatica 2008.

http://www.eliberatica.ro/2008/

One of the biggest events of its kind in Eastern Europe, eLiberatica brings community leaders from around the world to discuss about the hottest topics in FLOSS movement, demonstrating the advantages of adopting, using and developing Open Source and Free Software solutions.

The eLiberatica organizational committee together with our speakers and guests, have graciously allowed media representatives and all attendees to photograph, videotape and otherwise record their sessions, on the condition that the photos, videos and recordings are licensed under the Creative Commons Share-Alike 3.0 License.

Published in: Technology
0 Comments
0 Likes
Statistics
Notes
  • Be the first to comment

  • Be the first to like this

No Downloads
Views
Total views
480
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
3
Comments
0
Likes
0
Embeds 0
No embeds

No notes for slide

"BitDefender - What's Next" by Alexandru Balan @ eLiberatica 2008

  1. 1. Whats Next ?Alexandru BĂLAN<abalan@bitdefender.com>
  2. 2. Short Summary• Last year... – Types of malware – Should AV producers take care of Linux boxes as well ?• Now... – More threats – More defenses• Whats next ?
  3. 3. Last year we talked about...• Examples of malware (viruses, rootkits, exploits, social engineering)‫‏‬• Windows people having all the “fun”• Apparently theres no need right now for AV producers to extend their focus to *NIX firewalls, rootkits and so on.
  4. 4. However• The industry is shifting from protecting the data to protecting the information• If companies have any number of employees at all, studies show and human nature shows that theres always going to be be somebody that is going to try and take advantage of the system• New threats are emerging
  5. 5. Now..• More threats (not necessarily new)‫‏‬ – Botnets – Code running on your computer (client side javascript)‫‏‬ – Tons of php/sql_injection/other exploits. – The human factor is (as expected) an increasing risk
  6. 6. What do you see as tomorrows threats and defenses ?Examples:• Cisco/IOS rootkit – Presented at EUSecWest London UK – May 2008 – Just “an interesting concept ?” Sebastian Muniz: Ive been told by the cousin of a friend of my girlfriend that this kind of rootkit has previously been used :)‫‏‬ Source: http://eusecwest.com/sebastian-muniz-da-ios-rootkit.html
  7. 7. What do you see as tomorrows threats and defenses ?• Web OS – Its going to happen!• Threats from and through social networks (read: facebook, myspace, ect, ect) are just an example: – Its not exactly spam and its not exactly phishing. You cant even call it “tricking the user”. The users are ignorant enough to click everything and get in contact with everyone – 5 out of 10 “add me” requests are approved on IM – 7 out of 10 “add me” requests are approved in SNS – Usually comments are on a “accept all” basis
  8. 8. What do you see as tomorrows threats and defenses ?• Phlashing – Remote DOS in any device that supports firmware update – Attacking system firmware isnt a new tactic—the CIH/Chernobyl virus was capable of overwriting BIOS firmware back in 1998—but focusing such attacks on network hardware would be an unusual step, and could prove quite successful in at least the short term. Source: http://arstechnica.com/news.ars/post/20080520-phlashing-attacks-could-render-network- hardware-useless.html
  9. 9. What do you see as tomorrows threats and defenses ?• “14-Year-Old Turns Tram System Into Personal Train Set” – A Polish teenager allegedly turned the tram system in the city of Lodz into his own personal train set, triggering chaos and derailing four vehicles in the process. Twelve people were injured in one of the incidents. – The 14-year-old modified a TV remote control so that it could be used to change track points Source : http://www.theregister.co.uk/2008/01/11/tram_hack/
  10. 10. What do you see as tomorrows threats and defenses ?• Firewire DMA bug (connect a laptop to a firewire port, trick the machine into allowing you read/write memory access)‫‏‬ – A tool targeting mainly Windows XP systems has been released by Adam Boileau – To use the tool, hackers must connect a Linux-based computer to a Firewire port on the target machine. The machine is then tricked into allowing the attacking computer to have read and write access to its memory. Source: http://www.theage.com.au/news/security/hack-into-a-windows-pc-no-password- needed/2008/03/04/1204402423638.html
  11. 11. The conclusion• Innovation and allocating resources to develop a solution for a future threat (i.e. cisco anti-rootkit) is risky.• Awareness is still low and surprisingly, getting lower. 10/10 random people asked, will not bother with security for “exotic” threats.• Leaks from the underground have been plugged. We havent heard about anything tasty in some years. This silence is a bad sign
  12. 12. The conclusion (cont)‫‏‬Because of the above, its difficult to predict and develop the security solution for tomorrow and its increasingly easy for attackers to predict where and how to strike next.
  13. 13. What can YOU do• Share information !• Demand more from the industry. No matter how crazy it might sound today it might just be something we wont be able to live without tomorrow• Dont be afraid to “waste resources” with innovation.• Let us know. Send your requests and thoughts toabalan@bitdefender.com . My spam filters as well as our research teams will be happy to take note of them
  14. 14. Q&A

×