Posted by on Sep 12, 2019
In a guest blog post by VB2019 Silver partner TotalAV, Matthew Curd, the software’s Technical Expert, considers the changes in the cybersecurity landscape.
Rediscovered in an old storage box amongst a collection of old magazines, a five-and-a-quarter-inch floppy was brought into the Protected.net office in late June - dated 1989. The disk, older than some of the staff, contains one of the first trojan horses and pieces of ransomware ever documented. Back in its day, the disk was displayed as a giveaway on the front of a computer magazine, with the design leading the reader to believe the contents related to the AIDS virus, including information on scientific research. In fact, the program on the disk would count the number of times the computer was booted and, once it reached 90, it would hide directories and encrypt files – holding the user to ransom for their release.
Potentially thousands of people received the disk around the world, and witnessed what is believed to be the first ever case of ransomware. Today, the AIDS disk is a sought-after piece of security memorabilia and has been framed for display in our office.
Fifteen years ago, instant messaging platforms burst onto the market and brought with them new cybersecurity challenges. Previously, users could not immediately share files with one another – however, today, with multiple platforms outside of email such as Facebook Messenger, WhatsApp and Instagram, file sharing and potential breaches have amplified incredibly. As well as this large target audience for cybercriminals, there will soon be the addition of financial information included within the platforms, as Facebook pushes forward with the development of its own cryptocurrency.
With web usage on mobile devices overtaking that of desktop and laptop use, cybersecurity threats have started the shift to mobile and tablet. We expect to see 20 billion Internet-connected devices by 2020, a figure that is rapidly on the increase due to the Internet of Things (IoT). The scale of opportunity for hackers here is not yet fully understood, but the shift in cybercriminal activity in the last 5-10 years from data theft to data manipulation is a concern when the level of user reliance on these devices is considered. The fact that the data is often in the hands of many private enterprises, device manufacturers, cloud providers and third parties accessing via an API, creates more target points for cybercriminals.
In the years to come the ongoing debate and cultural changes will likely lead to changes in requirements within the industry. Subjects like the use of personal data by marketing, freedom of speec,h and the experience of net neutrality will bring users to look for digital solutions.
With the landscape changing, and users slowly moving away from Microsoft Windows, threats will inevitably change. The blocking at source of dangerous websites and the spotting of phishing attempts will only become more important in the industry.
At TotalAV we believe that blocking the first point of contact with online threats will continue to be the best way forward. Users are getting used to seeing false positive and unnecessary PUA definitions and the security of their digital life is reduced as users become complacent with real-time and scheduled anti-virus scans. This is why we are developing a dynamic URL blacklist, where we aim to crowd-source data initially, but investigate machine learning to accompany our efficient WebShield blocks.
Through this structure, our goal is to provide education to help keep users secure. The emphasis on real-time blocking and PUAs has created a minefield where all kinds of programs are blocked, AV provider to provider, and user machines are impeded by the huge overheads of real-time protection. Encouraging users to understand the threats out there, and the consequences of accessing things for free (at the cost of security or privacy), is the next logical step in a world where user data becomes larger and increases in value day by day.