Recently in Malware Category

Do you know where your TinyURL is going?

By
Larissa Gaston
 on April 28, 2009 10:37 AM | | Comments (0)

As Jeff Chandler points out on the Performancing Blog, TinyURLs and the like have been a godsend for those active on Twitter, where you only have 140 characters to get your point across.

 

But clicking on an unknown link can make Internet-savvy users very nervous. It's good to know that most Secure Web Gateways will automatically resolve the TinyURL, bit.ly or other short URL redirects and determine their real destination - and discover and thwart any potential malware threat.

 

True, you still don't know exactly where you're going to end up, but from a security standpoint you can click away with confidence. As long as you've got a good gateway Web security solution in place, that is.

Are these the Halcyon Days, or are they gone forever?

By
Sarah Carter
 on December 2, 2008 7:03 AM | | Comments (0)

[Halcyon:  Oxford English Dictionary: Definition  adj & n calm peaceful]

 

Sarah Carter definition:  sepia tinted memories of days where you only remember the good bits...often a rose tinted remembrance...

 

I don't believe I'm surprised anymore by what happens in our increasingly connected world.  Perhaps I'm a natural cynic.  Having been in the IT security industry for more years than I'll ever admit to, I'm naturally suspicious.  When Steve Gold, one of our well known journalists in the UK, Skype'd me an unsolicited article synopsis text file that he wanted to interview FaceTime about recently, I wouldn't accept the file until he'd answered a specific question I asked him in the Skype IM.  As I explained to Steve, "Sure, we Skype each other regularly, but just because I know you doesn't mean I trust you.  And I certainly don't trust your IT or some of the nefarious characters (I include myself in this list) you associate with and who send you files and information to investigate."

 

I remember, you see, the days of the "I love you virus", the days before we purchased anti-spam and email anti-virus without question. When I'd click on a link that someone in my trusted network would send me, or I'd open a .zip file and the only way that I could stop the resulted virus being propagated out to my entire contacts list, was to reach under my desk and pull out the network cable and then sit and wait red faced for helpdesk to come and rescue me. 

 

It surprises me that people aren't more suspicious, that there is a natural trust between users of real-time communications.

 

At FaceTime (in our labs and through working with customers) we see threats propagating over real time channels every day - protecting you from them, is after all our business.  We've seen Trojans come in over a public IM network, propagate out to all your buddies and then hop over to an enterprise IM network.

 

So, is it just a matter of time then before we see malware and Trojans and worms written specifically for unified messaging and communications platforms, written to take advantage of the inherent trust shared between users?  And are we currently in an equivalent halcyon period that I remember before ILoveYou and email?  Or am I worrying about nothing?

 

Time, I guess will tell.  But next time, I ask you for verification that you are who you say you are when you're sending me a file over IM, or when you're sending me your holiday pics over Skype...well, it's not that I don't trust you.  I just think the halcyon days are long gone. Am I the only one?

 

Chris Boyd Catches Tween Hackers on BBC

By
Sarah Carter
 on November 26, 2008 1:54 PM | | Comments (0)
BBC Television Centre

Image via Wikipedia

I accompanied FaceTime Director of Malware Research Chris Boyd on a trip to BBC Television Centre in London earlier this month for an interview segment.  We'd worked with the BBC Technology group on some footage during the summer and it aired earlier this week on the BBC website.  This led to a rollercoaster week for us with the media here in the UK starting with a front page news story, in the UK's fourth largest daily newspaper, the Metro.  Not long afterwards, we were asked if we'd like to take part in Friday's edition of BBC Newsround.

 

What sparked this media frenzy was the release of footage of Boyd, the leading man in FaceTime Security Labs research team, talking about the phenomenon of kids using the Net, using forums and other social networking sites to share, sell and trade stolen identities, credit cards, game cracks and expensive software license keys.

 

If you grew up in the UK in the 70's or 80's you'll remember John Craven's Newsround.  At 5pm every day John Craven - and the latter teams, once he retired from his 27 year stint on the program, presented a 15 minute new programme, specifically targeted to young people.  I grew up with it, as did many of my peers. Their kids are now watching the noughties version of this real world, real time show.   So, you can imagine the excitement in the FaceTime camp when we arrived at Wood Lane tube station and walked up to the front gates of the BBC.

 

After we'd got through the public facing area - yes there are Daleks (they're much smaller than I imagined.) and the Tardis (just exactly as I imagined) - we noticed that the Newsround offices are very much like any other office, albeit a primary colour oriented office.  The team is young, bouncy (is that a real word to describe people?) and you can visibly see them translating your words into "young person speak," as the target audience for Newsround is the 6-12 year olds.  You can see coverage of this on the BBC website 

 

Chris talked in his video article about how kids of twelve start on the hacker track by finding cracks for games and then, high on the resulting ego trip, show off their prowess to mates.  While it might be fun and may make them the centre of their peer group, it's still illegal, it's still cybercrime, and it's usually the beginnings of lifestyle that may stop them from having a career they would actually want to put on their CV.

 

Whilst Chris was explaining this, Ricky Boleta, our given Newsround presenter, was translating it into pre-teen speak. He was stunned that these young children were actually involved in this kind of criminal activity. Chris detailed some of the techniques these kids used to share, steal and pass on this information. 

 

I'm pretty sure that unless you're in our IT Security Industry, it's nigh on impossible as a parent to understand what kids are up to these days whilst surfing - and I certainly know that most kids these days are more savvy at all the hacks they use to move up to the next level in World of Warcraft. Taking the next step to criminality isn't hard. Perhaps this is the "noughties" version of stealing a penny sweet from the store. Except the life lesson that they're going to learn is a darn sight harsher than a cane across the knuckles. (oo I'm showing my age and education there....)

 

I invite you to watch the BBC video and see what all the fuss is about.

New Research: Tracking security incidents against a growing use of collaborative Internet applications

By
Frank Cabri
 on October 27, 2008 12:08 AM | | Comments (0)

For the fourth consecutive year, FaceTime has commissioned a survey of IT managers and end users to track the use of Internet-based applications - things like IM, Skype, P2P, social networking and other Web 2.0 apps. We also surveyed employee attitudes toward use of those applications and their impact on IT and the organization in terms of security, data leakage and compliance.

 

As in prior years, the research was conducted among a large sample of corporate IT managers and end users across all size organizations in North America, UK and Europe. The research study includes compiled data from more than 500 IT managers and end users. The results are quite revealing.

 

 

AnyInternetAppsChart 

    • Use of consumer oriented Internet applications has reached 97% of organizations, up from 85% in 2007 and, on average, companies report 9.3 applications in use by its employees on the enterprise network
    • 73% of IT managers report at least one security incident as a result of Internet application usage; Viruses, Trojans and worms (59%) are most common, followed by spyware (57%) for a close second
    • 37% of companies report an instance of non-compliance; 27% report accidental data leakage
    • IT managers report an average of 34 incidents per month, and the largest companies project $125K monthly to remediate Internet usage related security, compliance and data leakage issues
    • 51% of end users access social media sites at least once per day and  79% of employees use social media (Facebook, LinkedIn, You Tube) at work for business reasons
    • Sixty-eight percent of IT managers have archiving and retrieval methods for corporate email. About half that many--31 percent--store IM communications. One in four has copies of audio conferences (25%), while slightly fewer (20%) archive corporate Web conferences
    • If requested by corporate attorneys to reproduce IM communications--in the event of a lawsuit, for example--51 percent of IT managers could not do it. Thirty-eight percent because they have no such capabilities and 13 percent could do it but not in any practical time frame
    • Unified Communications suites exist at about 29 percent of IT respondent organizations. Ten percent have deployed pilots to a limited number of users, while 19 percent have deployed UC for the majority of their endusers

We'll be delving into various aspects of this exhaustive survey in the coming weeks, to break down just what this data is telling us about what's happening on corporate networks and what it means to both IT managers and end users.

Automated Twitter spam on the way?

By
Frank Cabri
 on August 11, 2008 10:54 AM | | Comments (0)

Our research director, Chris Boyd, has posted an interesting description of a new micro-blogging spam discovery. What does this have to do with businesses, you ask? 

Two things: Twitter has the potential to be a business tool, and employees are bringing it into the enterprise anyway.   

Companies like Zappos are on the leading edge of using Twitter for business. They're encouraging employees to Twitter, and using it for customer service and tracking it for branding information. So many indispensable business tools crept into the enterprise the same way (email, IM, file sharing, and even Web surfing).   

Plus, chances are your employees are using Twitter at the office somehow: on the Web, texting from a company cell phone, or through the dozens of apps that connect with the service. Those dozens of apps bring us back to Chris Boyd's discovery.  He discovered a new tool to produce automated spam micro-blogging messages.  It's not hitting Twitter itself yet, but similar sites that are popular abroad. The spammer hooks a micro-blogging account up to a MSN instant messaging client, and then infects their IM client with a bot to spew messages.  It could be used to spread malware or adware links. 

Just as with IM, Twitter messages are so immediate and informal that people are more likely to click a link without thinking.  We're all trained to avoid spam email, but it's harder to tell if a brief message is legitimate. 

For now, this discovery hasn't hit Twitter because the integration is complicated, but watch this space...and tell your employees not to click on just any hyperlink.

« Enterprise IM | Main Index | Archives | New Internet »

About this Archive

This page is a archive of recent entries in the Malware category.

Enterprise IM is the previous category.

New Internet is the next category.

Find recent content on the main index or look in the archives to find all content.

Twitter Updates

follow us on Twitter

Search

Blog Roll

Collaborative Thinking

Ed Brill

Eileen Brown's Weblog

Enterprise 2.0 Blog

FastForward

Irwin Lazar

No Jitter

Schneier

Single Point of Contact

SKT

Team Think

Technology Live

Techland

The Facebook Blog

The Impact of Information Technology (IT) on Businesses and their Leaders

The Osterman Research Blog

The User View

Security Fix

Zero Day

Comment/Trackback Policy

This site supports an open comment policy. Rude, wasteful, off-topic, privacy-intruding or libelous comments will be deleted. Comments will remain open unless abused.