An evaluation of one year in information security

Opinion by Dan Raywood

This week saw my first anniversary of working at SC, and some time before I thought long and hard about how I should mark the occasion.

This week saw my first anniversary of working at SC, and some time before I thought long and hard about how I should mark the occasion.

Now 12 months in news, particularly in information security news, where many areas can be looked at and covered – from data loss to malware, from encryption to social networking scares, is a very long time. When I first started I didn't know anything about security and a year on from that I know a little more and hopefully have gained enough knowledge to provide you as the reader with what you want to know.

When approaching this week's review, my first assumption was that you would not want to spend the remainder of this article reading about what I've learnt, who I've met, what my best/worst experience was etc. So I decided instead to focus on the past 12 months in information security, with insight from the lucky people I am meeting and interviewing this week.

There have been many stories that have caught my eye and hit the headlines, and it was good to gain access to a cross-section of companies this week and gauge varying opinions. To go about this loose survey I asked the same question to the four companies I had face to face meetings with, firstly it was the turn of Blue Coat Systems, who were speaking at the UK launch of version 8.5 of its PacketShaper appliances.

Senior product marketing manager Dave Ewart claimed that a key driver of malware has been the web rather than email attachments.

Ewart said: “This is the whole concept of an application driving the network. Also with Web 2.0, we are now intercepting and capturing cybercriminals using that who are trying to inject malware and links, so they are using it for malicious purposes.

“An admin will say that porn is bad and gambling is bad, and they have been the traditional method for spreading malware but now using interception, cybercriminals can make a campaign last a day but in that day thousands of people have downloaded malware.”

There is no doubt that malware has been a key driver of news headlines over the past 12 months, and it seems that alongside every malware alert there is a story of search engine optimisation (SEO) poisoning when a major story hits.

Leading on to my next ‘victim', Rik Ferguson, senior security advisor at Trend Micro, is no stranger to SC and was one of the first people I met in this job. Previously he spoke about the impact of the Conficker/Downadup worm and its various guises and activities. He alerted me to the detection of the ‘E' variant that was using a previously established P2P network to contact and network with other infected machines.

Ferguson claimed that several stories caught his attention, including the problem of rogue applications and how the rate of delivery has risen over the past year, and claimed that the method of delivery was coming of age.

Speaking on Conficker, Ferguson said: “Conficker was big and people are forgetting about it. We started to see it October/November 2008 but the variant became widespread in January and it was a widely spread piece of code, highly adaptive and changed the way it did what it did to defences and it did fool a lot of observers on the 1st April.

“What was most interesting to me was the part of it used to revive an old-fashioned rogue anti-virus spambot threat, and to see the underlying threat was the same.”

Another trend, pardon the pun, that Trend Micro and the next interviewee spotted was the rise of Twitter. Ferguson and Coppereye CEO Carmen Carey both acknowledged the dramatic rise of the social networking and micro blogging site.

Ferguson said: “Twitter took off in terms of user activity and also in the cybercriminal fraternity. I think it is moving a lot of Web 2.0 organisations to blend security into their policy.”

Meanwhile Carey claimed that this is part of how the web is becoming more dangerous, claiming that ‘the internet was a tangible place ten years ago'. She echoed Blue Coat's comments that the use of applications needs to be looked at, as the human factor needs to be considered.

Carey said: “There has been a large impact of social networking this year, it was around for a while but Facebook and Twitter are part of the language and people are talking about them the way that they did about Starbucks or Kleenex. People are adopting this as it is a whole dynamic of conversation, with Twitter the level of dialogue drives adoption.”

Another early interviewee for me was Simon Church, who at the time was VeriSign's vice president, and has since left to become managing director of Integralis.

Church had described the concept of the ‘perfect storm', and claimed that to do security properly you should empower the security professional properly.

Church said: “It is the concept of the ‘perfect storm' – doing more with less. The shift of the budget from capital expenditure to operational expenditure with the business model, it is the credit crunch forcing people to make decisions and they are finding that they need to make very informed decisions.

“There is a demand for managed services but in an economically managed capacity they are trying to factor in how to regiment the services going forward. You have to factor in risk and managed cost, you are forced off the fence and have got to make a decision.”

Along with Panda Security, with whom I shared an anniversary this week, the past 12 months have been ones I can look back on fondly.

I have tried to keep abreast of what was going on, while trying to keep you informed with news on issues and from companies you are both familiar with and not au fait with. I hope I have succeeded in this venture, and here's to the next year!


Find this article useful?

Get more great articles like this in your inbox every lunchtime

Upcoming event