Vendor Highlight

Mobile Broadband Boost

As the demand for a smooth and seamless integration of Wi-Fi access becomes increasingly important part for the mobile broadband service, Ericsson has announced its 3GPP compliant Wi-Fi network access, control and management solutions.

Read more ...

Expert Talk

Securing Utilities Infrastructure

As a highly critical sector, the oil and gas infrastructure should be one of the most secure, both physically and digitally. This is not the case.

Read more ...

 

Have you ever heard the saying if someone can make it, someone can break it. Sure, this is a clich√© usually reserved for prison escape movies, but it is also true of operating systems. Over the years the PC virus has metamorphosed into something more complicated, the desire to turn your PC into a drone or bot allowing the virus controller to control your PC, sometimes targeting other sites in a distributed denial of service attack, or perhaps just waiting to intercept your banking details. 

virus girl

Prior to broadband connections being widespread, creating large and sophisticated botnets of drone PCs was difficult due to the low speed of the dial-up analog modem. Faster broadband speeds have enabled sophisticated credit card frauds and DDOS attacks. 

 

Today virus attacks can be broken into two categories. Destruction and Purpose. The first type of attack renders your system non functional and is the equivalent of cyber vandalism. The second type of attack is designed as a purpose, whether it is capturing your passwords, transforming your PC into a drone or installing some advertising malware into your browser toolbar, this type of attack is definitely the most dangerous.

Whatever the reason or motivation behind virus infections, what becomes clear is some operating systems are more vulnerable to these attacks than others. Windows based operating systems are definitely the most targeted, since the majority of people run the same operating system. A virus specifically designed to exploit a security loophole in the operating system will quickly spread throughout the infected users contacts and other files, generating infected emails or attaching malicious code with legitimate emails.

The easiest type of infection is with Javascript, which is embedded into almost every web page today. This is the main reason that html images are turned off by default in Outlook and other email clients, it just opens too many backdoor opportunities to hackers and viruses. So why is it that users of Linux and Mac seem to be relatively unscathed when it comes to viruses? The answer lies with the users permissions to execute code. By default users of these systems are not allowed to execute new code, users inherently don't have the ability to execute code as a service or change the runlevel of executable programs.

 

Coupled with the difficulty of creating and distributing the same virus compiled for different versions of Linux, such an undertaking becomes too much a daunting task for most intent on destruction. Windows makes a much softer target in this regard. Not that Linux servers are immune to such attacks, they all have similar exploits to Windows, however, security patching occurs much faster than with Windows since there are significant more individuals tracking and patching vulnerabilities before exploits are realized by the hacking community.

The Anti Microsoft Sentiment

This is probably the single biggest reason why Windows users are targeted. Hackers feel  Microsoft is anticompetitive. Indeed, this is also the motivation behind organizations like Oracle that sponsored open source initiatives such as VirtualBox and Openoffice, which helps even out the playing field, as far as global dominance of office automation products are concerned. As a result of this sentiment, Windows PC's are the targets of more malware, phishing, virus than any other operating systems and as a result keeps virus detection and defense companies gainfully employed.

Firewalls and IPS

As the attacks become more sophisticated, security vendors are tuning their products to help combat the spread of infection. Simple firewall packet inspection rules are not enough on their own to stop a DDOS attack. In fact, the firewall itself may be the intended victim of such an attack. Today, most firewall solutions are coupled with Intrusion Detection and Protection, which allows firewall appliance to drop packets that exceed a certain threshold, such as the number of malformed http request from a particular host, a clear signal that a specific type of attack is being conducted on a web server for example. The firewall security appliance is critical for corporations, however, beyond the remit for most home users, who must rely on software based solution running on their PC.

By Craig Sutherland







You have no rights to post comments