InfoSecurity India's First Magazine on Comprehensive IT Security
Menu Bar
InfoSecurity January 2009

Interview

“Future blended threats will exploit vulnerabilities to initiate, transmit, and spread an attack by using multiple methods and techniques resulting in widespread havoc.”
Govind Rammurthy, CEO & MD, MicroWorld

In an exclusive interview with ‘InfoSecurity’, Govind Rammurthy, CEO & MD, MicroWorld, shared his views on the 2008 security threat landscape as well as its impact and also uncovered the future directions of security threats for the year of 2009 besides identifying the possible preventive methods and solutions.

Currently where is the major thrust from MicroWorld in IT security arena?

MicroWorld is focusing on increasing the market share in the Retail and SMB segment. With increased adoption of IT in small offices, home offices and the SMB segment, the users are at a great risk of infections from Viruses and Trojans. Today’s Malware are capable of identity theft, confidential data theft, bandwidth theft and much more. Also the extensive use of portable storage devices pose a serious threat to confidential data moving out and infection of  systems in both networks and home users.

How do you evaluate the year 2008 in terms of virus attack and how big has been the impact?

To summarize, the IT&C security realm confronted in the 2008 with the following threats and dangers:

  1. 80% of the Malware distributed worldwide consists of Trojans
  2. 1/3 of global Malware exploits OS’s and applications’ vulnerabilities
  3. Text-based spam took over the leadership again, holding 70% of the total unsolicited e-mails
  4. Image spam continued its decline and dropped to 3%
  5. Drugs represent the most advocated content via e-mail spam, with 51 percents of the entire spam volume, while the formerly widely advertised
  6. Stock spam decreased under 10%
  7. 50% of the total Phishing attempts forged identification elements pertaining to financial organizations
  8. Phishers also focused their attention on potential victims from HNI (High Net worth Individuals) segment.

What will be the trend of virus attacks in the year 2009 and how are you prepared to tackle those issues?

We see a spike in the number of infections through Portable Storage Devices as they are largely shared amongst a group of users and so if one of the users gets an infection, they end up infecting the whole group. End Point Security is going to be a major concern area for both networks and home users.

Pod slurping is on a rise by using a portable data storage device such as an iPod digital audio player to illicitly download large quantities of confidential data by directly plugging it into a computer where the data is held, and which may be on the inside of a firewall. As these storage devices become smaller and their storage capacity becomes greater, they are becoming an increasing security risk to companies and government agencies. Access is gained while the computer is unattended.

Wide use of PDA phones increases the virus infection and provides a new gateway to hackers and malicious codes in spam mails and websites around the internet. Introduction to Voice messaging service also provides a new medium to virus infection and hacking of personal data.

But needless to mention that internet will remain the main gateway for the spread of these Viruses and the medium will be through email, IMs, Botnets and infected websites. Malware will run on virtual players directly on the hardware and will be triggered by a key in the operating system, which will make that Operating System unaware of the Malware and unable to detect.

We also feel that Social Networking sites will be Phished in a more concentrated manner with a goal to collect personal information and information of their social network. These messages will include proper names and will be segmented according to demographic or market and will be shorter with less content to filter and some will resemble legitimate newsletters and other special offers. Additionally, scammers will also make greater use of email attachments to convey their messages with more detail, enabling the scam to bypass traditional anti-spam filters.

Apart from all the threats and risks mentioned above, 2009 will also see Malware as a service allowing the bad guys to request the type of Malware they are seeking from an automated system and have it delivered instantaneously. Finally, Malware will become more disposable as bad guys find newer and faster ways to change their Malware so as to make it undetectable by newly adopted anti-virus systems.

Virtualization has been discussed a lot and companies are seriously evaluating this option. Do you suggest anything to these companies on the security vulnerabilities in a virtual computing environment?

Virtualization raises a number of issues as a single compromise of the hosting platform puts the entire data centre at risk. The shared administration of multiple virtual machines at the host system level can imply new risks, as can the possibility of shared access to resources which were once separated by physical boundaries. From a security stand point, not only are the security issues found on networked systems applicable to virtual machines but the virtualization platform and guest virtual machine introduces a new breed of security threats.

An extra layer of protection is needed to effectively protect virtualization environments. This layer needs to properly identify administrators and enforce the principle of least privilege to protect the mission-critical information and services running in the virtual data centre. Operating system hardening also provides an extra layer of security in the form of an AntiVirus system to protect VMs, hosting OSs and privileged partitions against Trojan or Malware attacks.

What kind of solutions do you offer to prevent security loopholes in a virtual environment?

With eScan Corporate and Enterprise editions, the administrators will have an effective control of the environment with the EMC (eScan Management Suite). eScan Management Console (EMC) is a centralized dashboard that empowers the network administrator to enforce an Integrated Security Policy on a network and deploy Information Security related measures such as managing eScan licenses, installing, uninstalling and upgrading of the eScan remotely, send virus outbreak alerts, send security violation notifications, uninstalling of other Antivirus software, enabling or disabling of the eScan Monitor, scanning and updating of the virus signatures across the network. The EMC can also be accessed via Web using a browser. EMC also provides live alerts on Applications running USB drives being used and Site Browsing information in the network.

As threats are becoming more sophisticated and complicated, how do you asses the gravity of future virus attacks?

From simple virus infections to malicious codes in spam mails and websites around the internet, the threats have become blended. The threats have evolved into a deadly combination of spam, viruses, worms, Trojans, root kits, and malicious codes. These blended threats exploit vulnerabilities to initiate, transmit, and spread an attack by using multiple methods and techniques resulting in widespread havoc.
 
Rootkits, Spyware and Adware have added a new dimension to the security threats encountered today. The software that resides on the networks or desktops appears harmless but is efficient enough to affect bandwidth and transmit information outside the networks. Key loggers, Trojan, Spam, and Phishing are other menaces for the network managers to deal with and stop sensitive data being leaked or damaged.

Integrated security solutions have been an approach in recent times. How has MicroWorld responded to this?

Integrated security solutions work well at the perimeter level, but today’s scenario demands solutions that work at the endpoints too. For the perimeter security, we have eConceal firewall that is very much compatible to our MailScan and eScan range of Information security solutions. MailScan works on the mail server level against mail borne attacks, eScan works at both the server and endpoints against both perimeter and endpoint based threats. Our eConceal firewall expends the protection to the network perimeter with Intrusion detection and Prevention.

How industry has responded so far to the recently launched beta version of eScan 10 and how strong has it been than version 9?

We have received excellent and very positive reviews and feedback for the beta version of eScan version 10 from our beta testers and partners. They loved the new Graphical user interface and are very much pleased that advanced configuration settings are also very easily configurable and available. The eScan Version 10 boasts of much advancement over its predecessor, eScan Version 9.

What is your India roadmap in next few years?

Our focus for the coming years is to remain ahead of the competition with new and innovative technologies to combat the fast growing Malware threats. India has always been an important market for us. There has been a shift in the mindsets of the enterprises including SMB’s to deploy licensed security offerings at their end. With our continuous growth, focused approach and innovative offerings, we are aiming for No.1 position as security vendor in India in the next couple of years.

By: 'InfoSecurity' Bureau.


Home   |   Current Issue   |   Archives   |   Subscription   |   Advertisement   |   Contacts

© 2006-07 'InfoSecurity' magazine. All rights reserved.
Website designed, developed and maintained by Fanatic Media