The Viren-Test-Center’s founder passed away in May 2015, at the age of 77 (25/5/1937 – +19/5/2015).
A man we all will miss!
Klaus was one of the founders of CARO (the Computer Anti-Virus Research Organization), an organization that was established in 1990 to research and study malware. CARO was planning to create another official and public organization called EICAR, an organization aiming at antivirus research and improving development of security software. It was during the inaugural meeting of EICAR in Brussels, Belgium in 1991 that I’ve met Klaus for the first time.
While talking to Klaus, I got to learn about so many new aspects of viruses and that made me being even more interested in this whole matter. Some of his ideas were very controversial while some others, on the contrary, were even very conservative. His ideas inspired me in a lot of security related topics, events and publications I touched, visited and launched afterwards. At least you could say that, without Klaus and my first encounter with a Trojan horse, back in 1989, I wouldn’t have been into the security industry at all.
I still remember Klaus from his interesting discussions and points of view on a closed security forum. Actually, I still have all of his feedback in my backup system. Some of these old mails range back 19 years! I always stayed in contact with Klaus and I have met him during many security related events like the early EICAR conferences in the nineties.
During one of the latest CARO workshops, I told him about a book that I was writing and he told me that he always would be there in case I needed some advice. For that reason, I asked him, several months ago, to write an opinion chapter about the future of security for my book, called “Cyber Danger” (the German version “Cybergefahr” will be published later this year). I now do realize, that this will most probably be the last words he officially wrote in a book. Klaus will always be remembered as a pioneer. I am greatly saddened to have learned of his death yesterday. He contributed so much to the industry.
Klaus, I still owe you a copy of my book! Somewhere. Sometime.
Anti-virus has evolved for the last 25 years and will continue to do so for the next 25 years
Actually, this is exactly what Alan Solomon wanted to point out: AV is and always will be in an evolving state. He showed that the future of anti-virus programs would evolve, from pure signature-based detection to different kinds of technologies like heuristics and behavioral detection and even to more advanced protection methods. And now, with targeted attacks (aka APTs) and nation-state spying as new players in the threat landscape, AV is making another step in its evolution.
AV solutions are an important layer in the defense for enterprises
So what is it about this time? A couple of days ago, it was Brian Dye, Senior Vice President of Information Security at Symantec, who has claimed that anti-virus is dead, during an interview with The Wall Street Journal. Unfortunately though, the headline “AV is dead” has the potential to be misinterpreted by a wide audience, if it is put in another context.
The statement was part of a description of Symantec’s product strategy for business customers. It is nothing new that AV-solutions are a baseline protection against common threats. They are established and therefore only play a minor role when it comes to outlining the strategic aspects of upcoming security solutions for dedicated attacks. And in the complex environment of a company network, a wide range of special protections are at charge. But Dye’s statement never meant to say that AV products are useless. He just said that it needs more than an AV product to protect a company’s IT infrastructure. And this is undoubtedly true. (more…)
IT security Information for everybody
“Writing a book about cyber threats in a comprehensible and comprehensive way is not an easy task, but the book ‘Cybergevaar ‘ succeeds in this”, certifies the book’s first review, conducted by a well-known Belgian IT magazine, Datanews. The book “Cybergevaar” tries to provide a very readable and very accessible overview of almost every information security related problem and malware. It reaches out to the general audience and does not only target the technically savvy reader but provides information for everybody.
“Cybergevaar” starts with an overview of the history of malware and looks into the many profiles of malware writers and hackers. One of the chapters touches the topic underground economy and is using a lot of examples to explain the involvements. It is based on a whitepaper written by G Data SecurityLabs. Furthermore, new developments in the fields of cyber attacks, sabotage and espionage are discussed and looked into from different angles. The daily threats and the myths about malware are described in a detailed way. Among this, the chapter about general security tips and tricks is interesting for everybody. The book also provides a special chapter with thorough advice for companies.
While exploring the book, the reader can find several exciting security anecdotes and entertaining situations one possibly has never heard of before. Additional clarifications are provided throughout the entire book by use of attractive illustrations and easy-to-understand graphs. High-level opinions of people with experience and interest in the ICT security industry are included: Professionals such as Natalya Kasperskaya (InfoWatch), Ralf Benzmüller (G Data), Peter Kruse (CSIS Security Group), Bob Burls (Independent IT Security Consultant) are amongst the contributors. The book also seeks to elaborate on how governments and the media can play a role in the ‘education’ of users. Moreover, it gives an inside look into the computer security industry and organizations like AMTSO and EICAR. And, of course, ‘Cybergevaar’ does not miss the opportunity to highlight how the problem and its solutions may develop in the future, with a special chapter in the form of a short story – ‘Radical Ransom’ – set in the year 2033.
“Cybergevaar” by Eddy Willems, Lannoo, 213 pages, is now available in Belgian and Dutch bookstores and online shops. Plans to publish this book in other languages, such as German and English, are currently being discussed.
You can also order your version of the book via this webpage: www.lannooshop.com/gdata
Pornography alarm or reboot?
But there is another pitfall: Most computer users do not realize that many software updates do not only need to be installed, but the computer needs to be restarted for the updates and patches to take effect. The combination of ignorance, impatience and laziness is fatal in this sense.
The safety of the PC stands and falls with the combination of your security software, the updates of the OS and other software and especially of your own behavior. Very often, the Achilles heel of PC security is human ‘procrastination’.
Users often don’t want to turn the PC or laptop off completely, because the startup takes too long. The endlessly used method to simply closing the laptop or choosing hibernation state of the PC is a phenomenon that most readers will be familiar with. The use of tablet computers even made it worse: those devices are ready to be used in an instant and therefore have made us even more impatient.
We always loved Microsoft’s operating systems as most of them are adopted very well in the whole world and security has been improving since years. The new incarnation of Windows 8 is somewhat different to the former ones as the interface underwent some notably big changes.
Windows 8 offers the same interface on many devices: Xbox, via desktop to tablet PCs and smart phones. Microsoft tries to make a user experience that is almost universal. Nevertheless, it appears that the app functionalities under Windows RT (the one for ARM tablets) and the program of the desktop version are not always the same.
You might think that having a very similar interface on the different devices enables you to do the same things on different hardware, but that doesn’t seem to be true in all the cases. Sometimes, the decision to change the user experience and the usability is a matter of security, and that is to be welcomed, but all in all, it creates confusion for the user.
A good example is Skype, from Microsoft. You can use it on any Windows device, but it is impossible to send over files under Windows RT – most possibly because of the security restrictions, due to the sandboxing approach. That is an ambiguous feature, from a user’s point of view. And that’s not the only critical view we have.
This is Eddy Willems’ official and original homepage for anti-virus and anti-malware consultancy with links to most anti-malware sites and companies in the world.
This site is the reference in independent anti-malware advice and information. It is also known as the first Belgian anti-virus page and one of the oldest anti-malware sites on the Web. This site is completely renewed in September 2010 and exists since 1995. Within these pages you will find one of the most comprehensive lists of anti-malware sites in the world with over 4000 links.
I have been working over 25 years as Anti-Malware Technology Expert for the security industry ( NOXS (a Westcon Group Company), McAfee, TrendMicro and Symantec ) and as Security Evangelist for Kaspersky Lab . I am now working as Security Evangelist for G Data Software AG . I am a Belgian Cyber Security Expert who is member of most international security and malware organisations in the world. I am the first and only in Belgium being on the board of three ( EICAR, AMTSO and LSEC) international security organisations at the same time. Find more about me at the ‘about me’ page for a more detailed bio.
Take also a look at my Twitter, Facebook, LinkedIn or YouTube channel. Don’t forget to subscribe to my popular anti-malware Blog with continuous updates and to take a look at my new Blog and my press page with over 1000 interviews and articles.
This site is and will remain always completely independent! (Site Design: Sonia Auger and Eddy Willems)