I started my website August 25 1995. It was and still is dedicated to cybersecurity. Honestly speaking I always wanted to help people and that was part of my way to deal with it. I started to blog September 2004 and I’m still doing it. However my blogs are divided up all over several websites since then.
You can find some of my very old blogs going back to 2004 at the following link http://eddywillems.blogspot.be/
Famous German publisher Springer launched ‘Cybergefahr’ in the D-A-CH countries, a book written by Eddy Willems, G DATA’s Security Evangelist.
This blog article was originally posted on the G DATA Security Blog and includes an interview with me.
As the boundaries between the real world and the virtual world become blurred, the Internet is turning into a stamping ground for cyber criminals. They are using targeted malicious activities to cause untold damage to private individuals, companies or even entire governments of a country. Internationally renowned security expert Eddy Willems has set himself the target of enlightening company managers, politicians, government representatives and end users to this – and not just in the IT sector. Once equipped with the necessary knowledge, readers of the Springer book on cyber threats are able to recognise dangers in the digital world and protect themselves against cyber attacks. The book does not presume any prior knowledge – whether the solutions needed are for PCs, smartphones or entire company networks.
“It would be nice if we could make the world a little bit safer and at the same time make life a little bit harder for cyber criminals with this book,” says Willems in his introduction to the book. However, no IT system is basically immune to these risks. Both Windows and Apple devices have become victims of malevolent malware. But in the opinion of the expert, professionals disagree as to when the first computer virus was actually born. Some say it was Creeper, the first worm in an experimental program dating from 1971. However, it might also be Elk Cloner, which was only recognised as a virus many years after it was discovered. The only certain thing, says Willems, is that “the distribution of malware initially took place at a snail’s pace, moving from computer to computer via diskette; but with the introduction of the worldwide web, things rapidly intensified in terms of speed and the number of cyber victims.”
This book is an updated and translated version of Willems’ original Dutch book ‘Cybergevaar’ (“Cyberdanger” in English), originally published by Lannoo, in October 2013, in Belgium and the Netherlands. “Writing a book about cyber threats in a comprehensible and comprehensive way is not an easy task, but the book ‘Cybergevaar ‘ succeeds in this”, certifies the book’s first review, conducted by a well-known Belgian IT magazine, Datanews. Another review by the known Virus Bulletin magazine is referencing it as ‘a pleasant read on an important subject’.
Last week (9 December 2014) it was exactly 25 years ago one of my former managers gave me a diskette which appeared to be having the AIDS information trojan. At that time I was one of the first in the world to get a detection for it and who could reverse the situation from a trojanised machine back to healthy one. It changed my life completely. 2 years later I was one of the founders of EICAR. After that my whole life was dedicated to malware and security and I finally became what I always wanted to be: a Security Evangelist, actually a Cybersecurity Expert with deep knowledge of security and excellent skills to communicate technical stuff to non-technical people. If you want to refresh your memory about the AIDS Trojan you can watch my first TV interview (Dutch – VTM) from 9 December 1989 and find out that I changed a little bit.
I love what I’m doing. It’s my life and I’m one of the few which are not doing it only for the money. During those 25 years I’ve met a lot of interesting, brilliant minded and enthusiast people. The AV industry itself is also quite special and I still like to work with or inside this industry even after 30 years IT experience (not counting my university and school years). However some people involved are not always what they pretend to be and just do their job. It’s just a job for them.
It’s not a job for me, it’s much more, It’s my life.
And take it from me, there is a big difference if you’re driven by a mentality or principle to help the general public, companies and organizations in the continuous battle against cybercrime today.
I am ready for the next 25 years .. well that’s maybe a little bit exagerated. ;-)
IT security Information for everybody
“Writing a book about cyber threats in a comprehensible and comprehensive way is not an easy task, but the book ‘Cybergevaar ‘ succeeds in this”, certifies the book’s first review, conducted by a well-known Belgian IT magazine, Datanews. The book “Cybergevaar” tries to provide a very readable and very accessible overview of almost every information security related problem and malware. It reaches out to the general audience and does not only target the technically savvy reader but provides information for everybody.
“Cybergevaar” starts with an overview of the history of malware and looks into the many profiles of malware writers and hackers. One of the chapters touches the topic underground economy and is using a lot of examples to explain the involvements. It is based on a whitepaper written by G Data SecurityLabs. Furthermore, new developments in the fields of cyber attacks, sabotage and espionage are discussed and looked into from different angles. The daily threats and the myths about malware are described in a detailed way. Among this, the chapter about general security tips and tricks is interesting for everybody. The book also provides a special chapter with thorough advice for companies.
While exploring the book, the reader can find several exciting security anecdotes and entertaining situations one possibly has never heard of before. Additional clarifications are provided throughout the entire book by use of attractive illustrations and easy-to-understand graphs. High-level opinions of people with experience and interest in the ICT security industry are included: Professionals such as Natalya Kasperskaya (InfoWatch), Ralf Benzmüller (G Data), Peter Kruse (CSIS Security Group), Bob Burls (Independent IT Security Consultant) are amongst the contributors. The book also seeks to elaborate on how governments and the media can play a role in the ‘education’ of users. Moreover, it gives an inside look into the computer security industry and organizations like AMTSO and EICAR. And, of course, ‘Cybergevaar’ does not miss the opportunity to highlight how the problem and its solutions may develop in the future, with a special chapter in the form of a short story – ‘Radical Ransom’ – set in the year 2033.
“Cybergevaar” by Eddy Willems, Lannoo, 213 pages, is now available in Belgian and Dutch bookstores and online shops. Plans to publish this book in other languages, such as German and English, are currently being discussed.
You can also order your version of the book via this webpage: www.lannooshop.com/gdata
Back in 1995 at the end of August I started this website as one of the first anti-virus and security sites in the world. Today I nearly forgot this anniversary. The reason for this is that the speed of news and amounts of malware related problems has been growing like hell. The amounts of data and malware we see these days are excessive. I am personally involved with all this stuff much more (24/24 7 days a week) these days compared to 1989 when it all started for me. The hacks we see these days are worrying. The mentality of people seems to be changed dramatically and hacking (read ‘cracking’) seems to be as normal as having dinner these days. Cyberwarfare, cybersabotage and cyberespionage are now also part of the problem. I wish I could say over 17 years: ‘Yes we’ve done it, we (the AV and security industry) solved the malware problem’ but I’m now sure that this is probably wishful thinking and never will be the case. However this battle isn’t over yet. Malware writers, hackers and other cybercriminals be prepared that also the laws are changing, maybe you could start thinking about finally turning you’re skills into the good direction. I hope nations will think twice when writing nation-state driven malware or even thinking of hacking back the hackers. An eye for an eye makes the whole world blind (Mahatma Gandhi).
CeBIT starts on March 1st in Hannover, showcasing the latest developments in the IT industry. G Data is using the largest IT trade show in the world this year to launch the next generation of security for businesses and home users. G Data presents this year’s trade fair highlight: Generation 11 of its network solutions, equipped with a powerful backup module in all Enterprise versions. Also being revealed is G Data MobileSecurity, a security solution for Android phones. Mobile phone owners will thus be able to effectively secure their mobiles against malware. Another first that will be announced in Hannover is G Data CloudSecurity. This free browser plug-in blocks infected websites,making surfing the internet more secure. Besides presenting these innovations, the provider from Bochum, Germany is also offering a comprehensive programme in the G Data Arena, Hall 11, Booth D35.
I personally will take part in the Global Conferences during a panel session about the importance of security which is detailed below. It’s an interesting line up of experienced speakers, CEO’s or VP’s which will be sitting next to me. I will be available for interviews and chats the whole week (minus Saturday) at our booth. By the way I like my new title: Global Security Officer. ;-)
This is a copy from the original posting at the G Data Security Blog.
G Data is one of the members of AMTSO (www.amtso.org), an organisation currently comprised of 37 members, representing testers, vendors, academics and publishers involved in anti-malware research. Last week I was at the last AMTSO members’ meeting which was held in Munich. As always, a lot of work was done during the workshops.
First of all, some guidelines about testing for false positives (FP) were adopted. The False Positive issue is a common problem and the security industry dedicates a lot of resources to ensuring the highest quality and to reduce False Positives heavily. We welcome the new joint guidelines related to testing of false positives and we are hoping that in the light provided by these new guidelines, the FPs from all security products will be much more fairly assessed. The new documents can be found at www.amtso.org/documents.html.
You possibly already found out by now that I refurbished my personal website otherwise you weren’t reading this.
I really hope you like the new look of this site which took us several weeks to come up with. It was really necessary after a long period of silence I think.
With this new look I’m also starting my world tour where I sometimes will attend some conferences and sometimes will speak at these events.
Just finished with our G Data’s press tour in the Benelux I’m ready for the next events:
- BruCon Conference: Brussels, Belgium (attending)
- Virus Bulletin Conference: Vancouver, Canada (speaking together with Righard Zwienenberg(Norman) about internal attacks and problems in the cloud)
- Infosecurity NL: Utrecht, The Netherlands (attending)
- AAVAR Conference: Bali (speaking together with David Harley(Eset) and Lysa Myers(Westcoast Labs) about product evaluation and malware simulation)
- G Data Japan Press Tour: Tokyo (speaking)
And this is just the beginning … more trips are planned even during the writing of this piece.
One trip could be very interesting but it’s still undecided if I will participate …. but stay tuned as I could meet some VIPS of the world. ;-)
Just recently, reports were released about a new kind of malware propagating through removable drives. The said malware exploits a newly-discovered vulnerability in shortcut files, which allows random code to be executed on the user’s system. Microsoft has officially acknowledged the vulnerability and released a security advisory.
The malware some of the AV industry detects as Win32/Stuxnet, unfortunately, is a worm (and rootkit) of a slightly different colour. It can propagate making use of a 0-day vulnerability described here and also listed by CVE as CVE-2010-2568.
The biggest problem is that Windows (specifically, the Windows Shell) can be tricked into executing malicious code presented in a specially-crafted shortcut (.LNK) file linking, in turn, to a malicious DLL (Dynamic Link Library).
The problem is in the way that Windows Shell fails to parse the shortcut correctly when it loads the icon, it isn’t necessary to click the icon for the malicious code to be executed! The code will be executed without any action on the part of the user once that folder is opened to access whatever legitimate files are on the device.
The English and French version of the press release …
G Data SecurityLabs expands team with Security Evangelist Eddy Willems
Bochum, 19. February 2010
G Data today announces they have a new team member: Security Evangelist Eddy Willems. He will divide his time between the G Data SecurityLabs in Bochum (Germany) and the Benelux team.
The Belgian Willems has been active in the field of IT security for over two decades. In that period, he has worked for influential institutes, such as EICAR, of which he is a co-founder and the director of press and information, several CERT associations, and the organization behind the Wildlist as well as for commercial companies, such as NOXS and Kaspersky Labs Benelux.
In his position of Security Evangelist at G Data, Eddy Willems will form the link between technical complexity and the user. He is responsible for a clear communication of G Data’s SecurityLabs towards the security community, press, distributors, resellers and end users. This means, amongst other things, organizing trainings about products, malware and security, speaking at conferences and consulting associations and companies about security.
This is Eddy Willems’ official and original homepage for anti-virus and anti-malware consultancy with links to most anti-malware sites and companies in the world.
This site is the reference in independent anti-malware advice and information. It is also known as the first Belgian anti-virus page and one of the oldest anti-malware sites on the Web. This site is completely renewed in September 2010 and exists since 1995. Within these pages you will find one of the most comprehensive lists of anti-malware sites in the world with over 4000 links.
I have been working over 25 years as Anti-Malware Technology Expert for the security industry ( NOXS (a Westcon Group Company), McAfee, TrendMicro and Symantec ) and as Security Evangelist for Kaspersky Lab . I am now working as Security Evangelist for G Data Software AG . I am a Belgian Cyber Security Expert who is member of most international security and malware organisations in the world. I am the first and only in Belgium being on the board of three ( EICAR, AMTSO and LSEC) international security organisations at the same time. Find more about me at the ‘about me’ page for a more detailed bio.
Take also a look at my Twitter, Facebook, LinkedIn or YouTube channel. Don’t forget to subscribe to my popular anti-malware Blog with continuous updates and to take a look at my new Blog and my press page with over 1000 interviews and articles.
This site is and will remain always completely independent! (Site Design: Sonia Auger and Eddy Willems)