Internet threats on the rise says experts at AVAR 2016
The posh ambiance of the Grand Hyatt hotel in downtown Kuala Lumpur was contrasted by the somber proceedings as gaggles of technical security experts, virus researchers and stakeholders gathered together amidst its vaulting halls for AVAR 2016, talking shop in low voices amidst artfully placed mountains of Danish pastries and huge carafes of steaming coffee while the bustling traffic outside and rising temperature made walking outside the hotel a proposition at getting a nasty sunburn or worse.
Unfortunately, the gathering wasn’t a tête-à-tête affair as everyone there was on a mission to find out more about the lay of the land in the ongoing war on malware at the annual Association of Anti-Virus Asia Researchers (AVAR). Held annually since 1998, the conference sees the best virus researchers, security professionals and more debating on the latest issues affecting their demesne. This year, the topic on everyone’s mind was ‘Is Antivirus dead?’ and whether the threat of a virus attack was an imminent and present danger or like most security threats online, lying dormant, biding its time while lurking somewhere on the Darknet or in the nether depths of what passes for the Internet waiting to strike once more.
MDEC Vice President of Infotech, Norhizam Kadir took the stage at the inauguration of AVAR 2016 to share more about MDEC’s role in facilitating AVAR 2016, “MDEC is a facilitator, acting as the dance floor where industry players can engage together with a mutual aim.”
“The threat of malware has been ever-present but today we are facing unprecedented sophistication in not only development but also deployment,” says Mikko Hyppönen, Chief Research Officer at F-Secure who are hosting this year’s AVAR conference with support from CyberSecurity Malaysia and the Malaysia Digital Economy Corporation (MDEC). “Our capability to protect and respond has been growing as well but there is an even greater need for awareness on the consumer side, taking into consideration borderless trade and digital transactions,” adds Hyppönen.
When he took to the stage to deliver his keynote address he shared more details as to the state of virus outbreaks in the present day from a bird’s eye view after being at the forefront of computer security issues for the past two decades. He lamented that even in this present day and age, the technologies for security may have improved but the human element was still the weak point in security issues. “Even today, people still use passwords for authentication and more often than not, people use the same password for many of their accounts.” Needless to say, cracking one online account for a mark will likely mean access to everything else digital about him including bank accounts, e-mails and more.
He also highlighted the explosive growth of the Internet of Things where all manner of devices have sprouted a host of sensors and interconnectivity via the Internet. While it allow someone to print something on the office printer without ever having to set foot in the office, or to check the feed of a security cam at home while on holiday or even some other task, the problem remains that all these devices are unsecured and their interconnected nature means that cracking one open will lead to the whole network the device is connected to being exposed to malicious acts. Hyppönen showed examples of IoT devices he discovered by simply scanning around his office – the user interface of an incinerator, a host of video cameras and more. While it takes some skill to at least attempt to infiltrate them, the proliferation of ‘exploit kits’ and other means to let the technologically illiterate gain access to malware have become available. The fact that IoT devices are now so common means that a concerted effort to plug all the gaps in the security of an organisation, much less a person’s home is sorely needed. “Over the past years, exploits and exploit kits continue to trend as threats facing people and companies in Eorope and North America. Tpday these threats not only have spread to Asia and other regions but have continue to expand their capabilities and evolve into a variety of attack vectors.” said Hyppönen.
He also added that the potency of cyber attacks means that it has now become a highly cost effective and brutally efficient option in a nation-state’s arsenal short of military action and has resulted in state actors either participating subtly in cyberwarfare or reinforcing their own digital borders. Hyppönen reinforced F-Secure’s commitment to waging war against malicious software and that they will continue monitoring and safeguarding companies seeking to secure their digital security.