There is more bad news than good news in the world of computer security. The good news is, threats through e-mail are at an all-time low. The bad news is, security threats have moved to the Web, making them even more complicated to deal with.

Genes points out that all security solutions today rely on frequent updates, but local updates are inefficient and too slow.

MORE malware attacks today originate from the Web than e-mail.

“Large corporations’ and governments’ Web sites have been victimised. Recently, Honda Thailand’s Web site was hacked to deliver data theft Trojans to unprotected computers. Similarly, well-known government Web sites were hacked to push malware to visitors. Cyber crooks basically exploit visitors’ trust in these well-known Web sites, and those with no real-time protection are vulnerable,” says Trend Micro’s chief technology officer, Anti-malware Raimund Genes.

For love of money

Genes highlights that software vulnerabilities today carry financial value. Hackers have realised that money can be made from trading vulnerabilities.

“Malware writers have commercialised their activities, as the digital underground economy creates big profits. A lot of people who would never rob a bank don’t have any issues stealing credit cards and redirecting money online. It’s like a video game for them.

“Hackers are now able to trade and auction the bugs online and earn lots of money. This is motivating more people to look for vulnerabilities,” he explains.

Genes admits that the security industry is struggling to keep ahead of organised cyber criminals who are motivated by money.

If the security market is a US$6 billion (RM19.2 billion) industry, some quarters estimate the underground malware market to be worth US$8 billion, with some even suggesting that it has surpassed the value of the illegal drug trade worldwide.

Genes points out that in certain countries such as Switzerland, it is legal to auction malware. WabiSabiLabi, a Switzerland-based operation, is one such online auction site for buyers and sellers of vulnerabilities. It has commoditised vulnerability research and sells bugs to the highest bidder.

And in the United States, it is legal to write malware, but illegal to infect computers.

It is estimated that about 41 per cent of the world’s bot-infected computers are in China.

Difficult battle

Security vulnerabilities now have become tougher to deal with, due to the interactive nature of the Web 2.0 platform.

“With the Web 2.0 platform, anyone can upload content and have access to various applications and media. Also, with e-commerce there is sharing of information between users and Web sites. These Web developments allow attackers to easily mount Trojans, botnets, spyware and a range of malicious codes,” Genes says.

Another issue is the slow deployment of security solutions and upgrading of appliances, which works in favour of the malware industry.

“Security appliances have a lifespan of 18 months before they need to be replaced or before additional appliances need to be bought to cope with the load. Customers are frustrated because they always need to upgrade their security products and purchase additional appliances to stop new threats. All solutions today rely on frequent updates, but local updates are inefficient and too slow,” Genes points out.

Nonetheless, there are ways to deal with Web-based malware and the recommended method is “in the cloud” reputation checking. This refers to placing a reputation checking service in the Internet cloud rather than on a local database at each customer site.

Aggressive approach

Genes stresses the need for governments to be more aggressive in fighting cybercrime. Most often, physical security is given more importance than cyber security, but the cyberspace has emerged as a source of security threats that cannot be ignored, he says.

Genes recently made a presentation at the Impact World Cyber Security Summit in Kuala Lumpur. The event, which was the largest ministerial-level forum organised on cyber terrorism and security, saw government ministers, industry leaders, technology luminaries and international cyber security experts from over 40 countries in attendance.