Now ‘Music’ wades into the fight against cybercrime

MusicI came across this interesting posting from the Microsoft Digital Crimes Unit. They reported on an interesting initiative in Nigeria. A programme has been established to help young Nigerians, involved in cybercrime, to shift their focus by helping their local communities to find online alternatives to Internet fraud, and to educate their peers.

One of the ways the group has engaged with Nigerian youngsters is through music with the release of a song called ‘Maga Need No Pay’ which challenges young Nigerians to avoid creating new cybercrime victim. You can watch the video for the song here.

Nigeria has for a long time been associated with a particular online fraud, the so-called ‘Nigeria’ or ‘419’ scams. These scams are advance fund frauds, wherein, the scammers promise a fortune in exchange for advance payments. I see it as being a welcome development if this initiative can divert young Nigerians from pursuing cybercrime. The intent is to get them to focus on something more positive and altruistic, helping their communities embrace and unlock the ‘net for benevolent purposes. Let’s see if Music can help stem the tide of cybercrime.

February 22, 2010 | Filed Under Security | Leave a Comment 

Public BETA: Norton SafeWeb Lite

Norton SafeWebSearch engine poisoning has become a very popular tactic to direct people to compromised web sites that, in turn, will attempt to scam you or install malware. This approach recognises that, for most of us, we now rely on the search engine on a daily basis. It is our first port of call to find out about something, someone or somewhere. The hackers and cybercriminals have latched onto this and are now inserting malicious URLS, or compromising legitimate ones, in an attempt to divert us into their hands.

This is something that the search engine operators, and we in the security community, are developing and deploying solutions for. Norton customers, for the past year or so, have been able to have their search engine results ‘marked-up’, to allow them to see what URLs we understand to be good, as opposed to those which we know, or suspect, to be compromised or bad. This uses a technology we developed called Norton SafeWeb. We involve those Norton Customers who are part of our Norton Community Watch initiative (35 million or so of them at the latest count), to help feed us suspicious URLs that we can then analyse. It is a layer of security that we know is very effective and from which many of our customers benefit from.

The good news is that we are now looking at deploying a version of the Norton SafeWeb technology to non-Norton customers. To that end we have just put into public BETA, a tool called Norton SafeWeb Lite. You can download it here from the Norton BETA site.

February 16, 2010 | Filed Under Announcements, Security | Leave a Comment 

Did the job of security software just get bigger?

Well, it sure looks that way. We are only just into the second month of 2010, and yet, we can now see in prospect a whole raft of innovation coming our way. At CES in Las Vegas last month, a lot of the attention was given to eBook readers and new slate/tablet based PCs. These new devices are squarely focused on the opportunity with digital content. The success of Amazon and Apple with iTunes, clearly shows that there is a big market for digital content and that money can be made as a result. We have seen a lot of activity in the eBook reader market, with many companies starting to launch products. Amazon, with the Kindle, have very much been in the vanguard of showing how this can all come together.

CES also witnessed a range of announcements with respect to tablet computers. We saw products from HP, Lenovo (interesting cross-over laptop/tablet device), Sony, Archos etc. These products will start to come to market from the mid-point of this year. Many people commented that these CES announcements were a pre-emptive strike to gain interest and profile ahead of the long and much anticipated Apple tablet device. And so, last week, Apple finally took the wraps off of the ‘iPad’. The headlong rush into the brave new world of digital content devices is now on. What are the security implications of all this? That is a very good question.

In all of the product announcements, a picture was painted of us having almost constant and ubiquitous access to digital content, be that web sites, books, news, music, videos, pictures etc. That content will be accessed, managed and importantly paid for from these new devices. They themselves, when you strip them back, all have an operating system, a browser, storage and some means to connect to the internet. At the end of the day they are PC of some sort, hence, from a security perspective they face all the same challenges. We all (regrettably) know that hardware and software have flaws and vulnerabilities and that the hackers and cybercriminals live off the back of this. I will predict, that in the coming months, will see proof of concept announcements, along the lines that a particular device or OS, used in any one of these devices, can be compromised and that on the back of this a particular exploit can be enacted. The iPad has just been announced and it uses the iPhone OS. Just today, Apple has released a patch to block remote code execution on the iPhone, therefore by default, the iPad.

This will spook many people and will not doubt garner many headlines. However, that does not mean that users will be immediately impacted; not in the short term. How come? Well, as ever, it comes down to money. The hackers and cybercriminals, in theory, now have a fertile new segment to exploit and pillage. These new devices hold digital content that has a real value attached to it. To transact and procure this content, on these devices, we are going to use our online ‘identities’. Again, these have real value and quickly attract the attention and focus of the cybercriminals.

However, their desire to do so will be checked not initially by technical considerations, rather, economic ones. The cybercriminals need to have a large ‘addressable market’, to adopt the parlance of the marketeers, before they will really focus on it. For the moment, the hottest product in town is the Apple iPad. I have read that some of the analysts are predicting that up to 6M of these devices could be sold this year. That seems a big number, but if you think that the installed base of Windows PCs stretches into the billions of units, and that the Mac installed based stretches into the hundreds of millions, then it still is relatively small. The numbers and economics suggest that the cybercrimimal would be better to focus on the existing, large and established Windows and Mac markets. These new digital content devices will be afforded some protection in that they are operating in a nascent market segment.

 At the moment, there is not much, if any, commonality with the products that have been announced – everyone is off and doing it their own particular way. Heterogeneity is not the ideal bed-fellow for the hackers and cybercriminals. It can and will force them to have to create different versions of malware, that all takes time and effort, read for that cost. So, again it is economic considerations that dictate where the cybercriminals put their focus.

Past experience is always instructional in shaping the reality of today. This new category of digital devices is going to be huge. It will grow quickly, but it will not necessarily happen overnight. The heterogeneity of the nascent market will afford some initial protection. But, as the number of people buying and using these new devices grows, and as people start to converge upon the few winning products, then we will start to see real attacks come to pass. They will impact many people and will yield real revenue and reward for the cybercriminals. Hence, the perimeter, that we as a security community have to patrol, will get bigger and that bit more complex.

February 3, 2010 | Filed Under Security | Leave a Comment