Did the job of security software just get bigger?

Well, it sure looks that way. We are only just into the second month of 2010, and yet, we can now see in prospect a whole raft of innovation coming our way. At CES in Las Vegas last month, a lot of the attention was given to eBook readers and new slate/tablet based PCs. These new devices are squarely focused on the opportunity with digital content. The success of Amazon and Apple with iTunes, clearly shows that there is a big market for digital content and that money can be made as a result. We have seen a lot of activity in the eBook reader market, with many companies starting to launch products. Amazon, with the Kindle, have very much been in the vanguard of showing how this can all come together.

CES also witnessed a range of announcements with respect to tablet computers. We saw products from HP, Lenovo (interesting cross-over laptop/tablet device), Sony, Archos etc. These products will start to come to market from the mid-point of this year. Many people commented that these CES announcements were a pre-emptive strike to gain interest and profile ahead of the long and much anticipated Apple tablet device. And so, last week, Apple finally took the wraps off of the ‘iPad’. The headlong rush into the brave new world of digital content devices is now on. What are the security implications of all this? That is a very good question.

In all of the product announcements, a picture was painted of us having almost constant and ubiquitous access to digital content, be that web sites, books, news, music, videos, pictures etc. That content will be accessed, managed and importantly paid for from these new devices. They themselves, when you strip them back, all have an operating system, a browser, storage and some means to connect to the internet. At the end of the day they are PC of some sort, hence, from a security perspective they face all the same challenges. We all (regrettably) know that hardware and software have flaws and vulnerabilities and that the hackers and cybercriminals live off the back of this. I will predict, that in the coming months, will see proof of concept announcements, along the lines that a particular device or OS, used in any one of these devices, can be compromised and that on the back of this a particular exploit can be enacted. The iPad has just been announced and it uses the iPhone OS. Just today, Apple has released a patch to block remote code execution on the iPhone, therefore by default, the iPad.

This will spook many people and will not doubt garner many headlines. However, that does not mean that users will be immediately impacted; not in the short term. How come? Well, as ever, it comes down to money. The hackers and cybercriminals, in theory, now have a fertile new segment to exploit and pillage. These new devices hold digital content that has a real value attached to it. To transact and procure this content, on these devices, we are going to use our online ‘identities’. Again, these have real value and quickly attract the attention and focus of the cybercriminals.

However, their desire to do so will be checked not initially by technical considerations, rather, economic ones. The cybercriminals need to have a large ‘addressable market’, to adopt the parlance of the marketeers, before they will really focus on it. For the moment, the hottest product in town is the Apple iPad. I have read that some of the analysts are predicting that up to 6M of these devices could be sold this year. That seems a big number, but if you think that the installed base of Windows PCs stretches into the billions of units, and that the Mac installed based stretches into the hundreds of millions, then it still is relatively small. The numbers and economics suggest that the cybercrimimal would be better to focus on the existing, large and established Windows and Mac markets. These new digital content devices will be afforded some protection in that they are operating in a nascent market segment.

 At the moment, there is not much, if any, commonality with the products that have been announced – everyone is off and doing it their own particular way. Heterogeneity is not the ideal bed-fellow for the hackers and cybercriminals. It can and will force them to have to create different versions of malware, that all takes time and effort, read for that cost. So, again it is economic considerations that dictate where the cybercriminals put their focus.

Past experience is always instructional in shaping the reality of today. This new category of digital devices is going to be huge. It will grow quickly, but it will not necessarily happen overnight. The heterogeneity of the nascent market will afford some initial protection. But, as the number of people buying and using these new devices grows, and as people start to converge upon the few winning products, then we will start to see real attacks come to pass. They will impact many people and will yield real revenue and reward for the cybercriminals. Hence, the perimeter, that we as a security community have to patrol, will get bigger and that bit more complex.

February 3, 2010 | Filed Under Security 

comments

Leave a Reply