Circling the wagons

In June, AVG Technologies published a report which stated one in ten people in the UK go online every day without any security protection. The security solution vendor said that this was evidence that British web users were underestimating the potential financial and emotional cost of computer failure.

Founded in 1991 and with offices in Europe, the US and the UK, AVG Technologies now provides computer security solutions to over 110 million users worldwide. With the recent Facebook milestone of 500 million users, and with highly publicised criticisms of privacy and security settings, PCR spoke to AVG’s Yuval Ben-Itzhak about what ramifications this has in the landscape of computer security.

Facebook is one of the most popular websites with more than 500 million registered users, half of which log into the social network every day,” said Ben-Itzhak. “As the number of social networking users increase, so will the number of inexperienced users – to whom the internet does pose a threat,” he added. 

Beyond the better known threats of computer viruses, emerging threats to privacy have been thrust into the limelight through a number of high profile news reports on increasingly lax and confusing privacy controls in Facebook. These concerns haven’t persuaded users to desert in droves but a recent American Consumer Satisfaction Index rated user’s trust of Facebook at rock bottom.

Ben-Itzhak listed a number of areas of concern in relation to mass social networking sites such as Facebook, starting with passwords. “Many people use a single password for everything; their Facebook user id/password is very often the same for online banking or other accounts,” said Ben-Itzhak.

He also cited the disturbing degree of public sharing of sensitive information. “Facebook users disclose vast amounts of information about themselves without realising i.e. their location on their Facebook statuses”, said Ben-Itzhak while pointing out that much of the problem was that inexperienced users, or disinclined users, would have difficulty understanding which information was being made fully public and how best to control it.

“Controlling profile privacy settings on Facebook is quite complex. Those wanting to keep all personal information private will need to invest some serious time to go through all of the 50 privacy settings with contain more than 170 options.”

Ben-Itzhak also pointed out the danger of seemingly innocuous sphere of so-called applications which inhabit the Facebook world, saying that users of Facebook suspended their healthy scepticism towards downloading software from unknown origins on the web. “Facebook apps are approached with impunity”, he said. 

“With little knowledge of developers, users happily accept apps and allow access to their unprotected profiles. In the near future, apps will gain access to physical locations. Some of these apps have a couple of million users every month, each providing their details to hidden organisations.”

 “Another increasing threat is the fact that people are generally confident in what they have been sent by their friends – and this applies not only to applications but also hyperlinks- these then direct users to mock pages through which viruses can infiltrate.”

Ben-Itzhak said that the company understands that people are interacting with the Internet in different ways. “As a company, we look at the increasing array of ‘endpoints’ through which users access the web from smart phones and iPads to traditional desktops – and this changes the way we build the architecture that supports our security products,” said Ben-Itzhak. AVG was ultimately taking a more “social networking centric” view of how to provide protection, acknowledging that sites like Facebook and Twitter are playing role in encouraging users to be online.

So what does AVG bring to the table which can meet the frightening variety of new threat vectors that users are exposed to? Ben-Itzhak points towards community based and cloud based technologies which he said “working in concert to enable safe web experience to millions of AVG users worldwide.”

Asked where he sees the future directof AVG products, Ben-Itzhak said that system optimisation would be a focal point for the products heading into 2011. The company had invested a lot of effort in refining the current AVG Internet Security 9.0 offering, he said, while future efforts would focus on performance speed, detection rates and usability.

“Keeping systems safe with optimised intelligent software which knows where vulnerabilities exist and knows where safely scanned data already resides, means users can surf safely without feeling like an excess burden has been placed on their system,” explained Ben-Itzhak.

AVG’s LinkScanner product is the tool by which the company seeks to protect identities and personal information against online web threats. Collaborative application of the data coming out of this tool provides valuable data on emerging threats as seen in the recently published “Peek Inside Cybercrime Monetization Methods & Volume” report.

Ben-Itzhak explains: “Every time one clicks on a link, banner or an instant message, LinkScanner scans the landing page they are being directed to in real-time for malicious threats, to stop them from entering into dangerous territory – of the 130m active AVG users we have worldwide, 95m use LinkScanner when they are online.”

Cloud-based tools such as AVG’s LinkScanner provide a common defence akin to a virtual circling the wagons in the face of ever more numerous and sophisticated threats from cyber bandits. In such a way the new threats of social networking might be most effectively met by a social approach to security too.