At Infosecurity 2011, held at Earl’s Court, London, the overall focus was clearly on the cloud. Anti-virus firm Kaspersky Lab was no exception, urging those passing its stand to get ready for the new frontline of data security.
We grabbed a moment to talk to Costin Raiu, director of the global research and analysis team. Raiu has extensive experience with Kaspersky, having joined the firm in 2000 as a leading anti-virus researcher and later heading up the Romanian R&D Group before his promotion in 2010 to director, global research and analysis. He specialises in malicious websites, browser security and Web 2.0 threats, and warns that as we rely more on new computing methods, we are in danger of taking our eyes off the ball in terms of threats.
The trend towards cloud computing is escalating quickly. It’s been around for a while, obviously, but we’re seeing a real surge in that space at the moment.
Yes. Cloud computing is really here to stay. It’s not going anywhere.
Do you think people and businesses are using the cloud without thinking through the security risks?
Anyone can access, or try to access, data that’s held in the cloud. Everything can be accessed from anywhere and I don’t think people realise that. This has real security implications and has lead to several new protection features already – and we will see more.
If your data is in the cloud, you need to be extra careful when using Wi-Fi, for example. It’s important to check that you’re using an encrypted connection. Authentication is more important now too.
And cloud aside, security risks have changed significantly over recent years, haven’t they?
One thing that’s changed a lot is that cyber attacks now happen very quickly.
It used to take a long time, but now your data can be stolen in a few moments. A friend of mine used to call and tell me that an attack was happening but he wasn’t worried because he had plenty of time to shut everything down – not any more.
So now it’s more important than ever that security products are strong and robust in the first place, rather than simply reactive?
Yes, of course it’s very important to have strong security software in place. It must also be complemented by good security policies.
And people need to think about the computers they are using. For example, if they are using a machine somewhere else, away from home, what if it is already infected and they type their passwords into it?
At the moment I can use security software to protect the files on my machine, but what about my data that’s stored across various different cloud sites?
That’s interesting and I think these services need to protect the end-user. For example, look at a lot of Web 2.0 services. Facebook wasn’t fully secure a few years ago. Myspace didn’t have a secure login. Many services weren’t designed with security in mind.
I suppose some of these companies start off small, choose not to put so much money into security at the beginning, and then they take off and suddenly it’s much more important – they have to consider it seriously.
Yes – the Twitter settlement with the Federal Trade Commission was good because it protected users. [The FTC brought charges that Twitter was not safeguarding users’ personal information properly and as part of the settlement Twitter had to establish a comprehensive security programme.] Social media companies have to protect the end-user.
Google recently released a Chrome update which can synchronise passwords across computers so that you don’t need to keep typing them in when you use different machines. These passwords are stored in the cloud but I am not sure that all users realise that.
Talking about Google as an example, it can hold an enormous amount of someone’s data when you take Google Docs, Gmail, password syncing and other apps into account and other services must be doing similar things.
Exactly. And if a hacker gets access to someone’s Google password, they have access to everything. Files, emails, and perhaps passwords to other things too.
Right now, are people still going to be best protected by anti-virus software?
Yes. And we’ve seen changes there too over the years. We’ve gone from straightforward anti-virus software to internet protection to total security packages and now AV software is adding encryption on top of that.
Kaspersky is supporting VMware vShield Endpoint for Virtual Data Centres now too, which will offer protection for businesses using virtual machines.
The best solution for individuals is still a full suite of security software. It’s very important to patch and update.
Also, they shouldn’t use pirated software. In some countries something like 90 per cent of software is pirated, but it’s very easy to get viruses that way.
The appearance of the Stuxnet worm last year was interesting – the way it takes out industrial systems but ignores other computers. What do you think it means for virus evolution?
Stuxnet was very unusual. It would’ve cost a lot of money. It shows how superpowers are moving into cyber warfare and cyber-espionage. We will see more of this in the future.
At the same time, look at things like WikiLeaks. Hackers used to attack with financial motives. Now we’re seeing a revival of them doing it for the fame.
Does that make it harder to predict what they’ll do next?
Unfortunately, yes it does.