Pragati Simlote
Panda Software is a developer and provider of integrated security
solutions to combat viruses, hackers, Trojans, spyware, phishing, spam and other
threats.
The company has a series of products catering to all clients. Panda's India
country sales manager Manuj K speaks about the various aspects of virus
programming, the new threats and his company's plans to counter these threats.
Excerpts from an interview:
How do you see the attacks between 2004 and 2005? Were there any
significant differences with those in the previous years?
Two basic tendencies were evident during this period (2004-05). This could be
due to the change in virus programmers' behavior. A few years ago, they were
looking for fame, recognition and means to boost their ego. They are now looking
for big money.
The first tendency that I have noticed during this period is that they are
creating lots of bots. Bots are programs (like Trojans) that turn your computer
into a slave. The computer receives orders from the creators, such as for
sending spams or making denial of services attack. A “bot farm” (a group of
controlled computers) is worth lots of money.
The other tendency is the direct money robbery. With phishing or pharming,
hackers try directly to steal the personal information to get access to the
user's bank accounts.
Which operating systems were most attacked in 2005?
As in previous years, it was Windows. It's the most used OS, so Internet
threats for Windows is more when compared with other systems.
What was the hacker profile?
I don't know whether these hackers were thieves or thieves becoming
hackers.
What do you think of the publication of flaws like jpeg-gdi+, php? Do
you think that it is advisable to continue publishing the flaws and the
exploits?
I think it is needed. The problem is with non-professional administrators, or
companies without proper consultants. If they do not have the information about
possible vulnerabilities to be looked out for and fixed, they may fall victim to
it. Nowadays, users can install products that may solve vulnerabilities in the
whole networks. There are intelligent detection systems, protections with rules
that stop the execution of malicious code unknown. Security, if you're using
the correct product, is not so hard.
Mobile phones were also attacked this year. How do you see this new
threat?
They should become a real threat sooner or later, but still they are more
proof of concepts than dangers. In future they could be jumping from phone to
phone, but the industry is reacting on time, so the users should not be afraid.
Anti-threat solutions - I'm not sure whether we could term them as virus - are
now ready.
Coming to phishing, besides cautioning users, what do you plan to
propose in 2006 to counter this?
There are many different ways. First of all, TruPrevent technologies will be
able to stop fake pages, and also we have systems to stop (warning the users) if
personal information is exiting the computer. It may be passwords, credit card
numbers, etc.
Are Pharming attacks more dangerous than the usual malwares? How does
it work? What do you propose to combat them?
Pharming usually modifies the local hosts file to redirect the user when he
tries to access the real bank web pages. To prevent it (not only known treats,
but also unknown), TruPrevent Technologies carries out a special surveillance of
the hosts file. Any process modifying the file in strange situations will be
stopped automatically, without any kind of virus signature.
Read more on Security