SourceCode: Inside Next@Norton 2011
Text and photos Gadjo Cardenas Sevilla
San Francisco, CA- Next@Norton is an annual meeting and product showcase that covers the latest security threats and trends, Symantec's new products and directions as well as gives tech journalists a chance to have first-hand access to developers, engineers and product specialists. This year's event was held in the W Hotel in Downtown San Francisco. An extensive day-long meeting composed of presentations and Q&A sessions revealed a number of interesting trends in today's security landscape, here's some of what we learned.
The computer security landscape is changing rapidly alongside emerging trends. Windows PC's remain the most susceptible to threats such as viruses, trojans, phishing scams and even malware perpetuated via browsers. As more people use their PC's differently, so, too, are the criminal elements adjusting their strategies.
There are now threats coming through Facebook links and even via Twitter through popular (and necessary) link-shortening services like Bit.ly, which serve to crunch long URLs to conform to Twitter's limitation of 140 characters per tweet. 65% of attacks in social media were through the use of URL shortening services like Bit.ly, which is alarming since these services address the number one limitation of Twitter, which is that users need to conform to the 140 character limit.
The Mac platform, long considered virus-free due mostly to its small (although growing exponentially) market share has started getting noticed and as a result is now facing early threats.
Many attacks, for PC and now for Mac, come in the form of fake antivirus applications that appear as pop-up windows when users access compromised websites. Unwitting users, getting the message that they are 'affected by a virus' download these programs which when installed simulate virus search and removal but actually infect the system, sometimes to the point that users cannot troubleshoot their machines. Common to PC's, this trend has appeared on the once unaffected Mac OS platform.
The image above show how Macdefender, a fake anti-virus app, has started affecting users. Apple has been managing this threat through security updates directly to the latest version of the OS.
What is common to all is that hackers are using alarming messages to compel users to install malware. Hapless users are actually installing the compromised software themselves.
We were also toured through the concept of Stuxnet attack, a worm that that spies on and subverts industrial systems and can, in time, compromise industrial PLC's, which are a digital computer used for automation of electromechanical processes, such as control of machinery on factory assembly lines.
During the elaborate demo (above) a PLC was compromised and controlled to blow air into a balloon (which blew up once the system was compromised. This was used to simulate the blowing up of something larger like a factory or nuclear plant facility. For a better sense at how lethal Stuxnet can be, check out the beautifully designed infographic video below from director and motion graphics designer Patrick Clair and writer
Scott Mitchell.
Stuxnet: Anatomy of a Computer Virus from Patrick Clair on Vimeo.
Other demos included how hackers can compromise mobile devices. How do these hackers inflitrate the Android OS? They will clone popular apps like games and then inject the malicious code within the copied game. They will propagate this by selling the game on the Android Market.
Once a user has downloaded and installed the game, it begins to deliver its payload or access areas of the system where user's personal information may be kept. Some of the hacks can even make calls or send SMS remotely without the user knowing. Most of Symantec's work on mobile is for Android.
“iOS is hugely important,"Symantec's Senior Director for Global Security Kevin Hogan noted but being an extremely locked-down ecosystem, protecting iOS is not currently a priority.
"There are no malware threats to the iPhone unless you've Jailbroken it." Symantec's Kevin Hogan said on mobile security.
Also demoed was Norton Management, which uses the iPhone, an Android phone or iPad's web browser to remotely support and control the various remote desktops.
We also got a feature rundown for Norton 2012, which we will review in detail in a separate article once we've spent some time with the suite. We're most impressed with their Norton Power Eraser which detects and removes deeply-rooted malware that disables regular antivirus progams.
All-in-all, this year's Next@Norton gave antendees a clearer overview of the landscape and it is changing according to how users spend their time. Criminals are getting more creative with their approaches.
Mobile, social media and the Mac platform are certainly growth areas and users of these services and platforms need to know that dangers exist but that there are solutions and ways to avoid getting compromised.
Also covered were the features of Norton 360 Version 5.0 which a complete suite of solutions for backup, security and low-impact real time and which detects an eliminates viruses, spyware and other threats before they can do damage to a user's PC
Demos of how the system warns you if a downloaded file is dangerous before you install it on your PC showed the proactive response that Norton is known for. The unique Norton Faimily widget can enable control of children's internet access as well as identifying threats early on.
Reader Comments