Slashdot Mirror
Future Trends of Malware
An anonymous reader writes "What are the driving forces behind the rise of malware? Who's behind it, and what tactics do they use? How are vendors responding, and what should organizations, researchers, and end users keep in mind for the upcoming future? All these questions and more are answered in the well written (MHO) Future Trends of Malware"
Greed? You mean the selfless devotion of time to a project that no one will pay you for?
Note that some of these goals target individuals and their PCs whereas other target larger organizations. One key commonality of nearly all of the goals is that they target large numbers of PCs or require large numbers of infected machines to achieve the goal. Thus immunological approaches that look for the spread of unusual code or data packet patterns can help address this problem. On the other hand, immunological approaches won't work if the malware attack targets a single individual or company -- e.g. implanting a unique virus in one computer in a company for purposes of espionage or extortion.
Note that half of the goals are very different from the stereotypical destructive virus or worm of yesteryear. With the exception of vandalism, extortion, vigilantism, and military, the other goals are essentially non-destructive. The malware creator's goals are not achieved if the malware crashes the target machine.
Two wrongs don't make a right, but three lefts do.
So (for example) did nobody have any right to say that Sony should not include a rootkit in the software on their CDs? Does nobody have the right to say that Microsoft Windows should be better quality? If some software destroyed your hard disk, would you just say "it's a blessing that I could have chosen not to install it"?
At my company, when we see virus/spyware activity, we call the customer and give them instructions on how to fix it. If it recurs or doesn't get fixed--or if we can't get in touch with them and it's particularly nasty--we'll shut off service and require that we verify the computer is clean before turning their service back on.
Which sounds pretty strict, except that we'll clean their computers for free.
So far, malware has been treated as an IT/commercial problem (which is what this article does), but it has become so pervasive and costly that it is also now a political problem. The barely fettered growth of malware - its sheer scale, organization and the amounts of money involved - raises a lot of questions about privacy, international cooperation and what to do about the internet itself. I don't think it's something that the IT industry can tackle on its own. You can have as much protection as you like, but so long as malware outfits can slip through 1001 transnational loopholes and exploit safe-haven jurisdictions there will always be a serious problem.
.ru or .ro can apparently do what they like, and some notorious spammers and phishers remain on Top 50 lists for years without anyone so much as slapping their wrist. In previous centuries, the whole thing was called "piracy" and states tackled it with, erm, "extreme prejudice". Sometimes, I feel they may have been on to something.
I don't pretend to know the answers, but waving a copy of Norton Internet Security at the bad boys isn't it, for sure. Perhaps there is an element of deliberate wimping out going on here. The IT industry doesn't want to admit it cannot solve things alone, because it doesn't want politicians and regulators muscling in. And politicians like to pretend that malware is purely an IT problem because they don't want the headache of involvement in sorting out the mess.
As one result, perhaps, domains ending in letters like
Las qué passoun
tournoun pas maï
money
Look, money is a perfectly fine motivation for script kiddies and Nigerian scam artists and ex-KGB Russian/Ukrainian mafiosi.
But there's an outfit sitting behind a router in the PRC that has a different motivation; something along the lines of "Geopolitical World Dominance":
It's kinda like the board game "Risk", only this is the real McCoy.-
They don't know spyware or viruses from a hole in the ground, and they either re-install or buy a new computer every time their machine gets too slow
-
OR they believe their firewall and/or AV product is total protection, and they convince themselves that their machine isn't slow and isn't behaving badly, even when it it
-
OR they simply accept that computers are shit and tolerate it running badly.
A certain sort of quasi-autistic geek then makes snotty comments and plays ``blame the victim'' by pointing out all the measures that the victim could have taken. The real solutions are:-
For operating system vendors to sort out their problems. Oh, OK, for one particular OS vendor to sort out its problems.
-
For law enforcement to stop treating the perpetrators as cute kids, and actually do something serious about the issue.
Blaming the victim just isn't on. `We' (ie people who provide computer and telecommunication services) sold them a machine. It's up to us to make sure it behaves reasonably. There's an ``Unsafe at Any Speed'' brewing, if but we could see it.ian
Yes, it does annoy me that much. If an author is willing to include spyware in the first place, what else are they willing to do with their software? When you download a piece of software, you expect that software, and not random bundles of non-related software.
You are correct that I have no right to say what the author can and cannot do. I can simply choose not to use the software anymore, which I have done. And in this case, since it for corporate use, I can vote with my wallet as well.
Titus Barik
Well put -- I like the analogy.
Actually I think what people are doing today, is practically building another guest house out back for the foreman and the rest of his work crew to live in while they're patching up your house. Remember the discussion a few months ago here on Slashdot about why the average joe needed a dual-core or multiprocessor Windows box? It was so one processor could run his actual application, and the other one could run all the anti-virus/spyware/adware/intrusion programs.
The situation has really become ridiculous, but because it's happened so slowly and because so many people are highly invested in it, nobody with any authority wants to take a step back and call it for what it is.
"Ladies and gentlemen, my killbot features Lotus Notes and a machine gun. It is the finest available."
Has anybody looked into the idea that companies (such as pharmaceutical marketers) are paying Microsoft to not fix vulnerabilities? This is something that I've wondered about often, but never read anything about. A "Halloween Document" on this would be very interesting...
A lot of users have asked me over the years if Microsoft is paid by antivirus companies not to fix vulnerabilities. This is apparently an easy leap of logic for the most untechnical folks. We know that pharmaceutical marketers are using bots to crawl and reap email addresses, as the Perl developer that tried to blow the whistle on them last year had his computers confiscated by the cops, who were sent by his employer to ensure a cover-up (stop their ex-employee from publishing company secrets using some kind of Industrial Espionage legislation). Sigh.
If fingerprints ever start being widely used, muggers will just hit you over the head and cut off your fingers. They can check to see if you have a bank account later. If you think that there are not plenty of people that would cut your fingers off for the chance of a couple of hundred dollars, you are sadly mistaken, and a danger to the rest of society.