Slashdot Mirror

← Back to Stories (view on slashdot.org)

Security Industry Faces Attacks It Can't Stop

Posted by kdawson on from the crying-out-for-paradigm-shift dept.

itwbennett writes "The takedown of the Mariposa botnet and so-called advanced persistent threat attacks, such as the one that compromised Google systems in early December, were hot topics at the RSA conference last week. What both Mariposa and the Google attacks illustrate, and what went largely unsaid at RSA, was that the security industry has failed to protect paying customers from some of today's most pernicious threats, writes Robert McMillan. Traditional security products are simply not much help, said Alex Stamos, a partner with Isec Partners, one of the companies investigating the APT attacks. 'All of the victims we've worked with had perfectly installed antivirus,' he said. 'They all had intrusion detection systems and several had Web proxies scan content.'"

3 of 305 comments (clear)

  1. Not that hard to believe... by Jazz-Masta · · Score: 4, Informative

    The dark side of computer "security" pays far better than the good side. I was contracted to setup a number of servers for a company, and as it turned out, they were part of this "dark side." I told them I had an ethical conflict, and decided to remove myself from the situation about 2 hours into it.

    The problem is, other than the coders and the boss, many people do not know they are working for these companies. This particular company had about 15 people. 3 were in the know, the other 12 were support for shipping, gathering information, making contacts, and advertising, etc. When dealing with spyware/malware, there is a lot of butt covering, and evasion.

    The programmers in particular were amazing coders, some of the best that graduated at the same university I went to. This is how I got contacted to help. Only after we started talking did I realize what they were all about. The pay was almost double what they would have made at a legitimate company.

  2. Re:Security theater by pastafazou · · Score: 4, Informative

    you don't need to click any more. Most of the malware I'm cleaning up these days is delivered via Flash, and distributed by advertisement servers that have been hacked. All you have to do is visit a site that gets paid to serve random ads, and you can get infected.

  3. Re:Yeah, read the whole thread. by AnyoneEB · · Score: 4, Informative

    Not automatic, but whitelisting security systems like that exist. Core Force is the one I know of. It has some sort of system for sharing whitelists for specific applications among users.

    --
    Centralization breaks the internet.