Those owning a sick computer should be banned from surfing says a senior researcher at Microsoft. But although the comment from Scott Charney was seen by many as a sensible addition to the debate about internet security, others were quick to wag an ironic figure at the Seattle based software giant whose own record is far from perfect as regards bug ridden code.

And the suggestion from Charney is that the internet security industry should take its lead from the public health sector which when it identifies a medical virus, it isolates all those connected with it until the problem is solved.

The biggest threat out there according to the experts are botnets. These are networks of computers which have been infected by cyber criminals and then made to do their bidding, including sending out millions of spam emails.

Mr Charney wrote in a blog recently:
“Just as when an individual who is not vaccinated puts others’ health at risk, computers that are not protected or have been compromised with a bot put others at risk and pose a greater threat to society.

“In the physical world, international, national, and local health organisations identify, track and control the spread of disease which can include, where necessary, quarantining people to avoid the infection of others.

“Simply put, we need to improve and maintain the health of consumer devices connected to the internet in order to avoid greater societal risk.”

Botnets can consist of a few hundred PCs, but also number thousands, or even millions. They operate as zombie machines without the knowledge of the user.

And Mr Charney goes on to say that although millions of firewalls and antivirus programmes are being sold and used, many consumer computers remain vulnerable to attacks from malware code. Which leads him to suggest that all computers should have a health certificate before they are allowed to connect to the internet.

He added:
“Although the conditions to be checked may change over time, current experience suggests that such health checks should ensure that software patches are applied, a firewall is installed and configured correctly, an antivirus program with current signatures is running, and the machine is not currently infected with known malware.”

With many countries starting to introduce versions of the health certificate idea, and with some ISPs spotting machines which appear to be sending out vast amounts of spam email and effectively cutting then off, it would appear that users are going to have to wake up to the prospect of more pro-active action against infected computers.

But a number of internet security experts find it somewhat ironic that a employee of Microsoft should be ‘lecturing’ others on the idea of infected computers. It’s well known fact that many cyber criminals are able to exploit applications such as Microsoft Windows because the original code is so bug-ridden. These bugs are effectively holes, or mistakes in the code which hackers can utilise to attack a computer. Even now Microsoft issues regular monthly updates which are in reality repair ‘patches’ to shore-up gaps in their software.

Some reckon that if software companies are going to accuse computer users of running ‘bad’ computers, then they should do more to make their code more robust and less likely to exploitation from criminals.

Guest Article by Neil Camp 

The FBI has claimed a success in uncovering a major US cyber crime ring which made a mockery of internet security.

The crime busting organisation has rounded up nearly 100 people who defeated internet security techniques after it noticed bank transactions in Omaha that looked suspicious.

The people arrested are thought to be operating as ‘mules’ for East European fraudsters. The ring, or network of mules is thought to have been responsible for thefts amounting to over $70 million. The mules hacked into targets computers to get personal banking details in what the FBI described as one of the largest cyber criminal cases they had ever investigated.

Arrests were also carried out in the, Netherlands, UK and Ukraine.

Those detained in the US face charges of conspiracy to commit bank fraud and money laundering.

In what is basically a very effective technique, the hackers in Eastern Europe would first bombard the computers of individuals and small businesses with spam and infect their computers. The spam would be carrying the infamous Zeus trojan virus and once infected, the host computer would be wide open to attack.

The mules would then access the Zeus Trojan code on the victim’s computer and gain access to the users’ banking usernames and passwords. The money would then be transferred to the accounts set-up by the mules, before being transferred elsewhere. It’s reckoned that the gang had hoped to steal over $200 million.

The FBI said they were alerted by a number of suspicious bank transactions in Omaha which led them to believe a Zeus Trojan style attack was taking place under their noses.

In arresting people in a number of countries, including at least 19 in the UK, the FBI were helped by a number of law enforcement agencies

The investigation kicked off when the FBI noticed a pattern of suspicious bank transactions in Omaha.

Cyber crime experts are still concerned as to the number of people and companies who do not have sufficient levels of internet security. One, who preferred not be named said:
“Despite the warnings every day issued to computer users, I remain incredulous as to how many people still got caught by viruses such as Zeus Trojan. Thankfully, on this occasion the law enforcement authorities were very vigilant and it was stopped before the full extent of the attack could be realised. Let’s hope that the messages regarding internet security will start to penetrate in the near future.”

Guest Article by Neil Camp 

Firewall software is a key component for anyone’s self defense against the hordes of cyber criminals out there, but for China, a firewall is seen as the way they can try and maintain a level of censorship on their peoples.

But is it as clear as that? A case of the so-called Red Firewall keeping out the perfidious digital legions of the West. Not so say some observers, who argue that China’s internet is actually quite liberal and that it’s the big networking and social sites that have the problem. Leading to the conclusion that China’s firewall software might not be so perfect afterall.

Journalists testing China’s internet have discovered that some of the big newspaper sites are freely available and also a whole raft of porn sites. The trouble comes when the same journalists try to get onto sites like YouTube, Twitter, Facebook and Google, they struggle. Google of course has reversed their early highly unpopular decision to work alongside the Chinese authorities, and now face the consequences.

It would appear that China’s flourishing internet users – nearly 400 million at the last count – freely watch, read and download all manner of subversive material (including porn, news outlets which criticise their leaders, teenage chat rooms, celebrity gossip and academic forums), but that the sites of instant sharing of information, are seen as potentially dangerous. Experts think that it’s the element of rapid news sharing that frightens China’s old guard so much. It’s as though the thought of mass joined up thinking threatens their very existence.

And there are other touchy areas of course. Naked bodies may not rouse much censorship, or spotty teenagers ranting about their schools, but mention some areas of religion, history, or politics, and the censors with the digital black marker pen are very active. Mention 1989 and Tiananmen Square, and you’ll find a lot of blank space. Likewise search for Falum Gong, and you might find yourself getting a visit.

The Chinese government could also teach the world a thing, or two about SEO strategies. Apparently a small army of volunteers have been recruited and paid small amounts of money for roaming websites and posting up pro-government comments. They get a very small commission for each posting.

China might have the Red Firewall and their censors might be quick with the delete button when it comes to certain key areas, but the internet in that part of the world is certainly not a black void.

So whilst western computer users are obsessed with firewall software, spare a thought for the users in China, where firewall means and symbolises something else entirely.

Guest Article by Neil Camp

The last version of Norton has been released and owners Symantec reckon it is the best anti virus application out there.

Claiming to be the best anti virus software in an increasingly crowded marketplace is quite a call, but Symantec, the company behind the Norton range of products, believe they are onto a winner with the 2011 line-up.

They highlighted the product’s launch with news that they reckon that some 65% of people worldwide are falling prey to cybercrime. They also focus on the fact that the just released Norton AntiVirus and Norton Internet Security 2011 is the only comparable application to achieve a 100% protection score.

The score was achieved using a third-party test from Dennis Labs.

Norton AntiVirus and Norton Internet Security 2011 also comes with a free tool, the Norton Power Eraser, which has been developed to handle ‘scareware’ applications. These are becoming an increasing problem for many users (they pop-up on users’ computers and declare that the machine is virus ridden) and a tool that can attack them aggressively and eliminate their malicious intent, will be welcomed by many in the market.

President of the Consumer Business Unit at Symantec, Janice Chaffin, said:
“Today’s cybercriminals are not standing down – consumers need the very best protection to stay safe online. The Norton 2011 products are the highest quality we have ever built and the most comprehensive protection on the market with additional, value-added tools for protecting customers from today’s ever-evolving threats.”

Symantec claim that Norton AntiVirus and Norton Internet Security 2011 is packed full of new features, performance improvements and enhancements, and free tools.

It has also undergone extensive stress testing by Dennis Labs, which has had its security testing methodology revived by AMTSO, the Anti-Malware Testing Standards Organization.

The key components of the new Norton product are as follows.

Taking the lead is Reputation Based Security. This checks whether a particular download is risky (comparing it to the downloads undertaken from its near 60 million user customer base) and whether the programme is likely to contain malware. The check is almost instant, which prevents users from getting trapped.

Next up is the System Insight 2.0. At the core of this feature are Proactive Performance Alerts and these constantly monitor all running applications, recognising when a particular programme is hogging the machine’s resources.

Moving along and attention switches to the Download Insight 2.0. Symantec claim that this provides the best, and most fearsome, reputation-based protection system. It checks every download before they are allowed to operate on the computer.

SONAR 3 –as the name might suggest – adds the spice of behavioural security, which gets to the nitty gritty with ‘zero-day’ protection against emerging threats. And it takes any confusion away from the user as it automatically makes the key decisions.

Last, but not least, is the dependable Norton Bootable Recovery Tool. This is useful if a machine becomes seriously compromised and needs to boot up in a safe mode so that a cleansing operation can take place.

Performance is said to be industry leading and previous users will see a smart new look.

Is it the best anti virus to date? Only time will tell, but given the ever increasingly online threats, it does need to be pretty good.

Guest Article by Neil Camp

One of the most interesting perspectives on cybersecurity to come out in recent times has been published by ENISA.

Although not strictly a look at antivirus products, it justifies the ‘antivirus review’ label by examining how important information sharing should be in Europe

ENISA stands for European Network and Information Security Agency. It acts as the EU’s cyber security agency. They have just launched a new report on the barriers which hinder information sharing within the cyber security sector.

And it shows there is a great gap between the commercial world which holds economic concerns above all else, and the political world which sees a concerted effort against cyber crime as fundamental to the future.

Dr Udo Helmbrecht, The Executive Director of ENISA, said:
“Information sharing is a corner stone to improve the protection of critical information infrastructure-CIIP, which is vital for Europe’s economy and communications within Europe.”

Apart from some waffle about cyber security aspirations, the report comes up with some key recommendations.

First is the fact that member states should create a sharing platform for national information and this will encourage co-operation with other Member States.

Second, it is beholden on the private sector to be more transparent when it comes to sharing information. This includes being prepared to share information way before an event necessitates sharing.

Third, the research and academic sectors should promote the economic benefits of participating in sharing platforms, ensuring that companies see the monetary benefit of what they recommend and implement. The theory goes that if companies fully understand how sharing will benefit them on the bottom line, then they will more actively become involved in the whole process.

Fourth, that a further information sharing platform should be established, which actively promotes sharing between Member States and private shareholders.

So maybe not the best report for antivirus product insights, but nonetheless, disregarding the ponderous feel of the report, it does have some good ambitions. Information sharing is a key way that the authorities and companies have for combating the ever-increasing levels of cyber crime, although the key question is, can the EU do more than just encourage the idea of talking, and actually get all the parties around a table?

Guest Article by Neil Camp