As online security threats reach an unprecedented high, Exec speaks to Gerhard Eschelbeck (pictured), one of the world’s most prominent CTOs about dealing with the ever-evolving malware hazard
By James Hurley
The challenge posed to the security industry is a constantly moving one. Cyber criminals have raised their game and are adopting numerous tactics to avoid being spotted by anti-virus programs. Most industries have accepted the internet revolution and have, belatedly in some cases, begun the process of moving at least some of their operations online. No surprise then that the criminal fraternity isn’t far behind.
The number of malicious software programs (‘malware’) on the internet has reached an unprecedented high, with some estimates suggesting there were five times as many variants of malicious code in circulation last year when compared with 2006; this year may be remembered as the year that online crime came of age.
Go to guy
It certainly keeps Gerhard Eschelbeck busy. Currently serving as CTO and Senior VP of engineering at Silicon Valley anti-spyware firm Webroot, the genial Austrian has an impressive resume. Generally regarded as one of the world’s foremost CTOs, he has presented his research to Congress and was named one of InfoWorld’s 25 Most Influential CTOs in 2003, 2004 and 2006. He is also a frequent contributor to the SANS Top 20 consensus, which identifies the most critical security vulnerabilities. In essence, he’s the ‘go to guy’ when it comes to online security threats. “We’re very focused on discovering what the next threat is going to be and preventing it from happening. It’s always a cat and mouse game in which you have to make sure you’re ahead of the threats. Being in front makes the difference,” he says.
“I’ve been in the security industry for 15 years now, and we’ve seen a lot of evolution in the type of threat we have seen. Early viruses were very ‘loud’. Over time, they have become more invisible and highly targeted. They’re targeting specific companies and even specific countries.” From a research perspective, this means those in the security industry need to keep up with this evolution, since traditional identification mechanisms no longer apply. In essence, anti-virus systems rely on customers submitting samples. The nature of spyware means firms typically do not get these samples because customers don’t know that they are infected. “In the early days, samples from customers were enough. Now you have to hunt for them on the internet,” he says.
He says that the problem began in early 2007, when massive surges of new variants were spotted. He describes it as a “low-effort, high-frequency type threat” – the threats might not be ground-breaking but the sheer volume is astonishing.
Malware spider
Webroot’s response to the problem is ingenious. Just as a search engine deploys ‘spiders’ to periodically crawl the internet for new content that can feed its search results, for the last four years Eschelbeck and his colleagues have been busy building an extensive infrastructure called Phileas…
Click here to read the full article on IT Security
Bookmark with:
- Digg
- Reddit
- Del.icio.us
- Facebook
- Newsvine
Sign Up to Exec UK now for FREE!