Sunday, May 17, 2015

"Social engineering is the hardest 0-Day"

Marcelo Rivero, founder of InfoSpyware and ForoSpyware.
"In my student days, I was often infecting my devices deliberately".  

Managing a community of 850,000 registered users more than 10 years requires large doses of social engineering. That is a subject well handled by Marcelo Rivero, expert on malware and, more specifically, on deceptions developed by bad guys to click a link or open a file that will infect your computer. Uruguayan based in Miami, Rivero is 37 years old and has two children that he names its "daily fuel in life".

Today he is an independent security analyst as well as Microsoft MVP Consumer Security. Marcelo was guided by devotion to others when he created InfoSpyware (2004), and ForoSpyware some time later, the largest forums in Spanish with information, tools and personalized and free assistance about malicious code. 

How do you do to manage a virtual community with almost one million users?
It is easy, if you are lucky enough to have a team of high quality people as the people at InfoSpyware staff, which has trained more than 100 people, currently 40 from around the world.

How did you get into this?
Computer viruses from 90's were part of my thesis study, I liked to see its forensic performance. In 2004, with the arrival of the new fauna of adware and spyware, that antivirus could not even detect, it engaged me again and that's how and were born.

And what is your motivation to keep on?
To see what new trick or ruse are 'bad guys' going to attack tomorrow, to get new victims falling by avoiding protection systems, in this game of cat and mouse :)

Have you ever been a victim of social engineering?
Not yet, but maybe someday I regret not to accept friend requests from Russian models wanting to know me, or to get free tickets to the Champions League final, or to cut off the call from the kind bank gentleman who need my access data, or to not update Java or Flash to see a super funny video shared by friends on social networks, or not to run a course in a PDF provided by postal serviece that I actually never requested and may be an important letter... cuak! :(

Did you get a virus anytime?
Yeah... flu virus, LOL. In my student days, I was often infecting my devices deliberately to know more about malware behavior.

How could you infect me? 0:)
Did you already open the Word document with my answers to this interview? Because, let me tell you that according to Microsoft, the old Macro-Virus are back and are spreading massively using social engineering.

What worries you about cyber security?
Stuxnet-style malware, created to sabotage nuclear plants and damage Industrial systems, where the risk is mainly human.

And what do you like?
To keeo on promoting education and citizen awareness, in initiatives such as X1RedMasSegura event, as soon as understanding cyber threats is an important step to combat them.

What do you think about nowadays turning point in Microsoft?
It is great that they go on reinventing themselves, learning from their past mistakes and pulling off that old burden of being the "evil".

Does any sentence, not from your passwords, guide your footsteps?
"Social engineering is the hardest 0-Day"

Autora: Mercè Molist


Post a Comment