Tuesday, December 8, 2015

Cyber-steroids and digital hormones

And what if it's all a matter of steroids? It may seem not, but we refer to information security. New malware come with too much hormones, as if going to a hard session at an elite fitness gym, able of anything (and never good). And on the other hand, who are devoted to protect should also swallow lots of hormones to prevent, to research or to regulate. The difference between them is that breaking and destroying was always easier than fixing and rebuilding. Since the world began.

Today we face a new strain of malware designed to steal payment card data. It is nothing new under the sun, right? Well, now you must add that this malware, called Nemesis, is not only difficult to detect but also to remove. On top of that it comes packed with some skills. Among them, it is able to implement bootkit functionality, that kind of bootkit that gets installed in the warmth of your BIOS, so if someone thinks on reinstalling OS as the "magic formula"... well, it doesn't work like that. You can read the whole story on Pierluigi Paganini's blog, who echoes the finding from experts at FireEye.

On the other hand, as we said, we have those who deal with the new threats, whose missions include avoiding user experience collapse due to endless layers of security. Kilos of hormones of security. It is the case, for example, for Google: exporting Chrome "safe browsing" to Android OS gived more than a headache because of mobile Internet specific use. But it seems that they have found in some way the master key. From version 46 on, the browser made in Mountain View has enabled these functions that will tell us if we are arriving somewhere with digital balaclava boys waiting for us.

Collaborator of this Research Center, Pablo Fernandez Iglesias, also writes in his blog about a matter that requires muscled neurons. It is a "pro vs against" of VPN services. Yes, its use is increasingly wider, and they allow use and access to digital environments that may be blocked by governments or service providers; but... who is on the other side? Hello? Am I having a man-in-the-middle *in the making", and I'm hugging it totally unconscious?

And with all that we know around here, and with the tons of hormons feeding the laws, it seems incredible that we are witnessing today, in late 2015, the first serious cybersecurity rules from the European Union in critic sectors of the economy. But it is like this. "Today we achieved a milestone," said European Parliament rapporteur. Well, as the saying goes: better late than never.

In any case, although we are tempted by cyber hormones to deal with the threats, the best option will always be to be trained: read, get informed, decide, share what you have learned and try to guarantee online experience where you manage risks.


Post a Comment