Beta
×

Welcome to the Slashdot Beta site -- learn more here. Use the link in the footer or click here to return to the Classic version of Slashdot.

Thank you!

Before you choose to head back to the Classic look of the site, we'd appreciate it if you share your thoughts on the Beta; your feedback is what drives our ongoing development.

Beta is different and we value you taking the time to try it out. Please take a look at the changes we've made in Beta and  learn more about it. Thanks for reading, and for making the site better!

Security Threat Changing, Says Symantec CEO

Zonk posted more than 7 years ago | from the moving-target dept.

78

narramissic writes "At the Symantec Vision event in Tokyo Thursday, chairman and CEO John Thompson spoke about a shift his company has observed in the threat posed to computer users and companies by hackers. 'While a few years ago many people were much more focused on attacking the machine and attacking the broad-based activities that were going on online, now all of a sudden we've noticed a significant shift in both the type of attack and the motivation of the attack,' he said. 'The attacks that we see today are more targeted and more silent and their objective is to create true financial harm as opposed to visibility for the attackers.'"

cancel ×

78 comments

Sorry! There are no comments related to the filter you selected.

This is nothing (0)

Anonymous Coward | more than 7 years ago | (#16709001)

I've read this ... like 5000 times

Jack Thompson (1)

entrylevel (559061) | more than 7 years ago | (#16709007)

Anyone else accidentally read that as "CEO Jack Thompson" the first couple times?

Re:Jack Thompson (0)

Anonymous Coward | more than 7 years ago | (#16709131)

Anyone else accidentally read that as "CEO Jack Thompson" the first couple times?

Isn't Jack a nickname for John? And according to Wikipedia [wikipedia.org] , Jack Thompson's real name is John Bruce Thompson.

Re:Jack Thompson (1)

creimer (824291) | more than 7 years ago | (#16709411)

No. I read it as "CEO Ewe Boll" and it all made sense.

Re:Jack Thompson (1)

Keaster (796594) | more than 7 years ago | (#16710967)

Yep, even worse I had just written somthing for my ethics class about him ... funny.

first post finally (-1, Offtopic)

themadplasterer (931983) | more than 7 years ago | (#16709019)

finally..., first post!

Re:first post finally (1)

tritonman (998572) | more than 7 years ago | (#16709077)

foiled!

Anyway, I think the hackers have grown up, they no longer need a name for themselves, that's what myspace is for. Now they can focus on world domination.

Re:first post finally (-1, Offtopic)

arivanov (12034) | more than 7 years ago | (#16709165)

Moderators - do not mod this FP down please. It is insightful. At least as insightfull as the revelation by the Symantec CEO. This has been going on for 2+ years now. It is entertaining to see him noticing it now. It is in fact same as the parent post. A looser screaming "First Post", but posting at least 5-10 posts behind the FP proper.

Re:first post finally (0, Offtopic)

themadplasterer (931983) | more than 7 years ago | (#16709713)

and how can you now there were posts before i hit "reply" because there weren't

Script Kiddies Growning Up (2, Insightful)

El Torico (732160) | more than 7 years ago | (#16709075)

I guess now they want money instead of just bragging rights.

Re:Script Kiddies Growning Up (1)

kfg (145172) | more than 7 years ago | (#16709237)

So give Symantec all of your money to protect your money or all of your money will be gone.

KFG

Re:Script Kiddies Growning Up (1)

Jester998 (156179) | more than 7 years ago | (#16709545)

y0! my m0M, taht wh0r3, shez l1k3, m4k1ng M3 p4Y r3N7 'n 5h17 n0wz. 1t'z l1k3 sH3 h4z sumpt1ng ag41n5t m3 ch1ll1n' iN h3R b4s3men7>>..

0h w3llllz, Il'l ju57 us3 |\/|y b0t5 7o m4k3 mr0e m0nnnn3333yyyyy and t0 sh0w th4t b1tch.

(Do I really need the humour tags around this post?)

Re:Script Kiddies Growning Up (0)

Anonymous Coward | more than 7 years ago | (#16709755)

Oh! That's what you were going for! Probably yes, then.

Re:Script Kiddies Growning Up (1)

chucklinart (1019932) | more than 7 years ago | (#16712881)

Materialism comes with maturity, unfortunately, and kids nowadays are cynical (realistic?) enough to realize that they're not going to become the next Gates or Jobs, so maybe they're thinking that cracking is a more viable career path. Sad, but I do understand how they feel -- it's a tough job market.

Re:Script Kiddies Growning Up (1)

cold fjord (826450) | more than 7 years ago | (#16714197)


It isn't just script kiddies. Organized crime has been making moves into computer crime for some time. There are others too.

Transnational Crime Syndicates [technewsworld.com]
Organized Crime Invades Cyberspace [computerworld.com]
Cyber Threat Source Descriptions [us-cert.gov]

Heh (2, Funny)

daeg (828071) | more than 7 years ago | (#16709119)

CEO: Quick! Vista is too secure and our products are too badly written to rewrite them for Vista. We need a new business model!
Marketing Department: There's this... threat, yeah, threat... to like, businesses. They have a lot of money... maybe we can sham them for a few more years?
CEO: Brilliant!

Re:Heh (1)

Apocalypse111 (597674) | more than 7 years ago | (#16709317)

A Microsoft product too secure? I think that line would be better written as:

CEO: Quick! Our products are too badly written to rewrite them for Vista, and Microsoft is locking us out of the kernel anyways! We need a new business model!

Re:Heh (1)

RingDev (879105) | more than 7 years ago | (#16709337)

Couldn't have said it better myself. Not to understate the threat of security breaches in corporations, but most of those weeknesses are not corrected by crappy software like Symantic's Stuite.

-Rick

Re:Heh (1)

Crasty (1019258) | more than 7 years ago | (#16709365)

So I says to the insurance salesman, I says, how much coverage do YOU think I should buy? It's always best to get the answers from the experts. Always.

Re:Heh (1)

miffo.swe (547642) | more than 7 years ago | (#16710565)

Vista secure? Thats something time will tell but i have really strong doubts about that considering vital parts of the OS like tcp/ip are rewritten and needs a couple of servicepacks of bug fixes. Magic eight ball tells you to expect a truckload of security issues in the new untested code.

Re:Heh (1)

msobkow (48369) | more than 7 years ago | (#16712165)

Targetted attacks to acquire indirect access to systems (take over your VPN in to the office), customer information, technology under development, or even some freak stalking some cutie on the second floor are all very real threats.

The technology is easy. The attacks are only as difficult as accessing the resources to deploy the attack -- and most major corporations and government agencies have such resources. If a cracker seizes control over those resources, even temporarily, they can do a lot more than blast an unwanted popup from your browser.

You insensitiv3 Clod! (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#16709175)

Influence, the OUTER SPACE THE a full-time GNNA PROBLEMS THAT I'VE Usenet posts. The choosing sadness And it was

Useless (0)

Anonymous Coward | more than 7 years ago | (#16709185)

A. CEOs know nothing
B. Corporations are useless
C. Symantec couldn't find a virus if it was handed to them on a floppy disk
D. We pay them 10s of thousands of dollars a year, and their support is worthless. You can't get them to contact you when needing them due to an infection taking down your network, yet they bug the crap out of you to complete the "support survey" sent after the call where they didn't help.

We had a zero day attack. We used free sources and in-house scripts and such to resolve. From the first minute we asked Symantec for help, and they were worthless. They told us virus defs had been out for years to find the virus, but this wasn't true. Their wonderful "deepsite" response that came back after we sent them the actual infection stated, and I quote, "uses some specific vulnerabilities." ... which ones?!?!?

In the end, we actually paid them more money for nothing and fixed it ourselves using free information and tools available online as well as in-house work. Good team we got here. Bad team at Symantec.

'Nuf said

Duh,,, (1)

xENoLocO (773565) | more than 7 years ago | (#16709191)

How much does this guy make a year? I can give him a few more tips if they'll pay me, too.

Re:Duh,,, (1)

Bacon Bits (926911) | more than 7 years ago | (#16713303)

I bet the story will be covered by Ric Romero.

"People want money, and some are willing to use their programming skills with computers to steal your hard-earned cash! This story and more at eleven."

Did anybody else not realize in 2002 that malware was just a way to make worms and trojan financially profitable?

Broad-based activities going on online? (1)

siegesama (450116) | more than 7 years ago | (#16709219)

What the heck does that even mean? As best I can tell from context in TFA, it's a typographical error, and they meant "board-based," which makes sense when paired with the idea of simple defacement. But I could also see it being corporate-speak for "a broad range of attacks" or something.

"Broad-based" sounds like a pornographic term, as opposed to "dude-based" I suppose. Which also makes some sense, since pornographic sites seemed like high-profile targets for defacement.

Re:Broad-based activities going on online? (1)

chucklinart (1019932) | more than 7 years ago | (#16712915)

I think what they mean is that there are many threats generally targeted at creating mischief and not really at causing real harm, but I've been known to misinterpret corporatese from time to time.

You insensitive clod!#! (-1, Flamebait)

Anonymous Coward | more than 7 years ago | (#16709287)

as WideOpen, Taken 0ver by BSDI rapid, than a fraction

wtf: lameness filter won't allow "wth" (1)

Seismologist (617169) | more than 7 years ago | (#16709293)

Ok so I've read the news clip and I'm not to sure what is being said. How is what is being described anything new, much less a "major shift."

Jack Thompson?!? (0)

Anonymous Coward | more than 7 years ago | (#16709369)

That motherfucker sold me some really BAD crack. oh wait, John Thompson. You're still gonna die at the hands of Wolf Bearclaw FAG!!!

- Wolf Bearclaw

Good idea (2, Interesting)

kaoshin (110328) | more than 7 years ago | (#16709375)

"businesses will have to spend more time and energy on making sure that data is not just secure but also recording which users are accessing and manipulating information stored in corporate databases" which are housed overseas and manned by guys who would kind of like to behead your infidel children.

Re:Good idea (1)

uglydog (944971) | more than 7 years ago | (#16709979)

by kaoshin (110328) on Friday November 03, @04:48PM (#16709375) "businesses will have to spend more time and energy on making sure that data is not just secure but also recording which users are accessing and manipulating information stored in corporate databases" which are housed overseas and manned by guys who would kind of like to behead your infidel children.
Alright, that does it. Jihad on kaoshin! :-P

Re:Good idea (1)

Mulielo (982836) | more than 7 years ago | (#16711443)

"businesses will have to spend more time and energy on making sure that data is not just secure but also recording which users are accessing and manipulating information stored in corporate databases"
SOX 404 Makes all that necessary anyway, my company (big in insurance) has until mid-2007 to get every system locked down like that, and all the ones that keep track of financial data are already done, and we get audited monthly... Sorry Symantec, you're a little late...

About time... (2, Insightful)

dmccarty (152630) | more than 7 years ago | (#16709383)

Good. Now maybe people will take these threats seriously. When I started using computers (in the 80's) viruses were a serious threat. People talked about viruses with fear in their voice. These days they're just a nuisance.

Oooh, that virus sends itself to all your buddies in your address book. How TERRIBLE! Wow, a virus pops up windows on your screen even though you didn't ask for it. How NAUGHTY!

When I started using PC's, viruses would wipe out your entire drive. They would delete critical files. They would overwrite your boot sector. They would wipout your FAT table. Now THOSE were some viruses!

Once viruses get back to the level of actual harm, maybe people will stop clicking around willy nilly and will start to invest--on both the corporate and consumer sides--in some real security.

Re:About time... (0)

Anonymous Coward | more than 7 years ago | (#16709591)

You yunginn's had it easy. In my day, viruses made our vacuum tubes explode. Plus we had to walk 5 miles in 3 feet of snow to the computer to fix it. Uphill! Both ways!

Re:About time... (1)

monoqlith (610041) | more than 7 years ago | (#16709745)

Plus we had to walk 5 miles in 3 feet of snow to the computer to fix it. Uphill! Both way....

with vacuum tube shards in your eye.

Re:About time... (1)

Eberlin (570874) | more than 7 years ago | (#16709649)

Different focus. I always try to explain the concept to people as the difference between e.coli and the common cold. If your purpose is harming a few hosts, then you go e.coli. If you want to spread to as many hosts as possible, you stay relatively harmless so the host has a chance to pass it along.

The Internet has helped viruses/worms along as well, since they can now travel through time zones in a matter of seconds. In the old days, they generally had to be transmitted through floppies. Rates of infection are counted in days, if that.

Viruses SHOULD be considered as threats. Unfortunately, as PC popularity increases and Internet connectivity rises, more people tend to take their machine's security for granted. Back then, there weren't a lot of Joe Sixpacks to worry about. Now, every other Joe Sixpack with a machine goes click-happy, damn the consequences.

Re:About time... (0)

Anonymous Coward | more than 7 years ago | (#16710185)

Greetings,

      Wrong on so many levels.

      I started using computers back in the 70's, so yes, I remember the era of the the brain virus, MTD, Stoned, etc. They were some pretty bad virii, but guess what??? Nobody really cared. Those virii didn't change the way people used computers, nor did the threats of computer espionage, nor did the BIOS' virii of the 90's, nor the slammer / Nimda's of the 00's. Security experts ran around like chickens with screaming about the end of the world, and the average user shrugged and went back to using the infected floppy disks, using ICQ, and looking at executable "pictures" of Britney Spears.

      And if you think that people today would complain about the price, think again. Back then computers were $5K - $8K each, today they are what? $500 - $800?. Back then it took days or even weeks, and a new pair of sneakers if you had two computers, to get a computer back up after a serious crash, today it takes what? 6 hours... Woopeee.

      In the words of Agent K from Men In Black 'Individuals are smart, but people are stupid'

Re:About time... (1)

Keaster (796594) | more than 7 years ago | (#16711085)

I agree, I think its funny that a lot of people are snarky and so tounge in cheek reguarding the subject. They have probably never had to recover from a real threat.

Re:About time... (1)

Hamoohead (994058) | more than 7 years ago | (#16716489)

You forgot "Infect your soul, curve your spine, and keep your country from winning the war."

Re:About time... (1)

CrossChris (806549) | more than 7 years ago | (#16717615)

"Once viruses get back to the level of actual harm, maybe people will stop clicking around willy nilly and will start to invest--on both the corporate and consumer sides--in some real security."

1. There is NO REAL security available in any form of Windows. Users will have to change from Gatesware to something that works properly.

2. The latest Windoze viruses allow a few reboots (to ensure they've spread themselves) before largely refomatting the hard drive that Windoze is on. It's pretty brutal, but is a great persuasion for Windows mugs to move to something that works!

Boy he's right about that! (2, Funny)

Illserve (56215) | more than 7 years ago | (#16709393)

The new security threat is from Symantec products!

It's preloaded on new computers and there's nothing you can do to prevent it. Once you get the computer, it begs you to install it, if you do, god help you. If you change your mind about using norton, well... you've got a long night ahead of you, crack open a bottle of wine and fire up regedit.

And if you don't uninstall it, and let it lapse, it'll be peppering you with "renew norton!" for the next thousand years. Ditto with McAffee.

These cures are worse than the disease. At least a zombied computer isn't spitting up "Renew NOW" dialog boxes.

Re:Boy he's right about that! (1)

Shados (741919) | more than 7 years ago | (#16709515)

Yup. Yanno, its a shame that Microsoft had to change it to stop people from bitching: Ironically, preventing NAV from running on Windows was probably the most customer-oriented move they ever did, even though it was mostly a side effect >.>

Re:Boy he's right about that! (1)

Stephen Tennant (936097) | more than 7 years ago | (#16710577)

No, but a zombied computer might offer you a bigger boner.

Re:Boy he's right about that! (1)

taustin (171655) | more than 7 years ago | (#16710753)

In all seriousness, the Windows install CD is your friend. Repartition the drive, and start from scratch. Fuck Macafee and their malware Security Center that can't be uninstalled without booting in to safe mode.

Re:Boy he's right about that! (1)

Illserve (56215) | more than 7 years ago | (#16711093)

It doesn't come with an install CD. You make one after you get the machine running by doing a "backup". I'm sure the backup would carry the Norton Malware with it.

These people are crooks.

Re:Boy he's right about that! (1)

taustin (171655) | more than 7 years ago | (#16711159)

I don't buy computers without a Windows install disk. With cheapass computers, you may well have to pay a few bucks extra for it (Dell charges $10), but the computer is useless without it.

Re:Boy he's right about that! (0)

Anonymous Coward | more than 7 years ago | (#16712991)

When yet another friend buys new computer loaded with the crap up to the ears, so half of tray is occupied with all the "value-added" scam, I don't see ethical problem to use an installation cd (without activation) downloaded by p2p program.

Re:Boy he's right about that! (1)

Virgil Tibbs (999791) | more than 7 years ago | (#16714317)

get nod32

thats real AV like symantec used to be:

functional with a minimal frontend www.eset.com

Somehow I ended up reading it as follows (0)

Anonymous Coward | more than 7 years ago | (#16709445)

-----
Says Semantec CEO
objective is to create true financial harm as opposed to visibility
-----

And thought one CEO has the guts to spill their buisiness plan to general public.

not true (1)

eneville (745111) | more than 7 years ago | (#16709509)

The attacks that we see today are more targeted and more silent and their objective is to create true financial harm as opposed to visibility for the attackers.
this is not true. people still want to attack and 0wn boxes just for spam relays.

Looks like his way of scaring people (1)

nsundeepreddy (624059) | more than 7 years ago | (#16709627)

This looks like another attempt scare people. In effect he is saying that people are not going to notice any major security problems but they will still be ripped off. "So have AV products installed on your system". Yea right!!

I am not very sure he is raising this issue just to justify his AV product's position in the current turmoil due to the new M$ policy.

You insensPitive clod! (-1, Offtopic)

Anonymous Coward | more than 7 years ago | (#16709689)

believe their addresses will Formed his own memb3rs all over

As if Symantec is an authority (2, Interesting)

DietCoke (139072) | more than 7 years ago | (#16709859)

We've got an active threat going on within our corporate network, it's already been determined to be within an existing worm family, and we get this response from one of their techs:

"We do virus *detection*, not necessarily virus removal."

You're telling that crap to a Gold support customer, Symantec, and you expect those of us in the field to give a tin shit what your opinion is?

Word of advice: quit expressing opinions and start doing your goddamned job.

Oh, the threat is changing alright... (0)

Anonymous Coward | more than 7 years ago | (#16710017)

...but it's to Symantec's business model, not to consumers.

And this changing threat is called "phishing." We've seen phish attacks now for what? Three to four years or more? The fact that Symantec CEO John Thompson is mentioning this so many years after it became a problem is more an indication that the company's existing line of business is doomed.

With Microsoft OneCare coming out for home users and ForeFront (formerly Antigen) coming out for busineses, coupled with security improvements in Windows Vista and the forthcoming "Longhorn" server, Symantec's days of deriving revenue from gaping hole's in Microsoft Windows security are numbered.

CEO John Thompson is right that there's a new threat out there, and he had better find a way to hype it if he plans on staying in the CEO chair for much longer.

Regards,

Anonymous Coward

P.S. Posting as AC because I work for a competitor of theirs, although we're so small they probably run ad campaigns that are ten times the size of our yearly revenue.

targetted attacks are common (1)

NynexNinja (379583) | more than 7 years ago | (#16710175)

I don't think this is anything new... Targeted attacks for financial gain were going on since at least the 1980's, so whats new about this?

C'mon, we already saw 'Ghost In The Shell...' (1)

Penguinisto (415985) | more than 7 years ago | (#16710177)

...so why would anyone be surprised when the black-hat set starts busting into machinery for much the same reasons that the criminals in GITS did (albeit this time it doesn;t involve hacking another person's actual brain, but still...)

Now if only we could authorize a company of elite paramilitary types to give script kiddies and spammers the same treatment... (evil grin).

/P

virus clusters and rootkit catalogs (1)

VoidEngineer (633446) | more than 7 years ago | (#16710329)

Just last night, the hospitatal I work at got attacked by a virus cluster. In my 10 years of IT work, I've never seen anything like it. It focused on WindowsNT4.0 server, and when it hit, it had no less than 10 seperate trojans and viruses going on at the same time. We'd clean one server, and it would just get hit by another one. We figured out the address of the server that the infected machines were phoning home to, and the different virus types were all calling home to the same machine. It was like an infected machine would scan itself with a modified security analyzer, then phone home, and grab any viruses or trojans it could that would target the vulnerabilities identified by the security analyzer. Someone out there is operating a catalog of rootkits and trojans and viruses. Nastiest thing I've ever seen. When your company gets hit by one of these things, you'll know. The future of viruses involves malware security scanners and catalogs of viruses and trojans.

the truth threat facing computers users... (0)

Anonymous Coward | more than 7 years ago | (#16710365)

GIANT LUMBERING ROBOTS!

Why won't the CEO of Symantec tell it to us straight? Maybe it's because his company HAS NO SOLUTION to the lumbering robot problem?

The last virus I had (1)

Lewrker (749844) | more than 7 years ago | (#16710457)

was msblaster. All those antivirus companies do is convincing people that if they pay $200 all those shiny buttons and icons in their tray will make them invulnerable to all dangers. People believe antivirus companies and proceed to click on everything they see in the web, get infected and then there's a huge conference about "security threats" where all those $200 bills are spent. IMO prevention shouldn't mean installing tons of resource-eating software, but just teaching common sense. I am really starting to think that there should be some kind of exam before one is allowed to access the internet.

who moved John Thompson's cheese? (0)

Anonymous Coward | more than 7 years ago | (#16710487)

Symantec CEO John Thompson hasn't got a god damn clue what he's talking about, technically. It's all marketing tripe made up by product wonks trying to protect their little fiefdoms. The AV guys produce statistics about automated threats, the ESM dweebs jump up and down about internal automation and reporting, the Bindview guys ramble on about compliance reporting, and the ex-Veritas guys still think that storage+access=integrity(tm) or some such incomprehensible word-salad. It's all a bunch of hooey, and not even very creative at that.

So when he says that security threats are shifting from the tremendous noise of script kiddies to the eerie silence of targeted attacks by internet mafiosa, what it means is that Symantec sees more margins in enterprise products, content-aware IDS, and other tools to insinuate Symproducts deep into large orgs. The attack trends haven't changed that much, but John Thompson's cheese has been moved.

-(posting AC for guessable reasons)

Symantec CEO just put foot in mouth... (1)

ratboy666 (104074) | more than 7 years ago | (#16710525)

Symantec security is reactive, not proactive. Which means its quite useless against specific directed attacks.

After all, AV signature is only generated AFTER the V is seen in the wild.

What we are talking about here would be very directed V (and other attack vectors). There are solutions, but the only way the Symantec can offer them is by converting to a service (not product) model.

That's putting your foot in your mouth, CEO...

Unless, of course, Symantec comes up with a proactive product solution (as much as I would wish for this, I am not holding my breath).

Ratboy.

Re:Symantec CEO just put foot in mouth... (1)

SwashbucklingCowboy (727629) | more than 7 years ago | (#16735577)

Symantec security is reactive, not proactive. Which means its quite useless against specific directed attacks.

Not true.

If an admin knows that his company is being attacked he can make sure that all systems within the company get updated anti-virus definitions IMMEDIATELY instead of on a time interval.

There are solutions, but the only way the Symantec can offer them is by converting to a service (not product) model.

That's putting your foot in your mouth, CEO...

LOL!

Talk about putting your foot in your mouth, Symantec has a service called DeepSight [symantec.com] that can inform an admin when their domain is being attacked.

Re:Symantec CEO just put foot in mouth... (1)

ratboy666 (104074) | more than 7 years ago | (#16736183)


And there is the weakness: "If an admin knows", Deepsite "Enabling proactive protection through the rapid delivery of actionable Early Warning security information".

An interesting use of the word "proactive" in computer security. In my books, that is STILL reactive to threats. The reaction is to send out "early" warnings. Again, useless against a directed attack.

And what would such an attack look like? Comission a scan of a binary (say), fuzzing it. Not reporting the results, but using this as an attack vector against a SINGLE company, with the objective being specific (money, disruption, whatever).

And how does Symantec guard against this? The only solution is a truly proactive security policy (security is not a product, it is a process). The organization needs to have its methods surveyed, looking for potential problems -- if a breakin occurs, how much damage could it do? Assume that XYZ software is flawed, and assess the impact. Build an architecture that will withstand this attack.

AFAIK, Symantec does not offer this service (it would be expensive). Maybe they plan to; "Deepsite" isn't it.

The Internet is merely one of the threat vectors in an organization. Others, in the "directed" sense, are still more deadly. "Social Engineering", disaster response, etc. are still valid vectors.

For example, if I wanted data from your organization, what would happen if I staged a fire alarm, or fire? Would that unlock areas, or remove key people? During a fire, would people have the sense of mind to log out workstations, or could I sneak in and install keyloggers then?

Remember, the Symantec CEO was talking about specific directed attacks with purpose. The good news? Maybe the nuisance "psuedo-attacks" I suffer from may finally go away. They just waste bandwidth (unless that is the purpose).

YMMV
Ratboy

Re:Symantec CEO just put foot in mouth... (1)

SwashbucklingCowboy (727629) | more than 7 years ago | (#16738257)

In my books, that is STILL reactive to threats.

At the macro level it is, at the micro level it isn't (at least not always). Many machines can be protected from a threat before they're ever subjected to attack.

Re:Symantec CEO just put foot in mouth... (1)

ratboy666 (104074) | more than 7 years ago | (#16736369)

And why I want Symantec to go this route...

Many companies feel secure after installing Symantec, or subscribing. "It is now secure..."

In a way, Symantec is trying to provide "good enough" security, without providing security at all in a real sense.

An example (real, but the names have been changed to protect the not-so-innocent), A governemnt organization keeps donor records for transplants. The information is promised to be "completely confidential". And yet, I receive a letter that the information has been leaked. They are not sure if it is a specific leak, or a byproduct. Someone simply broke a window of a building at night, and took a computer. Physically. The reactive measures? (1) inform everyone who is on that list, or has a relative on the list that this has happened, (2) put bars on the windows, and take other measures to increase physical security.

I am sure that the agency emplyed Symantec (or equivalent, I don't know which AV solution), but it didn't really help with data loss, did it? If this WERE a directed attack on data assets (and it may have been -- security was so lax that it was impossible to even know); against "completely confidential" information... And this is the "low hanging fruit".

Which Symantec service helps with this?

YMMV
Ratboy.

Re:Symantec CEO just put foot in mouth... (1)

SwashbucklingCowboy (727629) | more than 7 years ago | (#16738213)

Which Symantec service helps with this?

Well, I'm not a Symantec salesperson, but apparently, such a feature [techtarget.com] is on the way.

And to be fair to the other vendors, companies such as McAfee are also addressing this issue [eweek.com] .

It's a serious threat!! (1)

Asrynachs (1000570) | more than 7 years ago | (#16710587)

'Our new anti-threat sotware protects you from this invisible mumbo jumbo. Ohhh don't you worry, we're still relevant because we still produce software. I mean think about it'

worst scored comments, ever. (0)

Anonymous Coward | more than 7 years ago | (#16710711)

and i've been an anonymous coward for years.

In other wods, you NEED to buy their service NOW (0)

Anonymous Coward | more than 7 years ago | (#16711431)

In other wods, you NEED to buy their service NOW or face financial ruin at the hands of some vodka-faced smelly Bulgarian smoking second-hand cigarette butts in a basement apartment with dripping water and sewer pipes who has a live-in girlfriend with the hairiest legs outside of italy and a nose that'll beat the wicked witch of the east.

Be Scared ... (1)

McGiraf (196030) | more than 7 years ago | (#16711501)

... be very scared

John Thompson's speech sometime in the future... (1)

chicago_scott (458445) | more than 7 years ago | (#16711899)

"At the Symantec Vision event in Bangalore Thursday, chairman and CEO John Thompson spoke about a shift his company has observed in the threat posed to computer users and companies by hackers. 'While a few years ago many people were much more focused gaining visibility, now all of a sudden we've noticed a significant shift in both the type of attack and the motivation of the attack,' he said. 'The attacks that we see today are more targeted and more silent and their objective is to create true bodily harm to the user as opposed to true financial harm.'"

FUD. (btw, I like the new beta tagging system)

Re:John Thompson's speech sometime in the future.. (1)

mofomojo (810520) | more than 7 years ago | (#16711981)

It's when they use blanket statements like "hacker" that cause the most harm. If you're intelligent enough and actively participate in the "hacker" community then you'd know how much of a perjorative that using words like this is.

They should say "Network Hackers" or "Criminal Network Hackers", just to clarify it. More than likely though, the people who are doing this stuff are just script-kiddies and the real hackers are causing very few people harm.

One the threats is Symantec.... (0)

Anonymous Coward | more than 7 years ago | (#16711945)

Hypocrites.. One major reason for disaster is Symantec themselves by supplying the user with a make-belief security solution while they are in fact only out for their money. I have seen this happen just too many times to be seriously appalled by Symantec..

An old neighbor of mine (computer illeterite) buys a PC which has everything installed 'out of the box' including anti-virus, and firewall and stuff. Everybody happy. Sure... For 6 months, because then the virus scanner and the firewall stop working because it was only a trial version. My neighbor sees a few warnings about "no firewall" but since everything keeps on working ("I paid for a working PC to go on the Internet didn't I?") and he simply paid for Internet access which is what he got nothing seems to be wrong.

We know better, yes. He doesn't. I think it is an OUTRAGE that assholes like Symantec provide trial versions to users who only want to use their computer and firmly believe that the software they got with their computer is software they paid for and as such see no harm if things stop working. So please don't give me this hypocrist crap. If there is one problem for comprimised Windows PC's on the Internet its Symantec themselves because they desperarly try to make more money.

Took him 'til now to realize? (1)

Opportunist (166417) | more than 7 years ago | (#16714849)

The change was already blatantly visible a year ago. You can separate the malware of today in 2 groups:

Malware that is used to spread more malware (i.e. mail worms etc)

Malware that the first malware spreads that siphons money from you.

Now that we crack down on their servers (because you have to gather the info somewhere), and with the increasing speed we can do this (currently we're at about a week between detection and shutdown, and we're getting faster), I can see the advent of a third group: Malware that turns your computer into a data mining server.

But so far, that's still in the future. I'd wager about half a year 'til we see that group of malware emerge in force. So expect a report about it from Symantec in 2008.

Symantec, and other Dinosaurs that are slow moving (1)

SkiifGeek (702936) | more than 7 years ago | (#16731815)

I think it is more the case that Symantec and the other well-established Information Security vendors are like dinosaurs stuck in hot tar. The environment around them is rapidly changing, and the smarter of them are now starting to recognise that their existing income streams are becoming less relevant - as Microsoft makes security improvements to their OS, and the attackers continually test against the security products to improve their ability to avoid detection. Now that they are identifying it, it is still going to take some time for them to adjust to the new environment and results are going to be mixed (when was the last major discovery by Microsoft's much-acclaimed honey-monkeys?).

The third group of malware that you predict is out there and steadily gaining strength. Malware such as Haxdoor is used to extract as much juicy information as possible, before becoming a second stage malware (the money siphon). With the presence of significant botnets, easily written spiders / robots, it becomes a matter of how you define 'malware'. For example, some security vendors are classifying the distributed SETI client as malware, because clients are too lazy to block it via policy or other enforcement methods.

Of course, there are InfoSec companies [beskerming.com] out there that have been focussed on the changing environment from the very start.

Hmmm (1)

DigitalSorceress (156609) | more than 7 years ago | (#16717561)

Does anyone else have a problem with the statement about the goal being financial harm. I'd say that is a result... the GOAL is to steal money.

this is ~obvious~, but what it boils down to is a change in the economic realities. In the past, virus writers and other miscreants did what they did for social reasons: a sense of power, peer recognition, proof of concept, etc... Today, spammers, identity thieves, scammers, and so-on are paying cold hard cash for access to bot nets and/or comprised systems or the information which they contain. Economic forces have effectively converted one-time bullies and vandals into a new form of organized crime. Types of crimes which are evolving much faster than traditional law enforcement and lawmakers can keep up with. Sure... stealing money by any means is still stealing, but the knowledge required to catch and prosecute these kinds of criminals is not exactly common.
Check for New Comments
Slashdot Login

Need an Account?

Forgot your password?