Over time, the computers inside air conditioners, refrigerators, televisions and automobiles will increasingly connect to cyberspace. This phenomenon also will open them up to the same attacks now threatening PCs, servers and databases.
Are we as an industry prepared for such an assault? No. But Trend Micro executives last week said in time, we will be better equipped to take on such attacks.
"You're seeing computer networks built into everything," said David Michael Perry, global director of education for the Tokyo-based antivirus firm. "Look at cars. Door locks are increasingly controlled by computer networks. If you lock the keys in the car, OnStar can unlock it for you." Perry also noted how he can use the Internet to turn down the air conditioner in his house and how TiVo "is nothing but a networked computer."
These technological advances will also make it possible for online outlaws to steal cars via the Internet or hijack the computer in the refrigerator. In the big picture, Perry said, the steady integration of computerized devices will give the bad guys limitless opportunities to burglarize users. The shift from viruses and worms to spyware and bots shows they are already adjusting their tactics to exploit increasingly integrated systems.
"There were no viruses in our last Top 10 malware list," Perry said. "At last check rootkits were the top threat. Our Top 10 lists are now dominated by botnets."
Of these newer threats, enterprises are especially spooked by spyware, said Lane Bess, Trend Micro's North American president. That's one of the reasons Trend Micro bought Braintree, Mass.-based antispyware firm InterMute Inc. this year, he said.
As attackers perfect ways to target integrated networks and maximize their financial gain, Bess said enterprises and IT security professionals must also work to improve their defenses. At this point, he and Perry agree there's room for improvement.
Changing corporate culture
"When we sell to enterprises, we see a fiefdom issue where there are IT people over there, security people over here," Bess said. "Enterprises are demanding integrated security, but as part of that you have to get the different fiefdoms working together."
He does see some evidence of that happening. Once upon a time, he said, companies would have one group managing the desktops, another group to manage the firewalls. That's still the case in some organizations. But he sees a trend where more IT security teams are made up of people who can tackle any threat to any device. Perry is seeing it, too. "The best chief information security officers have security teams where everyone on the team knows everything," Perry said.
But even the smartest IT security staff is no match for user ignorance. "User education is paramount," Perry said. "They need to learn to look at the Internet as a city. You can move into the wrong neighborhood and it can ruin your life. You need to learn where to park or walk and where not to park or walk."
The enterprise culture of secrecy must also change, he said. Bots and schemes like phishing and pharming have led to a crime wave where the victims -- corporations -- don't want to report it to the authorities.
"Nobody wants to press charges because they don't want to admit they were attacked," Perry said. "The question now is: When does the crime become egregious enough that the need to stop it outweighs the need to cover up the embarrassment of being hit?"
Improve rules of law and software writing
Even when a company is willing to report being attacked, Perry said law enforcement's ability to respond isn't yet where it needs to be. Last summer's Zotob attack is the best example of that, he said.
"The Zotob aftermath showed we need a better extradition policy," Perry said. "Investigators found those who were responsible. But because the extradition procedures for something like this aren't there, they had to circle in the air above the countries where the suspects were until a solution was eventually reached."
Two men were eventually arrested for their role in the attack -- one from Turkey and the other from Morocco. Instead of being sent to the United States, the defendants are expected to be prosecuted in their home countries.
While cultural and legal challenges remain, Perry said there's also room for improvement in the software- and hardware-making process. "Hardware and software must be more secure in general," he said. "Security software must be better."
Perry sees a future in which the Internet itself is remade for security's sake. "There will be a new Internet with a new TCP/IP," Perry said. "All of it will have to be rewritten with security in mind."
New products reflect philosophy
For now, Bess said Trend Micro is doing its part to produce better security technology with the release of new products this week. The offerings include:
- A "Worry-Free Security" initiative to help smaller businesses with little or no IT support. The first phase of the initiative includes the latest versions of Trend Micro's antivirus and antivirus/antispam tools with added personal firewall protection. Client Server Security for SMB 3.0 offers a new automated approach to threat monitoring, response and defence. Client Server Messaging Security for SMB 3.0 adds protection against spam, phishing, and malicious e-mail.
- Trend Micro Anti-Spyware Enterprise Edition, the latest antispyware product to incorporate technology the company acquired with the purchase of InterMute. It's a standalone tool for desktops at mid-sized organizations and larger companies.
Bess said the Worry-Free Security initiative fills the need enterprises have for more integrated, automated tools while the latest antispyware product reflects the fact that companies still want standalone tools to incorporate into larger, home-grown defenses.