Confidence 2010: Security Sucks
By Eddie Schwartz (@eddieschwartz and LinkedIn)
Security today is sold by three may motivations. FUD: Fear, Uncertainty and Doubt.
Security sucks because there are certain factors that you cannot do anything about. E.g. if you get a mail from your kids school that 10 children have fallen ill to a new disease, would you open it?
Eddie further highlighted that there is a significant imbalance between the defense and offence. Offence runs broad organizations that make money from there activities (Cybercrime) whereas defense is costing organizations money just to make sure nothing happens (IT Security)
There is quite a different perception if compliance aids security between security officers and information officers.
Eddie demonstrated how drilling down in a traffic stream with NetWitness exposed that what at first sight look like a simple spam bot problem is in fact a major data leak.
Custom malware has a very low virus detection rate, especially during the first days of release and it has quite some capabilities has he demonstrated from some life captured malware.
It disabled AV updates, if you where running updates directly from the vendor. The the malware was able to steal data and upload it to dedicated ftp site. A site where, if you would have captured the credentials, you could have logged in and seen other suckers’ data as well.