In this week’s installment of VPN Creative’s newest interview series, we sat down with the Chief Intelligence and Collections Office of Lookingglass Cyber Solutions Jason Lewis to discuss everything from the threat of older worms like Conficker on modern systems, as well as what the future of the cloud looks like as thieves come up with increasingly creative ways to infiltrate larger systems on the backend which could potentially put millions of users at risk with the swipe of a single keystroke.
In one of your recent blogs, you caught a fair amount of flack for claiming that the Conficker worm wasn’t “dead”. Why do you believe so many people took issue with the statement, and how would you like to respond to their allegations that the CHS breach is the last we’re going to see of this nearly half-decade old bug?
Back in 2009, Microsoft formed a working group to assess the threat of Conficker, and put a lot of effort into mitigating the problem at its source. In 2011, they declared the threat was over. They were able to take down the command and control servers and since then no one had a way to get a botnet properly set up. However, there is still a possibility to be infected in other ways simply by correlation.
As more companies and consumers move themselves and their data into the cloud than ever before, what do you think each can do on an individual basis to better prepare themselves for the threats that are lying in wait just on the other side of a server farm’s concrete walls?
This is a tough one. The most recent Apple iCloud vulnerability one is that sticks out the most. [Users can protect themselves] by using two factor authentication, and with that, linking to your phone is usually the best bet. Unfortunately the problem we’ve seen with the iCloud breach is that just about anyone can brute force it if they want access to the passwords contained within.
Conficker aside, what do you think is going to present the greatest threat to the safety of user’s data in the next few months?
Going back to iCloud, it shows that even the biggest companies can still overlook some things. They can’t protect every part of their networks 100 percent. Probably the most common one I’ve heard about lately is the hole in SSL. If they had kept patching, they might have been able to minimize their exposure.
In another of our interviews last week with CEO of Tenable Security Ron Gula, we alluded to the fact that dozens of blogs, press releases, and articles have been written in the past year about the “death of consumer-level anti-virus products”. Do you see this as an accurate assessment of the current landscape, and if not, why?
If it’s going to die, it’s going to be a slow death. With their system, you need to know about a threat before you detect it, because it’s almost entirely signature-based. You find an attack, write a signature for it, go from there. They’ll need to write more complicated algorithms which can predict threats, rather than react to them after they’ve already become a problem. Anti-virus won’t be going away overnight, but it will evolve into something new if it plans to stay relevant in the coming decade.
That in mind, what tactics would you recommend these companies adopt to keep themselves and their technologies relevant in the constantly shifting landscape that is Internet security?
This is one of those highly debated topics. I’m a big fan of defense in depth, having different layers of security available at any given time. A situation where I can run IDS/IPS detection, and use different technologies in concert with one another.
As we all know by now, the talk of the town for the Internet security community over 2014 has been the revelations released to the public by one Edward Snowden about the egregious overstepping of privacy bounds by the US-based NSA, and UK-based GCHQ. What do you think the leaks mean for the landscape of encryption and personal security, and what recommendations would you give the average consumer on how they can better protect themselves from nation-state surveillance?
We’re already seeing big companies like Google and Yahoo encrypting traffic and the link between their services. For the average person, it’s hard to understand all the different things that could occur. If you’re accessing a website that has your personal information on it, avoid public Wi-Fi, and make sure everything you do is encrypted. Other things are more common sense approaches, like don’t open attachments if you aren’t explicitly expecting one, even if it’s from your mom.
And of course, to wrap up, it wouldn’t be an interview about the security of the Internet and people’s personal files without mentioning the news of this past weekend. What do you make of the latest leaks from Jennifer Lawrence and Kate Upton? Theories about the source of the photos have ranged from iCloud vulnerabilities to someone hacking the Wi-Fi at this year’s Emmy awards. What do you think high-profile stars such as these can do to better protect themselves from this type of problem, and do you think the security of our data centers is really to blame?
Without all the info, this is purely speculation, but it sounds like the iCloud API may have been the source of the vulnerability, which allowed to password checkers run “unchecked”. Hopefully this event will improve security for everyone, because now Apple is looking into the issue and will secure things for the public at large. Companies will be more diligent, and Apple, Dropbox, and most cloud providers will be on the offensive which should bleed into the consumer market as much as it does that for high-profile celebrities.
To find out more about Lookingglass Cyber Solutions and all the services they provide, don’t hesitate to head over to their website today.