Forgot your password?
typodupeerror

Security Threat Changing, Says Symantec CEO 78

Posted by Zonk
from the moving-target dept.
narramissic writes "At the Symantec Vision event in Tokyo Thursday, chairman and CEO John Thompson spoke about a shift his company has observed in the threat posed to computer users and companies by hackers. 'While a few years ago many people were much more focused on attacking the machine and attacking the broad-based activities that were going on online, now all of a sudden we've noticed a significant shift in both the type of attack and the motivation of the attack,' he said. 'The attacks that we see today are more targeted and more silent and their objective is to create true financial harm as opposed to visibility for the attackers.'"
This discussion has been archived. No new comments can be posted.

Security Threat Changing, Says Symantec CEO

Comments Filter:
  • Anyone else accidentally read that as "CEO Jack Thompson" the first couple times?
  • by El Torico (732160) on Friday November 03, 2006 @05:27PM (#16709075)
    I guess now they want money instead of just bragging rights.
    • by kfg (145172)
      So give Symantec all of your money to protect your money or all of your money will be gone.

      KFG
    • by Jester998 (156179)
      y0! my m0M, taht wh0r3, shez l1k3, m4k1ng M3 p4Y r3N7 'n 5h17 n0wz. 1t'z l1k3 sH3 h4z sumpt1ng ag41n5t m3 ch1ll1n' iN h3R b4s3men7>>..

      0h w3llllz, Il'l ju57 us3 |\/|y b0t5 7o m4k3 mr0e m0nnnn3333yyyyy and t0 sh0w th4t b1tch.

      (Do I really need the humour tags around this post?)
    • Materialism comes with maturity, unfortunately, and kids nowadays are cynical (realistic?) enough to realize that they're not going to become the next Gates or Jobs, so maybe they're thinking that cracking is a more viable career path. Sad, but I do understand how they feel -- it's a tough job market.

    • It isn't just script kiddies. Organized crime has been making moves into computer crime for some time. There are others too.

      Transnational Crime Syndicates [technewsworld.com]
      Organized Crime Invades Cyberspace [computerworld.com]
      Cyber Threat Source Descriptions [us-cert.gov]
  • Heh (Score:3, Funny)

    by daeg (828071) on Friday November 03, 2006 @05:30PM (#16709119)
    CEO: Quick! Vista is too secure and our products are too badly written to rewrite them for Vista. We need a new business model!
    Marketing Department: There's this... threat, yeah, threat... to like, businesses. They have a lot of money... maybe we can sham them for a few more years?
    CEO: Brilliant!
    • A Microsoft product too secure? I think that line would be better written as:

      CEO: Quick! Our products are too badly written to rewrite them for Vista, and Microsoft is locking us out of the kernel anyways! We need a new business model!
    • by RingDev (879105)
      Couldn't have said it better myself. Not to understate the threat of security breaches in corporations, but most of those weeknesses are not corrected by crappy software like Symantic's Stuite.

      -Rick
    • by miffo.swe (547642)
      Vista secure? Thats something time will tell but i have really strong doubts about that considering vital parts of the OS like tcp/ip are rewritten and needs a couple of servicepacks of bug fixes. Magic eight ball tells you to expect a truckload of security issues in the new untested code.
    • by msobkow (48369)

      Targetted attacks to acquire indirect access to systems (take over your VPN in to the office), customer information, technology under development, or even some freak stalking some cutie on the second floor are all very real threats.

      The technology is easy. The attacks are only as difficult as accessing the resources to deploy the attack -- and most major corporations and government agencies have such resources. If a cracker seizes control over those resources, even temporarily, they can do a lot more th

  • How much does this guy make a year? I can give him a few more tips if they'll pay me, too.
    • I bet the story will be covered by Ric Romero.

      "People want money, and some are willing to use their programming skills with computers to steal your hard-earned cash! This story and more at eleven."

      Did anybody else not realize in 2002 that malware was just a way to make worms and trojan financially profitable?
  • What the heck does that even mean? As best I can tell from context in TFA, it's a typographical error, and they meant "board-based," which makes sense when paired with the idea of simple defacement. But I could also see it being corporate-speak for "a broad range of attacks" or something.

    "Broad-based" sounds like a pornographic term, as opposed to "dude-based" I suppose. Which also makes some sense, since pornographic sites seemed like high-profile targets for defacement.

    • I think what they mean is that there are many threats generally targeted at creating mischief and not really at causing real harm, but I've been known to misinterpret corporatese from time to time.
  • Ok so I've read the news clip and I'm not to sure what is being said. How is what is being described anything new, much less a "major shift."
  • Good idea (Score:3, Interesting)

    by kaoshin (110328) on Friday November 03, 2006 @05:48PM (#16709375)
    "businesses will have to spend more time and energy on making sure that data is not just secure but also recording which users are accessing and manipulating information stored in corporate databases" which are housed overseas and manned by guys who would kind of like to behead your infidel children.

    • by Mulielo (982836)
      "businesses will have to spend more time and energy on making sure that data is not just secure but also recording which users are accessing and manipulating information stored in corporate databases"
      SOX 404 Makes all that necessary anyway, my company (big in insurance) has until mid-2007 to get every system locked down like that, and all the ones that keep track of financial data are already done, and we get audited monthly... Sorry Symantec, you're a little late...
  • About time... (Score:3, Insightful)

    by dmccarty (152630) on Friday November 03, 2006 @05:49PM (#16709383)
    Good. Now maybe people will take these threats seriously. When I started using computers (in the 80's) viruses were a serious threat. People talked about viruses with fear in their voice. These days they're just a nuisance.

    Oooh, that virus sends itself to all your buddies in your address book. How TERRIBLE! Wow, a virus pops up windows on your screen even though you didn't ask for it. How NAUGHTY!

    When I started using PC's, viruses would wipe out your entire drive. They would delete critical files. They would overwrite your boot sector. They would wipout your FAT table. Now THOSE were some viruses!

    Once viruses get back to the level of actual harm, maybe people will stop clicking around willy nilly and will start to invest--on both the corporate and consumer sides--in some real security.
    • by Eberlin (570874)
      Different focus. I always try to explain the concept to people as the difference between e.coli and the common cold. If your purpose is harming a few hosts, then you go e.coli. If you want to spread to as many hosts as possible, you stay relatively harmless so the host has a chance to pass it along.

      The Internet has helped viruses/worms along as well, since they can now travel through time zones in a matter of seconds. In the old days, they generally had to be transmitted through floppies. Rates of infe
    • by Keaster (796594)
      I agree, I think its funny that a lot of people are snarky and so tounge in cheek reguarding the subject. They have probably never had to recover from a real threat.
    • by Hamoohead (994058)
      You forgot "Infect your soul, curve your spine, and keep your country from winning the war."
    • "Once viruses get back to the level of actual harm, maybe people will stop clicking around willy nilly and will start to invest--on both the corporate and consumer sides--in some real security."

      1. There is NO REAL security available in any form of Windows. Users will have to change from Gatesware to something that works properly.

      2. The latest Windoze viruses allow a few reboots (to ensure they've spread themselves) before largely refomatting the hard drive that Windoze is on. It's pretty brutal, but
  • by Illserve (56215) on Friday November 03, 2006 @05:50PM (#16709393)
    The new security threat is from Symantec products!

    It's preloaded on new computers and there's nothing you can do to prevent it. Once you get the computer, it begs you to install it, if you do, god help you. If you change your mind about using norton, well... you've got a long night ahead of you, crack open a bottle of wine and fire up regedit.

    And if you don't uninstall it, and let it lapse, it'll be peppering you with "renew norton!" for the next thousand years. Ditto with McAffee.

    These cures are worse than the disease. At least a zombied computer isn't spitting up "Renew NOW" dialog boxes.

    • by Shados (741919)
      Yup. Yanno, its a shame that Microsoft had to change it to stop people from bitching: Ironically, preventing NAV from running on Windows was probably the most customer-oriented move they ever did, even though it was mostly a side effect >.>
    • No, but a zombied computer might offer you a bigger boner.
    • by taustin (171655)
      In all seriousness, the Windows install CD is your friend. Repartition the drive, and start from scratch. Fuck Macafee and their malware Security Center that can't be uninstalled without booting in to safe mode.
      • by Illserve (56215)
        It doesn't come with an install CD. You make one after you get the machine running by doing a "backup". I'm sure the backup would carry the Norton Malware with it.

        These people are crooks.

        • by taustin (171655)
          I don't buy computers without a Windows install disk. With cheapass computers, you may well have to pay a few bucks extra for it (Dell charges $10), but the computer is useless without it.
    • get nod32

      thats real AV like symantec used to be:

      functional with a minimal frontend www.eset.com

  • The attacks that we see today are more targeted and more silent and their objective is to create true financial harm as opposed to visibility for the attackers.
    this is not true. people still want to attack and 0wn boxes just for spam relays.
  • This looks like another attempt scare people. In effect he is saying that people are not going to notice any major security problems but they will still be ripped off. "So have AV products installed on your system". Yea right!!

    I am not very sure he is raising this issue just to justify his AV product's position in the current turmoil due to the new M$ policy.

  • We've got an active threat going on within our corporate network, it's already been determined to be within an existing worm family, and we get this response from one of their techs:

    "We do virus *detection*, not necessarily virus removal."

    You're telling that crap to a Gold support customer, Symantec, and you expect those of us in the field to give a tin shit what your opinion is?

    Word of advice: quit expressing opinions and start doing your goddamned job.
  • I don't think this is anything new... Targeted attacks for financial gain were going on since at least the 1980's, so whats new about this?
  • ...so why would anyone be surprised when the black-hat set starts busting into machinery for much the same reasons that the criminals in GITS did (albeit this time it doesn;t involve hacking another person's actual brain, but still...)

    Now if only we could authorize a company of elite paramilitary types to give script kiddies and spammers the same treatment... (evil grin).

    /P

  • Just last night, the hospitatal I work at got attacked by a virus cluster. In my 10 years of IT work, I've never seen anything like it. It focused on WindowsNT4.0 server, and when it hit, it had no less than 10 seperate trojans and viruses going on at the same time. We'd clean one server, and it would just get hit by another one. We figured out the address of the server that the infected machines were phoning home to, and the different virus types were all calling home to the same machine. It was like
  • Symantec security is reactive, not proactive. Which means its quite useless against specific directed attacks.

    After all, AV signature is only generated AFTER the V is seen in the wild.

    What we are talking about here would be very directed V (and other attack vectors). There are solutions, but the only way the Symantec can offer them is by converting to a service (not product) model.

    That's putting your foot in your mouth, CEO...

    Unless, of course, Symantec comes up with a proactive product solution (as much as
    • Symantec security is reactive, not proactive. Which means its quite useless against specific directed attacks.

      Not true.

      If an admin knows that his company is being attacked he can make sure that all systems within the company get updated anti-virus definitions IMMEDIATELY instead of on a time interval.

      There are solutions, but the only way the Symantec can offer them is by converting to a service (not product) model.

      That's putting your foot in your mouth, CEO...

      LOL!

      Talk about putting your foot in your

      • by ratboy666 (104074)

        And there is the weakness: "If an admin knows", Deepsite "Enabling proactive protection through the rapid delivery of actionable Early Warning security information".

        An interesting use of the word "proactive" in computer security. In my books, that is STILL reactive to threats. The reaction is to send out "early" warnings. Again, useless against a directed attack.

        And what would such an attack look like? Comission a scan of a binary (say), fuzzing it. Not reporting the results, but using this as an attack vec
        • In my books, that is STILL reactive to threats.

          At the macro level it is, at the micro level it isn't (at least not always). Many machines can be protected from a threat before they're ever subjected to attack.

      • by ratboy666 (104074)
        And why I want Symantec to go this route...

        Many companies feel secure after installing Symantec, or subscribing. "It is now secure..."

        In a way, Symantec is trying to provide "good enough" security, without providing security at all in a real sense.

        An example (real, but the names have been changed to protect the not-so-innocent), A governemnt organization keeps donor records for transplants. The information is promised to be "completely confidential". And yet, I receive a letter that the information has been
  • 'Our new anti-threat sotware protects you from this invisible mumbo jumbo. Ohhh don't you worry, we're still relevant because we still produce software. I mean think about it'
  • ... be very scared
  • "At the Symantec Vision event in Bangalore Thursday, chairman and CEO John Thompson spoke about a shift his company has observed in the threat posed to computer users and companies by hackers. 'While a few years ago many people were much more focused gaining visibility, now all of a sudden we've noticed a significant shift in both the type of attack and the motivation of the attack,' he said. 'The attacks that we see today are more targeted and more silent and their objective is to create true bodily harm t
    • It's when they use blanket statements like "hacker" that cause the most harm. If you're intelligent enough and actively participate in the "hacker" community then you'd know how much of a perjorative that using words like this is.

      They should say "Network Hackers" or "Criminal Network Hackers", just to clarify it. More than likely though, the people who are doing this stuff are just script-kiddies and the real hackers are causing very few people harm.
  • The change was already blatantly visible a year ago. You can separate the malware of today in 2 groups:

    Malware that is used to spread more malware (i.e. mail worms etc)

    Malware that the first malware spreads that siphons money from you.

    Now that we crack down on their servers (because you have to gather the info somewhere), and with the increasing speed we can do this (currently we're at about a week between detection and shutdown, and we're getting faster), I can see the advent of a third group: Malware that
    • I think it is more the case that Symantec and the other well-established Information Security vendors are like dinosaurs stuck in hot tar. The environment around them is rapidly changing, and the smarter of them are now starting to recognise that their existing income streams are becoming less relevant - as Microsoft makes security improvements to their OS, and the attackers continually test against the security products to improve their ability to avoid detection. Now that they are identifying it, it is

  • Does anyone else have a problem with the statement about the goal being financial harm. I'd say that is a result... the GOAL is to steal money.

    this is ~obvious~, but what it boils down to is a change in the economic realities. In the past, virus writers and other miscreants did what they did for social reasons: a sense of power, peer recognition, proof of concept, etc... Today, spammers, identity thieves, scammers, and so-on are paying cold hard cash for access to bot nets and/or comprised systems or the in

"No, no, I don't mind being called the smartest man in the world. I just wish it wasn't this one." -- Adrian Veidt/Ozymandias, WATCHMEN

Working...