Published on September 19th, 2015 | by admin
Bogdan Botezatu Interview (Bitdefender Senior e-Threat Analyst)
Welcome to Impulse gamer and can you tell us your role with BitDefender?
Hello everybody. I’m a senior e-threat analyst with Bitdefender. In this position I coordinate the e-threat analysis and communication team – the guys that detect and document emerging threats or high profile incidents. I’ve been with the Bitdefender team for almost 8 years now, and have worked in the security sector for more than 10 years.
What drew you to Internet Security?
I always considered internet security as war games. It’s a constant battle with the bad guys, a cat-and-mouse game in which each party tries to outsmart the other. However, this is more than fun and games considering that the stake is the privacy and safety of a little bit over 500 million computer users worldwide. It’s a very challenging and dynamic environment that doesn’t take time into account, so you can’t just pause the “game” for vacation or personal business.
My journey into the IT security industry started 10 years ago when I landed a system administrator job. Fortunately, it came with “strings attached”, so I found myself also doing security operations and policy implementations for somewhere around 800 endpoints. Two years later I was recruited by Bitdefender and moved into the big league of security players.
Can you tell us how the threat landscape has changed over the last decade?
In the early 2000s, the malware landscape looked fundamentally different. The Internet was just making its way into residential life, so most of the malware had a worm-like feature that allowed it to spread like wildfire. The MyTob, MyDoom worm or the younger Sasser are just some of the many examples of malware manifesting this behavior. However, the advent of residential internet would allow more and more cyber-criminals to create bot-like malware. As of 2004, we witnessed the rise of botnets such as Storm and Rustock, highly advanced malware that would soon be joined by other big players such as Waledac, Srizbi or TDL. Another big boom was the Fake AV business that made its rounds between 2008 and 2010.
Meanwhile, social networks and e-banking services started to be massively adopted, so cyber-criminals quickly rushed to cater to these niches. Banker Trojan Zeus and Facebook worm Koobface were released into the wild, and bringing in lots of cash to their operators. Most threats had an obvious financial motivation, but in parallel, state sponsored attacks were developing (see the Stuxnet malware that had been deployed in 2010).
Another notable milestone was the advent of ransomware. Ransomware proved to have so much financial potential that, two years later, it is still one of the most widely spread strains of malware.
What do you think the future landscape of internet threats look like?
Mobile ransomware and threats related to the IoT will be two of the main drivers in the production of malware. We also believe that smart cars and medical equipment will undergo heavy fire. We have already seen proof of concept attacks against cars and implants, so it’s only a matter of time until these threats become widely spread.
Tell us a little about BitDefender’s ability to evolve faster than Malware?
Bitdefender uses layered technologies to stay on the cutting edge of malware detection. One of these layered technologies is the Bitdefender cloud that aggregates threat intelligence from our malware feeds honeypots and other users. Machine learning algorithms are fed large amounts of data to learn malicious behaviors and tell them apart even if the new threat has never been seen before. This blend of antimalware technologies allowed us to score as the best security product in independent benchmarks.
Do you believe that internet criminals will continue using Ransomware?
Definitely. The sheer amount of money that ransomware operators make in very short timeframes is enough of an incentive to keep them in the business. More than that, there are now do-it-yourself malware kits such as PrisonLocker (priced $100) that allows anyone to build their own ransomware operations. Ransomware will be one of the most important threats around for as long as victims keep paying in return of their data.
What has been the worst form of ransomware so far?
Cryptowall and CTBLocker are two of the most prolific strains of ransomware to date. Their operators have gone through great lengths to conceal the real identity of the key servers – the location where the decryption keys are stored – by tunnelling traffic via the Dark Web. This way, the team of cyber-criminals that operate the ransomware make sure that these servers are not taken down by law enforcement and internet service providers should they detect illegal activity.
Has there been any threats with the latest Windows 10?
Just like previous versions of Windows, Windows 10 is able to run legacy code written for Windows 7 or Windows 8. This means that old malware could technically run on Windows 10. However, we haven’t seen malware specifically targeting Windows 10 until now.
What are your top 5 internet security tips?
- Run a security solution and make sure it’s kept up to date, along with your other third-party software
- Be mindful of what the internet is throwing at you and what you’re throwing at the internet. Simply put, don’t download everything you see on the web and make sure that you won’t regret whatever you’re posting on social networks.
- Keep your private and business information separate. Make sure that you’re not using your company-issued e-mail address for personal purposes and vice-versa.
- Do not reuse passwords for all your accounts. Keep them as hard to guess as possible and add two-factor validation to all your accounts that support it.
- Treat your smartphone just as you would treat a laptop or desktop. Make sure to run a security solution for mobile devices and update it as soon as a hotfix is available.
Thanks again for your time Bogdan