Published on March 12th, 2014 | by admin
Bogdan Botezatu Interview (Senior E-threat analyst at Bitdefender)
1. Tell us how you became involved in internet security?
I have been working in IT for more than a decade and spent the first six years of my career as a system administrator at one of the largest universities in Romania. Back then, I handled web application security, tracked botnets by inspecting rogue traffic and tried to solve problems that often arose when inexperienced people interacted with machines connected to the Internet. Naturally, I didn’t hesitate accepting a job offer from Bitdefender when I received it as working full-time in security seemed to me to be the obvious next step. It has been nearly six years now since I joined Bitdefender as a threat analyst.
2. What do you believe was the biggest threat to computer users in recent years?
The biggest threat to computer users is the shift to silent, zero-interaction malware that first started occurring around 2010. Because of the large number of zero-day exploits identified in popular software, users no longer need to click a link or open an application in order to be exposed to threats; today simply visiting a web page that has been compromised is enough to automatically infect users. In addition, the emergence of attack toolkits in recent years such as Blackhole, Sakura and Redkit have made it much easier and more effective for cyber-criminals to infect computer users.
3. Given the information released by Edward Snowden, how safe are smart phones?
Nothing that runs on electricity and uses an operating system is ever safe, that is, all smart devices can be compromised, but not all of them justify the effort. Smartphones however are a special case as they are the most private piece of equipment a user owns. They serve as organisers, media centres and communication tools equipped with numerous sensors (camera, microphone, GPS) that can offer feedback on where the user is, what they can hear and more. Considering that most users don’t understand the impact of app permissions, more often than not, users accept intrusive applications that can syphon private data and distribute it remotely. Furthermore, most advertising frameworks are vulnerable to man-in-the-middle attacks because very few use SSL or other encryption mechanisms for establishing connections with their home servers.
4. How much personal information can “apps” give companies?
The amount of personal information available to applications varies depending on how many permissions each application requires to operate and hence which permissions the user accepts upon downloading it. However, most developers tend to get greedy with permissions because the more information they syphon, the more money they get from advertisers so it’s not uncommon for an application to have access to all the information available on the device it is running on such as geolocation, call history, browser bookmarks and history, contact details, the owner’s e-mail address, phone number and unique device ID (IMEI).
5. Do you feel the criminal cyberworld will be targeting these devices more due to their popularity?
The Android operating system is the main target for cyber criminals for two reasons. Firstly, it is extremely flexible and less regulated than iOS as it allows users to install applications outside of the official Play Store by simply ticking a checkbox.
Secondly, it is the world’s most popular mobile operating system so the more active users, the higher the profits for cyber-criminals.
Operating system fragmentation is also a security concern, as the extremely vulnerable Gingerbread (Android 2.3) version is still running on roughly 20% of Android devices on the market.
6. What exactly can these apps “steal” or share?
The permissions required by the developer and the advertising framework are the two things that determine what applications can access. Some frameworks are known to send location, leak the Unique Device Identifier or seize the contact list for various purposes. Although some applications have a legitimate reason to access this type of information, others send it for statistical, advertising-related purposes.
7. Which platform do you believe is the safest mobile platform?
Ubuntu for Phones is currently available as beta software with a small user base and an extremely limited number of applications. All jokes aside, safety is not a proper metric for picking an operating system because one should not expect that the operating system handles security. There are millions of Android users who use their phones on a daily basis (me included) and experience no malicious incidents. Instead what is important to note is that security is achieved and upheld by understanding the security risks associated with the installation of applications. By understanding how permissions impact user privacy and what actions should be taken to automate application screening, users can make informed decisions.
8. What advice can you give users about their mobile phones and apps?
Users should ensure they are only downloading applications from known, reputable sources such as the Google Play Store. Even if these applications are thought to be clean, users should look at the permissions the applications request and avoid installing them if the requirements don’t justify the application’s function. For example, a wallpaper application should not be able to initiate phone calls or track location. If these applications still ask for unjustified permissions, stop the installation and look for a similar application that is less intrusive. Bitdefender has developed a special application called Clueful that examines what an application does, where it sends data and how (encrypted or unencrypted). This way, users can better understand ‘what goes on under the hood’ and how the application’s inner workings affect privacy.
9. Apple originally removed Clueful from their app store, what were your thoughts on this?
It was a pity that an application that provides insight into the way other applications behave on a device was removed however, Bitdefender has kept it alive in the form of a web service available at http://cluefulapp.com/.
10. Were we safer on the net 10 years ago or are we safer now?
The early days of the Internet saw about 300 million users connected on a daily basis. Today, more than two billion users go online either via mobile devices or from desktops and there is a much higher chance that users will stumble upon an infected link or a malicious piece of software.
In 2004, there were thousands of viruses circulating the internet; now there are about two hundred million unique pieces of malware ‘in the wild’. Furthermore, because of how we use the Internet (banking, shopping etc.) the chances of a security breach inflicting damage is also higher- unlike in the early days when banking malware could infect only a PC and not the user because they were not banking on the infected machine.
11. What do you think the future holds for smart devices in terms of security?
As more and more users rely on mobile technologies to stay online and connected, I expect we are not only going to see more attacks, but also an increase in their complexity. This year, mobile traffic is predicted to take over desktop Internet usage as 3G and LTE technologies become cheaper and increasingly available in emerging parts of the world. The possibilities are endless.