Government Technology

    Digital Communities
    Industry Members

  • Click sponsor logos for whitepapers, case studies, and best practices.
  • McAfee

Conficker Raises Questions on the Future of Cyber-Security



April 9, 2009 By

Photo: Melih Abdulhayoglu, security expert and CEO of Comodo security

Over the past week or so, the Conficker worm has raised more than a few security questions. When will it appear? What will it do? How do you protect against it?

A new breed of virus, Conficker seemingly has the ability to infect computers by simply inhabiting a Web site or turning up in an e-mail inbox. Users were instructed to install an emergency patch released by Microsoft which would prevent the virus from exploiting the buffer overflow vulnerability.

But this new worm has brought the issue of how we deal with security to the forefront. Must we always have to come up with patches, fixes and other forms of reactive security to keep our computers safe? In a recent interview with security expert and Comodo security CEO, Melih Abdulhayoglu, an alternative form of security was brought to light: default-deny based systems. And although this white-listing form of security is not a new concept, recent security breaches and the rising number of identity theft cases force us to re-think the way we fight cyber-terrorism. Abdulhayoglu offers a possible solution to these growing security issues.

The Internet has changed the way we communicate, the way we do our jobs and, essentially, the way we live our lives. With so much of our personal and financial information online, security should be a top priority. And seeing as how in 2008, the revenue from Internet crimes surpassed revenue from drug trafficking crimes, it is evident that a very lucrative living can be made stealing this information.

Abdulhayoglu said we need to change the way we fight the war on Internet crime. "In the first World War, we fought war from the trenches. Today we have fighter jets dropping bombs. The way we engage in war in the physical world has evolved. In the online world, we are still fighting the malware war from the trenches. The way we fight the war needs to change."

He said the way to do this is by adopting a default-deny based system on a large scale. This multi-layered approach to security would almost completely eliminate the need for anti-virus software and never-ending security patches and fixes.

"Think about a house. Your first layer of security is a door, which is the prevention layer," said Abdulhayoglu. "Using the current default-allow system, anyone gets to come through the door unless they are on the 'black-list.' This is ineffective because new malware is popping up everyday and will not be identified (or put on the black-list) until it has caused damage. Using the default-deny system, no one gets to come through that door unless they are on the 'white-list'," he continued.

"The second layer of security is the burglar alarm, which is the detection layer. Most anti-virus systems have this layer of security, but will only ring the alarm if the burglar is one it recognizes. If it is a new burglar in town, he can go ahead and come right it," said Abdulhayoglu. "But combined with the prevention layer, detection is useful as a back-up tool."

"The last layer of security is the homeowner's insurance, or a patch or fix, which is the cure if all else fails," Abdulhayoglu said. "That is an example of a default-deny based security system. All we're doing is putting some doors in place and saying we'll only open those doors if [applications] are legitimate."

Abdulhayoglu claims that the inconveniences with the default-deny based system are minimal in exchange for increased security. The white-list database Comodo uses contains millions of approved Web sites and applications. If the Web site or application that is trying to be accessed is unknown, a dialog box


| More

Comments

Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Digital Cities & Counties Survey: Best Practices Quick Reference Guide
This Best Practices Quick Reference Guide is a compilation of examples from the 2013 Digital Cities and Counties Surveys showcasing the innovative ways local governments are using technological tools to respond to the needs of their communities. It is our hope that by calling attention to just a few examples from cities and counties of all sizes, we will encourage further collaboration and spark additional creativity in local government service delivery.
Wireless Reporting Takes Pain (& Wait) out of Voting
In Michigan and Minnesota counties, wireless voting via the AT&T network has brought speed, efficiency and accuracy to elections - another illustration of how mobility and machine-to-machine (M2M) technology help governments to bring superior services and communication to constituents.
Why Would a City Proclaim Their Data “Open by Default?”
The City of Palo Alto, California, a 2013 Center for Digital Government Digital City Survey winner, has officially proclaimed “open” to be the default setting for all city data. Are they courageous or crazy?
View All