Government Technology

Conficker Raises Questions on the Future of Cyber-Security

April 9, 2009 By

Photo: Melih Abdulhayoglu, security expert and CEO of Comodo security

Over the past week or so, the Conficker worm has raised more than a few security questions. When will it appear? What will it do? How do you protect against it?

A new breed of virus, Conficker seemingly has the ability to infect computers by simply inhabiting a Web site or turning up in an e-mail inbox. Users were instructed to install an emergency patch released by Microsoft which would prevent the virus from exploiting the buffer overflow vulnerability.

But this new worm has brought the issue of how we deal with security to the forefront. Must we always have to come up with patches, fixes and other forms of reactive security to keep our computers safe? In a recent interview with security expert and Comodo security CEO, Melih Abdulhayoglu, an alternative form of security was brought to light: default-deny based systems. And although this white-listing form of security is not a new concept, recent security breaches and the rising number of identity theft cases force us to re-think the way we fight cyber-terrorism. Abdulhayoglu offers a possible solution to these growing security issues.

The Internet has changed the way we communicate, the way we do our jobs and, essentially, the way we live our lives. With so much of our personal and financial information online, security should be a top priority. And seeing as how in 2008, the revenue from Internet crimes surpassed revenue from drug trafficking crimes, it is evident that a very lucrative living can be made stealing this information.

Abdulhayoglu said we need to change the way we fight the war on Internet crime. "In the first World War, we fought war from the trenches. Today we have fighter jets dropping bombs. The way we engage in war in the physical world has evolved. In the online world, we are still fighting the malware war from the trenches. The way we fight the war needs to change."

He said the way to do this is by adopting a default-deny based system on a large scale. This multi-layered approach to security would almost completely eliminate the need for anti-virus software and never-ending security patches and fixes.

"Think about a house. Your first layer of security is a door, which is the prevention layer," said Abdulhayoglu. "Using the current default-allow system, anyone gets to come through the door unless they are on the 'black-list.' This is ineffective because new malware is popping up everyday and will not be identified (or put on the black-list) until it has caused damage. Using the default-deny system, no one gets to come through that door unless they are on the 'white-list'," he continued.

"The second layer of security is the burglar alarm, which is the detection layer. Most anti-virus systems have this layer of security, but will only ring the alarm if the burglar is one it recognizes. If it is a new burglar in town, he can go ahead and come right it," said Abdulhayoglu. "But combined with the prevention layer, detection is useful as a back-up tool."

"The last layer of security is the homeowner's insurance, or a patch or fix, which is the cure if all else fails," Abdulhayoglu said. "That is an example of a default-deny based security system. All we're doing is putting some doors in place and saying we'll only open those doors if [applications] are legitimate."

Abdulhayoglu claims that the inconveniences with the default-deny based system are minimal in exchange for increased security. The white-list database Comodo uses contains millions of approved Web sites and applications. If the Web site or application that is trying to be accessed is unknown, a dialog box

| More


Add Your Comment

You are solely responsible for the content of your comments. We reserve the right to remove comments that are considered profane, vulgar, obscene, factually inaccurate, off-topic, or considered a personal attack.

In Our Library

White Papers | Exclusives Reports | Webinar Archives | Best Practices and Case Studies
Fresh Ideas In Online Security for Public Safety Organizations
Lesley Carhart, Senior Information Security Specialist at Motorola Solutions, knows that online and computer security are more challenging than ever. Personal smartphones, removable devices like USB storage drives, and social media have a significant impact on security. In “Fresh Ideas in Online Security for Public Safely Organizations,” Lesley provides recommendations to improve your online security against threats from social networks, removable devices, weak passwords and digital photos.
Meeting Constituents Where They Are With Dynamic, Real-Time Mobile Engagement
Leveraging the proven and open Kofax Mobile Capture Platform, organizations can rapidly integrate powerful mobile engagement solutions across the spectrum of mobile image capture, mobile data capture and complete mobile process integration. Kofax differentiates itself by extending capture to mobility, supporting multiple points of constituent engagement. Kofax solutions dynamically orchestrate the user’s mobile experience from a single platform—reducing time to market, improving process perf
Public Safety 2019
Motorola conducted an industry survey on the latest trends in public safety communications. The results provide an outlook of what technology is in store for your agency in the next five years. Download the results to gain this valuable insight.
View All

Featured Papers