This is a guest post from Karmina, an expert from F-Secure Labs. Enjoy!
Little is known about the team in the F-Secure Labs that focuses on tracking down threats. Usually, those contacting the Labs are looking for solutions such as detections and removals. Though mostly working in the background, I’m proud to be part of that team that deals with preventing threats from infecting further.
Proactive protection is my daily mantra. The usual question that I ask when analyzing a threat is where did it come from? If we are able to determine the source and block it from there, then it won’t proceed to infect your computer. My job is to spot threats and track down their possible sources, from social networks to email spams to application stores. Then I need to understand the threat’s behavior and how it spreads. They usually leave distinct trails and have certain characteristics that make them identifiable. It’s fun, in the sense that I feel like I’m a detective trying to uncover something. It’s like building a puzzle where I examine the pieces and put them together to see the bigger picture.
In the Labs, teamwork is important. I provide the information that I gather to other teams so they can build solutions such as website ratings, detections, and removals. We work together toward a common goal: to protect you and provide online safety. From blocking malicious URLs that push information-thieving wares into computers, to scouring application stores worldwide for Trojans disguised as interesting apps, we try to catch them all and protect the users.
Considering that I didn’t plan to get into this field, I’d have to say that I enjoy doing this. Due to constantly evolving threats, I learn a lot of new things daily. I feel fulfilled when I uncover a mystery. I’m glad I ended up in the online security field. My career is also why I’ve had the chance to live in three different countries. I get to see the world while doing interesting work. All in all, not bad!
Malware is an omniscient threat – it’s present even when people don’t realize it. Understanding the threat is a key component of protecting yourself and your devices, and nothing drives that point home like cold hard facts and comprehensive research. F-Secure just released its latest Threat Report, which provides important insights into contemporary digital threats. The report details the various changes and trends in the digital threat landscape using data collected during the 2nd half of 2014. The threat report is full of important information, and it’s worth checking out to get some ideas about what attackers are cooking up. Trends like social media malware, exploits, and ransomware are detailed in the report. But there’s tons of important information people should be aware of, and so we put together an infographic to give you a quick overview of the report. The report provides lots more information about the threats, incidents, and trends that were prominent in the latter half of 2014. There's also some insightful words penned by F-Secure security researchers to give you a little context about why you need to arm yourself with knowledge to defend yourself against digital threats. You can download the full threat report for free from F-Secure’s website.
For this year's World Day against Cyber Censorship, F-Secure is giving away free subscriptions for our one-button Freedome app. You can use the key qsf257 to get a free 3-month subscription to Freedome! Freedom of expression is an important issue for everyone. Developments over the past year have highlighted how sensitive the matter is. It transcends national and cultural borders, yet these borders shape the issue differently for people across the globe. It belongs to us all, but it means different things to different people. Reporters without Borders launched the World Day against Cyber Censorship in 2008. Its intent is to raise awareness that our rights to say what we really think are not something to take for granted. Free speech is a dynamic concept that constantly grows and contracts in the face of developments that threaten its growth. While the Internet has given many people across the globe a powerful new voice, there are always threats mobilizing against this invaluable resource. The World Day against Cyber Censorship draws attention to this struggle. Last year Reporters without Borders compiled a list of what they call “Enemies of the Internet” as part of the annual event. If you look through it you’ll notice a diverse list of government agencies from nations across the world. Many of the events that highlight the fragility of our digital freedoms are attributable to these institutions, such as the Gemalto hack that saw the encryption keys to millions of phone calls stolen by the NSA and its fellow conspirators. And in some cases surveillance is just the beginning, as once these institutions identify their targets they can escalate their actions to include oppression. Hong Kong protestors saw this when local pro-democracy websites became infected with malware. Turkish people saw this during the Twitter crackdown. Drawing attention to these agencies as “enemies” of the Internet places the struggle within a larger dichotomy – enemies and allies. Even if it is a bit of a cliché or oversimplification of the conflict, it points out that people still have an opportunity to mobilize and assert their rights. And nobody is alone in this fight - we all have enemies and allies in this struggle. Having said all of this, World Day against Cyber Censorship isn't all about doom-and-gloom. Reporters without Borders is working to circumvent a number of websites blocked by governments. The Electronic Frontier Foundation continues to work to inform, educate, and represent the voices crying out for a free and open Internet. And F-Secure wants to help by making privacy and security solutions easy and accessible for people all over the world. Just get your trial version of the app and then use the key when it asks for your subscription number. Freedome gives you a one-button app that lets you encrypt your communications, disable trackers, and even change your virtual location. Check out this blog post for more information about the app. It's first come first serve, so don't miss this chance to take control of your digital freedom!
This year’s Mobile World Congress (MWC) is coming up next week. The annual Barcelona-based tech expo features the latest news in mobile technologies. One of the biggest issues of the past year has enticed our own digital freedom fighter Mikko Hypponen to participate in the event. Hypponen, a well-known advocate of digital freedom, has been defending the Internet and its users from digital threats for almost 25 years. He’s appearing at this year’s MWC on Monday, March 2 for a conference session called “Ensuring User-Centred Privacy in a Connected World”. The panel will discuss and debate different ways to ensure privacy doesn’t become a thing of the past. While Hypponen sees today’s technologies as having immeasurable benefits for us all, he’s become an outspoken critic of what he sees as what’s “going wrong in the online world”. He’s spoken prominently about a range of these issues in the past year, and been interviewed on topics as diverse as new malware and cybersecurity threats, mass surveillance and digital privacy, and the potential abuses of emerging technologies (such as the Internet of Things). The session will feature Hypponen and five other panelists. But, since the event is open to public discussion on Twitter under the #MWC15PRIV hashtag, you can contribute to the conversation. Here’s three talking points to help you get started: Security in a mobile world A recent story broken by The Intercept describes how the American and British governments hacked Gemalto, the largest SIM card manufacturer in the world. In doing so, they obtained the encryption keys that secure mobile phone calls across the globe. You can read a recent blog post about it here if you’re interested in more information about how this event might shape the discussion. Keeping safe online It recently came to light that an adware program called “Superfish” contains a security flaw that allows hackers to impersonate shopping, banking, or other websites. These “man-in-the-middle” attacks can be quite serious and trick people into sharing personal data with criminals. The incident highlights the importance of making sure people can trust their devices. And the fact that Superfish comes pre-installed on notebooks from the world’s largest PC manufacturer makes it worth discussing sooner rather than later. Privacy and the Internet of Things Samsung recently warned people to be aware when discussing personal information in front of their Smart TVs. You can get the details from this blog post, but basically the Smart TVs voice activation technology can apparently listen to what people are saying and even share the information with third parties. As more devices become “smart”, will we have to become smarter about what we say and do around them? The session is scheduled to run from 16:00 – 17:30 (CET), so don’t miss this chance to join the fight for digital freedom at the MWC. [Image by Hubert Burda Media | Flickr]