Threat report conclusion: Patch now!

h2_2012_infographic#1544C6EOur Threat report for H2 2012 is now available. Read it if you want to know what’s going on and what the threat landscape is looking like. It is interesting reading, highly recommended! If you are in a hurry and want to save the reading for later, there’s still one point that affects most users and deserves immediate attention. Vulnerabilities and patching.

One of the major trends is no doubt the increasing importance of exploits and vulnerabilities. And you have probably already heard the nagging about how important it is to patch your system. That IS good advice and our threat report shows how it is getting even more important. But I don’t want to just repeat the nagging. I want to take the opportunity to dig a bit deeper into this issue and explain what it is all about.

There are basically two ways to get malware into your computer; to trick you to install it and to utilize a vulnerability. All software in your computer is written by humans, and as we know, “mistake” is our human race’s middle name. Mistakes in computer programs are called bugs and a vulnerability is a special type of bug. Many bugs just affect the functionality of the program. Something may not work or work in an unexpected way. Applications are supposed to handle errors in a graceful way. But they may encounter erroneous data that the programmer didn’t anticipate. The application wreaks havoc and starts behaving in an unplanned way, and this may breach security. If this can happen, then there’s a vulnerability in the system.

An exploit is data that is carefully crafted by a hacker. Its purpose is to create an error that is no accident . What happens after the error is not chaotic after all; it is orchestrated by the hacker. He has at this point gained unauthorized control and the next task is to make sure that some malware is installed permanently on the system. The attacker has successfully exploited a vulnerability.

This may happen by just visiting a web page. The web page is a document that is rendered by your browser. If your browser has a vulnerability and you visit the wrong page you may be victim of a so called drive-by download. You surf the page comfortably unaware of the fact that a program silently is installed on your computer. And that’s not a friendly program!

But I have bought an antivirus program for good money. Doesn’t that protect me? Yes, that’s good. But we still recommend that you pay attention to patches as well. Your security product will detect and block malware that is about to execute. It will monitor your file transfers over the net and block harmful content. It will even check what sites you surf and warn when entering hostile territory. And if all that fails, executing programs are watched for suspicious behavior. But all this is a cat and mouse game. The bad guys come up with new clever tricks to circumvent all these layers and the security researchers upgrade the product to cope with them. If you are unlucky you can hit malware that your product can’t cope with yet. Remember that no product will ever give you 100% protection no matter what the sleek marketoids are claiming! But you are still fine if you have patched the vulnerability that the bad guys try to exploit. The malware has to go through that bottleneck so why not plug the hole? It can’t be done by your security vendor; it must be done by the vendor of the affected software. Your security suite can just build layers of security around the hole, but not correct errors in other products.

OK, I’m convinced. I want to start patching my system now. But how? One problem is that you probably have software from several vendors on your system. They all have to produce patches for their own product and there is no single outlet that would provide patches for all vendors. That’s one of the reasons why we have made F-Secure Safe Check . This free tool checks the security of your system from several different angles; your patching status is one of them. And you will get instructions about how to patch if that is needed. Why not run it right away!

Micke

PS. Some definitions: (Source: Wikipedia)

Vulnerability
“In computer security, a vulnerability is a weakness which allows an attacker to reduce a system’s information assurance.”

Exploit
“An exploit (from the verb to exploit, in the meaning of using something to one’s own advantage) is a piece of software, a chunk of data, or sequence of commands that takes advantage of a bug, glitch or vulnerability in order to cause unintended or unanticipated behaviour to occur on computer software, hardware, or something electronic (usually computerised).”

Patch
A patch is a piece of software designed to fix problems with, or update a computer program or its supporting data. This includes fixing security vulnerabilities and other bugs, and improving the usability or performance.”

More posts from this topic

Online Surfing in Different Countries

POLL: What country do you want to use for your online surfing?

Online surfing has been around for a while now, and it keeps getting better as technology continues to improve. Websites are better, responsive to different devices, more interactive, and feature a more diverse range of content. All in all, online surfing has managed to stay cool for a very long time. In fact, during a recent interview, Mikko Hypponen specified online surfing as the thing that he’d miss the most if the Internet were to suddenly disappear. The Internet may not suddenly disappear tomorrow, but it is in danger of slowly eroding. While technologies have been steadily improving what people can see and do online, other interests have been trying to develop new ways to regulate and control people’s behavior. Questions about what you can see and do online used to face technical constraints, but now these are transitioning to issues about what other people want you to see and do. Noted anthropologist and author David Graeber recently remarked in an interview with the Guardian that control has become so ubiquitous that we don’t even see it. Geo-blocking is a regulative measure that seems to confirm Graeber’s views. PC Magazine concisely defines it as the practice of preventing people from accessing web content based on where they are (determined by their IP address). Geo-blocking and other types of regional restrictions are used by both companies and governments, and for a variety of purposes (for example, enforcing copyright regimes, running regional sales promotions, censorship, etc.). Freedome is a user-friendly VPN that gives people a way to re-assert control over what they can see and do online. It encrypts communications, disables tracking software, and protects people from malware. It basically gives people the kind of protection they need to surf the web while staying safe from the more prominent forms of digital threats. It also helps people circumvent geo-blocking by letting them choose different “virtual locations”. Virtual locations let people choose where they want to appear to be when they’re surfing online. So if a user selects Canada as their location, the websites they visit will think they are located in Canada. If they select Japan, websites will think they’re in Japan. I’m sure you get the idea. Choosing different virtual locations lets web surfers bypass these geo-blocks so that their access to content remains unrestricted. They can watch YouTube videos reserved for American audiences, access Facebook or Twitter when vacationing in a country that blocks those services, and avoid other measures that attempt to prevent them from enjoying their digital freedom. Freedome recently added Belgium and Poland as new choices, giving Freedome users a total of 17 different places to surf from. But the list needs to keep expanding to keep the fight for digital freedom going, so the Freedome team wants to know: where do you want to do your online surfing? [polldaddy poll=8754876] [Image by Sari Choch-Be | Flickr ]

Mar 27, 2015
BY 
cyber censorship

Join the Fight against Cyber Censorship

For this year's World Day against Cyber Censorship, F-Secure is giving away free subscriptions for our one-button Freedome app. You can use the key qsf257 to get a free 3-month subscription to Freedome! Freedom of expression is an important issue for everyone. Developments over the past year have highlighted how sensitive the matter is. It transcends national and cultural borders, yet these borders shape the issue differently for people across the globe. It belongs to us all, but it means different things to different people. Reporters without Borders launched the World Day against Cyber Censorship in 2008. Its intent is to raise awareness that our rights to say what we really think are not something to take for granted. Free speech is a dynamic concept that constantly grows and contracts in the face of developments that threaten its growth. While the Internet has given many people across the globe a powerful new voice, there are always threats mobilizing against this invaluable resource. The World Day against Cyber Censorship draws attention to this struggle. Last year Reporters without Borders compiled a list of what they call “Enemies of the Internet” as part of the annual event. If you look through it you’ll notice a diverse list of government agencies from nations across the world. Many of the events that highlight the fragility of our digital freedoms are attributable to these institutions, such as the Gemalto hack that saw the encryption keys to millions of phone calls stolen by the NSA and its fellow conspirators. And in some cases surveillance is just the beginning, as once these institutions identify their targets they can escalate their actions to include oppression. Hong Kong protestors saw this when local pro-democracy websites became infected with malware. Turkish people saw this during the Twitter crackdown. Drawing attention to these agencies as “enemies” of the Internet places the struggle within a larger dichotomy – enemies and allies. Even if it is a bit of a cliché or oversimplification of the conflict, it points out that people still have an opportunity to mobilize and assert their rights. And nobody is alone in this fight - we all have enemies and allies in this struggle. Having said all of this, World Day against Cyber Censorship isn't all about doom-and-gloom. Reporters without Borders is working to circumvent a number of websites blocked by governments. The Electronic Frontier Foundation continues to work to inform, educate, and represent the voices crying out for a free and open Internet. And F-Secure wants to help by making privacy and security solutions easy and accessible for people all over the world. Just get your trial version of the app and then use the key when it asks for your subscription number. Freedome gives you a one-button app that lets you encrypt your communications, disable trackers, and even change your virtual location. Check out this blog post for more information about the app. It's first come first serve, so don't miss this chance to take control of your digital freedom!

Mar 12, 2015
BY 
8402394000_861ef1b969_z

Mikko Hypponen to Talk Privacy at the Mobile World Congress

This year’s Mobile World Congress (MWC) is coming up next week. The annual Barcelona-based tech expo features the latest news in mobile technologies. One of the biggest issues of the past year has enticed our own digital freedom fighter Mikko Hypponen to participate in the event. Hypponen, a well-known advocate of digital freedom, has been defending the Internet and its users from digital threats for almost 25 years. He’s appearing at this year’s MWC on Monday, March 2 for a conference session called “Ensuring User-Centred Privacy in a Connected World”. The panel will discuss and debate different ways to ensure privacy doesn’t become a thing of the past. While Hypponen sees today’s technologies as having immeasurable benefits for us all, he’s become an outspoken critic of what he sees as what’s “going wrong in the online world”. He’s spoken prominently about a range of these issues in the past year, and been interviewed on topics as diverse as new malware and cybersecurity threats, mass surveillance and digital privacy, and the potential abuses of emerging technologies (such as the Internet of Things). The session will feature Hypponen and five other panelists. But, since the event is open to public discussion on Twitter under the #MWC15PRIV hashtag, you can contribute to the conversation. Here’s three talking points to help you get started: Security in a mobile world A recent story broken by The Intercept describes how the American and British governments hacked Gemalto, the largest SIM card manufacturer in the world. In doing so, they obtained the encryption keys that secure mobile phone calls across the globe. You can read a recent blog post about it here if you’re interested in more information about how this event might shape the discussion. Keeping safe online It recently came to light that an adware program called “Superfish” contains a security flaw that allows hackers to impersonate shopping, banking, or other websites. These “man-in-the-middle” attacks can be quite serious and trick people into sharing personal data with criminals. The incident highlights the importance of making sure people can trust their devices. And the fact that Superfish comes pre-installed on notebooks from the world’s largest PC manufacturer makes it worth discussing sooner rather than later. Privacy and the Internet of Things Samsung recently warned people to be aware when discussing personal information in front of their Smart TVs. You can get the details from this blog post, but basically the Smart TVs voice activation technology can apparently listen to what people are saying and even share the information with third parties. As more devices become “smart”, will we have to become smarter about what we say and do around them? The session is scheduled to run from 16:00 – 17:30 (CET), so don’t miss this chance to join the fight for digital freedom at the MWC. [Image by Hubert Burda Media | Flickr]

Feb 27, 2015
BY