330x330_futis-maalivahti

Why your PC needs a great goal keeper

What is the value of superior detection rate? Does it really matter if your security software, your goal keeper, blocks close to 100% or close to 90% of malware attacks?

A simple answer – yes!

On average, one out of ten new zero-day malware attacks succeed as the detection software cannot anticipate the upcoming hits to the goal. The accrued costs to the company of all the related work and possible data loss are huge.

Let’s play with the numbers a bit:

  • With 500 employees, assuming they each face two malware per year, the company would face up to 1000 malware per year. If you have an industry average goal keeper who only blocks 92% of the attacks, this means about 80 successful hits into the goal.

80 malware that hit the goal will mean a lot of money. Both the external and internal costs can be significant. Internally, the detection, recovery, investigation etc will take a lot of time from your security officers and affected employees. However, the external repercussions can be even more staggering. Or how would you value information loss, business disruption, or revenue loss?

Neither can you sit back and relax thinking that you or your company are too small and insignificant for the attackers to target you. The game is on every day and regardless of the opponent. 79% of malware attacks are opportunity based. This means that anyone can be a target, it is just a question of who is the easiest one. The team with a weak or average goal keeper is a much easier to win over than the one with a superior goal keeper.

Malware is constantly evolving, with new tricks and features, just like the players on the field come up with new tactics to win the game. It is the popular software that is most often targeted, both based on known vulnerabilities and with new threats. So today, it is just as critical to be able to identify the clean, non-malicious software to be able to focus attention on the harmful attacks as it is for the goal keeper in the game to see the whole field to anticipate the next attack.

Think then: what if you had a super goal keeper that blocks even new or emerging malware attacks by anticipating the moves of the opponent and by having eyes even in the back?

DeepGuard detection technology is just like such a goal keeper. Continuously, DeepGuard technology is at the top of detection rate studies. The multi-layered protection is your winning team with a super goalie and the best defense team. This means that you and your business can be safe and secure in the knowledge that your goalie foresees and prevents the attacks, keeping your goal clean.

F-Secure Client Security uses DeepGuard, and can also be enhanced with Software Updater. It offers uncompromised security with minimal impact on performance.

Cheers, Eija

More posts from this topic

wifi_exp_cropped

The Dangers of Public WiFi – And Crazy Things People Do To Use It

Would you give up your firstborn child or favorite pet to use free WiFi? Of course not. Sounds crazy, right? But in an independent investigation conducted on behalf of F-Secure, several people agreed to do just that – just to be able to instantly, freely connect to the Internet while on the go. For the experiment, we asked Finn Steglich of the German penetration testing company, SySS, to build a WiFi hotspot, take it out on the streets of London, and set it up and wait for folks to connect. The purpose? To find out how readily people would connect to an unknown WiFi hotspot. (You can view our complete report, see the video and listen to the podcast below.) Thing is, public hotspots are insecure. Public WiFi simply wasn’t built with 21st century security demands in mind. When you use public WiFi without any added security measures, you leak data about yourself from your device. We know it, but we wanted to find out in general how well people out on the street know, whether or not they take precautions, and what kind of data they would actually leak. We also enlisted the help of freelance journalist Peter Warren of the UK’s Cyber Security Research Institute, who came along to document it all. Accompanying the two was Sean Sullivan, F-Secure’s Security Advisor. [protected-iframe id="4904e81e9615a16d107096f242273fee-10874323-40632396" info="//www.youtube-nocookie.com/embed/OXzDyL3gaZo" width="640" height="360" frameborder="0" allowfullscreen=""] Leaking personal information What we found was that people readily and happily connected, unaware their Internet activity was being spied on by the team. In just a half-hour period, 250 devices connected to the hotspot. Most of these were probably automatic connections, without their owner even realizing it. 33 people actively sent Internet traffic, doing web searches, sending email, etc. The team collected 32 MB of traffic – which was promptly destroyed in the interest of consumer privacy. The researchers were a bit surprised when they found that they could actually read the text of emails sent over a POP3 network, along with the addresses of the sender and recipient, and even the password of the sender. Encryption, anyone? If you aren’t already using it, you should be! The Herod clause For part of the experiment, the guys enabled a terms and conditions (T&C) page that people needed to agree to before being able to use the hotspot. One of the terms stipulated that the user must give up their firstborn child or most beloved pet in exchange for WiFi use. In the short time the T&C page was active, six people agreed to the outlandish clause. Of course, this simply illustrates the lack of attention people pay to such pages. Terms and conditions are usually longer than most people want to take time to read, and often they’re difficult to understand. We, of course, won’t enforce the clause and make people follow through with surrendering their loved ones – but this should give us all pause: What are we really signing up for when we check the “agree” box at the end of a long list of T&C’s we don’t read? There's a need for more clarity and transparency about what's actually being collected or required of the user. The problem So what’s really the issue here? What’s going to happen to your data, anyway? The problem is there are plenty of criminals who love to get their hands on WiFi traffic to collect usernames, passwords, etc. It’s easy and cheap enough for them to set up their own hotspot somewhere (the whole hotspot setup only cost SySS about 200 euros), give it a credible-looking name, and just let the data flow in. And even if a hotspot is provided by a legitimate business or organization, criminals can still use “sniffing” tools to spy on others’ Internet traffic. So be warned: Public WiFi is NOT secure or safe. But we’re not saying don’t use it, we’re saying don’t use it without proper security. A good VPN will provide encryption so even if someone tries, they can’t tap into your data. The Solution F-Secure Freedome is our super cool, super simple wi-fi security product, or VPN. Freedome creates a secure, encrypted connection from your device and protects you from snoops and spies, wherever you go and whatever WiFi you use. (Bonus: It also includes tracking protection from Internet marketers, browsing protection to block malicious sites and apps, and lets you choose your own virtual location so you can view your favorite web content even when you’re abroad.) Still don’t believe that public WiFi poses risks? Take a closer look next time you’re faced with a terms and conditions page for public WiFi hotspot. “A good number of open wi-fi providers take the time to tell you in their T&C that there are inherent risks with wireless communications and suggest using a VPN,” Sullivan says. “So if you don't take it from me, take it from them.”   Check out the full report here (PDF): Tainted Love - How Wi-Fi Betrays Us   Listen to the podcast, featuring interviews with Victor Hayes, the "Father of WiFi," our Sean Sullivan and others: [audio mp3="http://fsecureconsumer.files.wordpress.com/2014/09/wifi_experiment_podcast.mp3"][/audio]   Disclaimer: During the course of this experiment, no user was compromised at any point nor user data exposed in a way that it could have been subject to misuse. We have not logged any user information, and during the experiment a lawyer supervised all our activities to avoid breaching any laws.   Video by Magneto Films    

Sep 29, 2014
bash

Shellshock only concerns server admins – WRONG

Yet another high-profile vulnerability in the headlines, Shellshock. This one could be a big issue. The crap could really hit the fan big time if someone creates a worm that infects servers, and that is possible. But the situation seems to be brighter for us ordinary users. The affected component is the Unix/Linux command shell Bash, which is only used by nerdy admins. It is present in Macs as well, but they seem to be unaffected. Linux-based Android does not use Bash and Windows is a totally different world. So we ordinary users can relax and forget about this one. We are not affected. Right? WRONG! Where is your cloud content stored? What kind of software is used to protect your login and password, credit card number, your mail correspondence, your social media updates and all other personal info you store in web-based systems? Exactly. A significant part of that may be on systems that are vulnerable to Shellshock, and that makes you vulnerable. The best protection against vulnerabilities on your own devices is to make sure the automatic update services are enabled and working. That is like outsourcing the worries to professionals, they will create and distribute fixes when vulnerabilities are found. But what about the servers? You have no way to affect how they are managed, and you don’t even know if the services you use are affected. Is there anything you can do? Yes, but only indirectly. This issue is an excellent reminder of some very basic security principles. We have repeated them over and over, but they deserve to be repeated once again now. You can’t control how your web service providers manage their servers, but you can choose which providers you trust. Prefer services that are managed professionally. Remember that you always can, and should, demand more from services you pay for. Never reuse your password on different services. This will not prevent intrusions, but it will limit the damage when someone breaks into the system. You may still be hurt by a Shellshock-based intrusion even if you do this, but the risk should be small and the damage limited. Anyway, you know you have done your part, and its bad luck if an incident hurts you despite that. Safe surfing, Micke   PS. The best way to evaluate a service provider’s security practices is to see how they deal with security incidents. It tells a lot about their attitude, which is crucial in all security work. An incident is bad, but a swift, accurate and open response is very good.   Addition on September 30th. Contrary to what's stated above, Mac computers seem to be affected and Apple has released a patch. It's of course important to keep your device patched, but this does not really affect the main point of this article. Your cloud content is valuable and part of that may be on vulnerable servers.  

Sep 26, 2014
BY Micke
Screen Shot 2014-09-20 at 9.12.30 AM

GameOver ZeuS: The Kind of Game You Don’t Want On Your Computer

Unlike Team Fortress 2 or Doom, two of the most popular PC games of all time, GameOver ZeuS is not a game you can buy online or would willingly download on to your computer. What is GameOver ZeuS? While we’ve talked about banking Trojans before, none have been as detrimental to users as the GameOver ZeuS or GOZ Trojan, which initially began infecting users in 2012. Gameover ZeuS is designed to capture banking credentials from infected computers, and make wire transfers to criminal accounts overseas. It was allegedly authored by Russian hacker Evgeniy Bogachev, who then implanted it on computers all around the world; building a network of infected machines - or bots - that his crime syndicate could control from anywhere. It’s predominately spread through spam e-mail or phishing messages. So far, it’s been estimated to scam people out of hundreds of millions of dollars and it’s only getting worse. It doesn’t stop there; Gameover ZeuS can also be modified by hackers to load different kinds of Trojans on to it. One such Trojan is a ransomware called CryptoLocker, which is a devastating malware that locks a user’s most precious files by encrypting all the files until he or she pays the hacker a ransom. In June 2014, the FBI, Europol, and the UK’s National Crime Agency announced they had been working closely with various security firms and academic researchers around the world and took action under a program dubbed “Operation Trovar.” This initiative temporarily disrupted the system that was spreading the Trojan and infecting computers, allowing a temporary pause in additional computers from being infected. However, computers that were already infected remained at risk, as they were still compromised. What’s next? The disruption of the GameOver ZeuS botnet was a great success in many ways, but it’s not over. Our security advisor, Sean Sullivan, worries that this temporary disruption was actually more dangerous than completely taking it down. “Without arresting Bogachev, Gameover ZeuS is still a huge threat and likely to evolve to become more dangerous. The hackers can just as easily program a future version of the Trojan to initiate a “self-destruct” order (like destroy every file on a computer) if the ransom isn’t paid, or if authorities try to intervene.” What can we do to protect our digital freedom? Beware of malicious spam and phishing attempts — don’t open any attachments within emails unless you are specifically expecting something. Check email attachments carefully, and make sure you don’t open any files that automatically launch, which frequently end in .exe Have an Internet security solution in place and keep it up to date Keep your Windows operating system and your Internet browser plugins updated Back up all of your personal files regularly Also, check your machines to be sure you do not carry the Gameover ZeuS Trojan. For more information on how this powerful Trojan works and how it is spread, check out this this video. [protected-iframe id="888198d18fd45eae52e6400a39fb4437-10874323-9129869" info="//www.youtube-nocookie.com/v/JhiPDbTIsqw?hl=en_US&version=3&rel=0" width="640" height="360"] Have more questions? Ask us here on the blog.  

Sep 20, 2014