Lavasoft is currently celebrating 10 years of anti-spyware security. Tell us about the state of the security industry when the company was founded. What new trends have emerged in the past years?
When Lavasoft was founded in 1999, computer viruses had been making headlines for years, but the term "spyware" was new. Its effects, though, were starting to be felt throughout the online world with slow-running computers, endless pop-up windows, hijacked search pages, and worse. That's when Ad-Aware entered the security scene, as the first commercial anti-spyware application.
We have seen many changes in the past decade. Malware authors are no longer the "cyber vandals" that they once were, but are now true "cyber criminals". They've graduated from seeking fun or fame to becoming completely profit-driven, shown by their organized, professional, and targeted attacks.
This trend has been consistent in that cyber criminals are persistently upping their tactics to get past the defenses of computer users. That's why, at Lavasoft, we do have to work even harder to offer new features and innovative technology to better protect the privacy and security of our customers.
How does Lavasoft find and classify new malware and online threats?
The Malware Labs at Lavasoft is a dedicated team of in-house analysts whose task it is to focus on finding and analyzing the behavior of a multitude of threats. These threats are then categorized accordingly. This enables our software to detect and remove such violations.
In addition to that, I am also proud to say that Lavasoft has initiated a sample sharing project. That means we have a number of information-sharing partnerships with industry peers and groups. Despite the fact everyone involved in this belongs to different organizations, we all share a common viewpoint that, by collaborating, we can each work to better protect today's computer users.
In terms of threats users are faced with, what changes have been seen in the past decade?
The threats have become what I would refer to as more "real". That is to say that the days of the hacker encroaching on your privacy just to play "I can see you" are definitely over. Users are getting caught out through an ever increasing number of fake e-mail messages urging responses that then compromise their personal information. Counterfeit websites, as well as threats and scams on social networking sites, are also on the increase. Most alarmingly, though, is the rise of scam security products. Having paid for these, such tools do nothing but send the user false warnings of security breaches. These are aimed at scaring the user into renewing and buying additional hollow protection.
The online threat landscape is known to be ever-evolving. Do you have any predictions for types of threats consumers will face over the next decade?
Certainly in terms of the hardening economic climate, I believe that we will see a further explosion of rogue site usage focused on payment related sites such as online banking, poker, etc. It's all about the hacker using his or her expertise to make fast cash. With that said, advertising budgets are getting squeezed and the online marketing industry is subject to ever-tougher competition, so I do believe that we will see yet another sharp rise in more creative programming of malware designed to steal and store user surfing habits to sell on, illegally of course, to affiliates.
Using the past as an example, we have clear indications that the cyber crime industry will continue to evolve over the next decade. Malware writers have already been seen growing in sophistication and even mimicking real-world crime tactics in order to secure the largest possible profits from infiltrating PCs.
What's your best advice for today's computer users to stay secure online?
Amongst the simple advice, I would say stay offline whenever you are not actively online; if you're not connected to the Internet, you cannot be infected.
Of course, we spend more time than ever online. Whilst there, we need to see the parallels between surfing the streets of the cyberworld with those of walking down the high street outside. You protect your cash and credit cards in a wallet inside a zipped pocket; your mobile is safe inside your pocket or bag until you need to use it; your phone number is not written across your t-shirt and you are not divulging your pin codes, home address or any other such details to every stranger you pass by. So match that protection for your identity and valuables in Cybertown by understanding and installing reliable Internet security products. AND be aware of who and when you divulge information to. In short: never behave differently on the cyber streets than you would on the streets outside your door.
To view regular insights and news straight from Jason King and the rest of the Lavasoft team, stay tuned on the Lavasoft company blog.