In a recent (and very interesting) post on his blog about security, MSNBC.com's Bob Sullivan described how, in an effort to grab our attention, spammers are employing tabloid techniques to try to mimic what those rags do best: exploit human nature.
The way Doug Camplejohn, CEO and founder of Mi5 Networks, sees it, two humanly natural traits in particular are precisely what "the bad guys" target when trying to lure us to take the bait and click.
J.H.: I met you when we both worked at Apple and you were known as the "Quicktime guy." Since then you've launched Myplay, a digital music "locker," which was sold to Bertelsmann in 2001, and now you're running a company with a very James Bond-esque name, Mi5, which is England's equivalent to our own FBI.
D.C.: Right, they handle domestic security.
J.H.: From MP3s to more secure machines. What got you interested?
D.C.: Before Mi5, I was at a security company called Vontu [which was sold to Symantec], which worked to detect and stop sensitive data from being sent out of the company by employees. Mi5 came about because I was talking to a lot of CSOs [chief security officers) and realized they were worried about new threats like spyware that were coming in from the Web. They had spent the last few years locking down desktops and the e-mail path, and it became pretty obvious to me that the Web was next in line.
J.H.: I'm on broadband via a wireless router and running hardware and software firewalls, anti-virus and anti-spyware programs. How safe am I?
D.C.: You could be safer. The challenge with new threats like botnets and spyware is that they're really good at sneaking onto your PC, usually without you knowing it. I use a tool called SiteAdvisor from McAfee to distinguish good sites from bad in search results. I don't download any widgets, browser extensions, toolbars or programs unless I absolutely have to. Oh, and of course I use a Mac. ;-)
J.H.: It's true Macs have a reputation of being less vulnerable to spyware and viruses, but isn't there a theory that virus and malware authors don't bother writing nasty stuff for Macs because it's more fun (and potentially profitable) to target the roughly 95 percent of PCs used by everyone else -- which is to say the rest of the world?
D.C.: Yes, Macs have been primarily shielded to date by their smaller market share, making them a less interesting target than PCs. But Apple also started with a more secure OS architecture, since it doesn't have to be as open as Windows. Apple has also been very responsive at closing security vulnerabilities in the OS as they are discovered.
J.H.: So running anti-everything on a more secure OS is good enough?
D.C.: Enterprises need both gateway and desktop defenses to be adequately protected. It's like your PC is a 1,000-room castle. The first line of defense should be a moat and drawbridge [gateway], but it's good to back it up with guards that do room-to-room sweeps from time to time [desktop].
J.H.: How do Mi5's products differ from the hardware firewalls most are at least vaguely familiar with (thanks to Hollywood pseudo-tech gibberish), and what do they cost?
D.C.: Firewalls just restrict the ways traffic can get in and out of an organization. The problem is that these threats have become really, really good at hiding inside Web traffic (Port 80/HTTP) and looking like legitimate uses and applications. So although firewalls still serve a purpose, they don't do anything to stop these new threats. Mi5 inspects all incoming and outgoing traffic over all ports and protocols, and utilizes multiple techniques (heuristics, signatures, whitelisting, blacklisting, etc.) to detect and stop Web threats better than anyone else. Mi5's Webgate appliances start at $2,495 for small or branch offices and go up from there based on the size of your organization, and what modules you pick -- URL filtering, Web anti-malware or application control.
J.H.: Your stuff protects companies and their employees in the workplace, but what advice do you have for the rest of us tapped into broadband at home?
D.C.: In addition to the stuff I said earlier, I'd add to just be careful with your clicks. The old adage "if it's too good to be true, it probably is" applies here. The bad guys are trying to use every type of psychological trick (greed and fear leading the pack) and social engineering to get you to click their link, because once you do, they're in.