- Related Stories
Cyberattack in Estonia--what it really meansMay 29, 2007
Kaspersky ships antivirus tool for cell phonesFebruary 13, 2007
Phishing overtakes viruses and TrojansJanuary 30, 2007
Securing consumer-friendly smart phonesOctober 17, 2006
Security firms squabble over mobile threatsJuly 24, 2006
Is your cell phone due for an antivirus shot?February 24, 2006
Especially a new one, like Kimmo Alkio, the chief executive of F-Secure. Alkio recently rejoined the antivirus vendor from fellow Finnish company Nokia.
Silicon.com caught up with Alkio to discuss the security landscape, how governments should handle hackers, the need for a dot-bank domain name and his company's much-criticized stance on the potential threat of mobile phone viruses.
Q: You've recently rejoined F-Secure, and it seems your arrival has coincided with a very quiet time for the security industry. Is this fair to say?
Alkio: The public perception is that this industry may have become less active because three, four years ago there were these very high-visibility public virus outbreaks.
What we are now seeing is that the number of attacks and the quantity of malware is actually increasing. We are getting 7,000 new samples per day but it is being driven by new forces. What we see now is there is a criminal element acting purely for financial purposes and trying to stay hidden.
Phishing is still a major issue. There are markets such as India where the amount of phishing attacks has grown by 96 percent year on year.
Are a lot of threats targeting emerging markets as businesses and consumers in the West start to wise up and protect themselves? Are the criminals just dusting off the same attacks and targeting new regions?
Alkio: In emerging markets, the level of security is not where it is in the Western world. If you look at India, the number of broadband users is going from 8 million to 20 million in three years. Look at these markets where you have this number of people coming onboard. It does change the threat landscape.
There are a lot of unprotected PCs, and online banking and e-commerce are growing. And we need to be very active in educating people.
These infected PCs in emerging markets are also being used in distributed denial-of-service (DDoS) attacks targeting Western businesses and governments.
How big a problem are DDoS attacks today? There was a lot of talk about extortion a couple of years ago, with criminals threatening to take down businesses' Web sites if a ransom wasn't paid. Is this still a problem?
Alkio: DDoS continues to harass people across the world. But is it more, is it less? What we are seeing is it is taking up a lot of bandwidth, and we need to protect people.
I think there could actually be a big shift from commercial to political DDoS attacks, such as we saw recently with Estonia (and Russia). Anyplace where you have political instability you could see an increase in DDoS attacks in that region.
What about mobile phone viruses? It's a drum that you have banged very loudly--leading to suggestions you're overhyping the issue. What do you say to accusations you've been irresponsible?
Alkio: If one recognizes that there is a healthy probability that Internet threats could be similar on the mobile side to the PC side then it could mean we're at the stage now that PCs were at in the late 1980s.
The devices, particularly smart phones, are becoming used more like PCs. So with a little bit of predicting and visioning into the future, based on past experiences, I think there is a tremendous need to ensure there is mobile security in place.
Do you think you've been as clear as you could be with the industry, with the media and with consumers, that what you are doing is visioning and predicting a scenario that could happen?
Alkio: Independent of how we have communicated this in the past, we are making it very clear today that the threat level on mobile malware is not severe today. There are only 323 known malware (exploits) on mobiles and over 300,000 on PCs. No hype. Period.
And a lot of that mobile malware is just proof of concept.
Alkio: Absolutely. Made by hobbyists. That's absolutely where we are today. But what's happening now is mobile phones are being used to download content from the Web and are increasingly being used for mobile e-mail.
They are increasingly becoming professional devices and it is obvious that you have to put the protection in place if there are mobile viruses and malware. We are protecting today and pre-empting a future virus.
2 commentsJoin the conversation! Add your comment