The single biggest problem today is botnets
Patric Runald, Senior Security Specialist at the F-Secure
response lab in the Asia-Pacific region, spoke to Dominic K about security
threats on the OS front with an emphasis on mobile OS platforms
How vulnerable are the operating systems of servers, desktops,
On the PC end it is Windows. This is because they hold a major marketshare and
probably the virus writers are also lazy! It is easier to target the most popular
operating systems since you can attack a larger number of users who connect
through it. On the mobile front it is Symbian.
On the server end we observed last month that 60 percent of the attacks were
on Apache, the Linux-based web server. One reason behind this could be that
a fair amount of its source code is easily available on the Internet.
I feel that a major reason behind all these attacks is social nature. If you
think of Macintosh users, it is a small community when compared to Windows.
Macintosh users typically love the Mac. They love other Mac users and would
not harm the operating system they like. The same case applies a bit to Unix
and Linux. Unix and Linux users and their open source community are very enthusiastic
about the operating system they use.
However, Windows users usually just dont care. They run Windows because
it is pre-installed on their PC when they bought it, so they have no other option.
What is the state of mobile security at present?
The number of mobile phone users is increasing. The total number of mobile viruses
until yesterday (May 9, 2006) is 203, so the threat is not that high in the
mobile end when compared to PCs.
We are seeing signs of evolution in mobile phone viruses since they are much
quicker when it comes to spreading than computer viruses. Earlier, mobile viruses
used to spread quite slowly, but later they picked up speed.
Mobile malware such as viruses, worms and Trojans have become nuisances that
smartphone users have to deal with on an increasing basis. Malware can cause
unwanted billing, delete valuable information on the device, or make the phone
Is mobile security a bigger issue in Asia considering the
high usage of technologies such as Bluetooth?
Mobile phone viruses and security issues are widespread as compared to Europe.
Most of the viruses are spread through Bluetooth. To be hit Bluetooth should
be turned on and the phone should be in a discoverable mode. This means that
anyone can connect to you or try to connect to you.
Let me share my personal experience. I had Bluetooth turned on for about 18
months and I was hit just once in Europe. However in Singapore I was hit four
times in just two months.
The first mobile viruses were actually found in the Philippines. China adds
four million new subscribers every month, but India is catching up.
Is there any new technology to protect mobile and PC environments?
No. We are working on enhancing the current product features and security levels
on anti-spam, anti-phishing and intrusion detecting-type systems. We plan to
have built-in intrusion prevention systems and firewalls built into the mobile
The way we plan to bring these products is through mobile phone operators and
ISPs. We already have it on the Nokia Communicator series, and we are developing
it for the Windows mobile.
According to you, which is the most serious security threat
The single biggest problem we have today in the PC world is botnets. These are
basically a network of infected machines controlled by a group of hackers or
someone who controls the machines remotely.
Most of the new malware we see today in Windows are botnets. They can install
software, adware and utilise your PC and bandwidth for DoS attacks by entering
through the back door
its a big way to make money.
DDoS attacks are extremely difficult to deal with. The way F-Secure tries to
handle things is through traffic monitoring and tie-ups with ISPs. Any machine
that is detected as virus-infected will be quarantined until it is cleaned.
We want the infected machine off the network until it is safe. The moment it
is clean it will be able to surf without the ISPs intervention.