Despite being the co-founder of one the decade's most successful security software vendors, Eugene Kaspersky doesn't think software alone can ever be a silver bullet for cybercrime.
Speaking exclusively to PC Advisor in London last week, Russian security guru Kaspersky described the rise in malware as 'exponential'. Internet criminals are now smarter than ever, ultra-organised, and engaged in increasingly complex scams, he said.
And although cybercriminals are organised to the point that they now resemble legitimate SMEs, Kaspersky said his work with police departments across the globe convinced him that online scams were not perpetrated by traditional, established organised crime syndicates, but by new groups comprising tech-savvy but corrupt individuals. These criminals often make much more money than the police that chase them - and their legitimate colleagues.
Kaspersky outlined the alarming, changing nature of the online threat. All malware these days is aimed at one thing: making money. Online crime is a billion dollar industry, he said, and to a certain extent banks accept this, rather than go public with the true extent of the problem and undermine consumer confidence.
Kaspersky sees clever criminals avoiding detection by returning to 'old' techniques and technology to earn their crust: offering the example of bootkits.
The stakes are high, then, and things are moving fast, with virtual supermarkets offering off-the-peg malware for aspiring thieves of all ages and ambitions.
In such an aggressive and dangerous environment, it's crucial that users should bolster their online defences, Kaspersky said. 'Security software vendor says people should buy more security software' isn't much of a story, I grant you, but Kaspersky had kind words for his rivals - albeit with some caveats.
Reflecting on Symantec's recent Norton Internet Security launch, for instance, Kaspersky said he had been impressed by the more layered approach, the way Symantec is utilising its userbase, and the focus on reducing system overhead by devolving scanning to the cloud.
Indeed, he revealed that the major security companies often work together, with police, to track down cybercriminals in online crime hotspots such as Latin America, eastern Europe and China.
But Kaspersky feels that in the past couple of years many security software vendors have expended their energies in the wrong areas: valuing marketing muscle over technology. So although Norton Internet Security 2009 is a major step forward when compared to its previous iteration, Kaspersky believes that Symantec still has some catching up to do.
"Everyone in the world can be number one at something," said Kaspersky, referring to Symantec's claim that it now has the fastest internet security software. But he feels that more than just quick scanning is required of a contemporary internet security suite. Virtualised safe zones, application control, cloud-based reputation scoring... the list of potential tools is almost endless. And the need for them increasing.
The threat isn't confined to our desktop PCs, either, said Kaspersky. Kaspersky Anti-virus bundles a mobile security app into its Internet Security Suite, for instance. Is this necessary, we asked?
Perhaps not now, said Kaspersky, but only because criminals are by nature lazy, and the lowest hanging fruit can currently be found in Windows PCs. Also, the countries that spawn most cybercriminals have little in the way of SMS commerce to act as inspiration. But where there's commerce, there is crime, and the threat to mobile transactions is growing just as fast as mobile technology use increases.
Indeed, Eugene Kaspersky believes that in an increasingly cross- and multi-platform world, no software program or system will ever be a one-stop shop for total security - and that users shouldn't be told otherwise.
Using the example of online banking, Kaspersky said that the most secure systems involve some kind of hardware. Some UK banks ask users to type a code into a password generating device, for instance. And in the Balkans, bank customers are required to use a book of passwords, unique to their account, used in conjunction with their own user details.
Ultimately, said Kaspersky, you can never be 100 percent secure when you're transacting on the net. But with a bit of user savvy, the right software and a multi-layered approach to security, there'll always be someone less secure than you: and that's who the criminals will target.
- Symantec gobbles up PC Tools
- Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security product reviews
- Visit Business Advisor for the latest business IT news, reviews, tips and tricks - plus sign up for our unique and FREE business IT newsletter
- Symantec launches Norton Internet Security 2009
- Traditional antivirus will die in the next two years