The internet has never been a safe place, and now it is more dangerous than ever before. Hackers are constantly on the prowl to snoop upon unsuspecting victims to take unlawful control of private data. I had been waiting for an opportunity to speak with someone with the requisite experience and knowledge to talk about the situation and that opportunity arrived this past week. Alexander Chachava, Strategic Advisor, ESET India, a global provider of security solutions, was in town. Naturally delighted to speak to a security expert from a country, which along with China, has the largest community of hackers, I got to know his views and opinion on the current security situation on the internet and for the casual internet user in general.
 

Quite a few of my friends do not install antivirus and proclaim that their computers will be safe if they don't visit websites suspected of introducing viruses such as pornographic websites. What do you have to say to them?
While long ago it could be possible to avoid getting infected by viruses or other malware if you did not visit such websites, it is no longer the case. Today, an unprotected PC can get infected once the user just switches it on, it is not necessary even to connect to internet. Regarding web browsing, not only obviously suspicious websites, but even generally trusted websites can spread malware. It has become practically impossible to avoid getting infected. Social networks, which have become so popular today, or even search engines such as Google, Yahoo!, and others can easily spread infection to unsuspecting users. A PC not protected by any antivirus is a potentially dangerous place to keep sensitive personal or company data, or to conduct online financial transactions such as purchasing from online shops, paying for services using internet banking or credit cards. First of all, your logins and passwords or your credit card number can easily fall prey to hackers, who will use it to steal your money or earn illegally, or to blackmail you. With the rise of cybercrime market, a hacker who gains access to your computer can use it to carry out his activities by, for example, making your PC a part of a botnet. In case of further investigation, if your PC will be tracked by authorities, it will be tough for you to prove your innocence.

My advice to your friends would be to use any kind of security software, even free one, to get some basic level of protection against such threats. However, if you can afford to buy a security suite, it will ensure more reliable and up-to-date protection. If your friends don't install any antivirus software because they think it will slow down their PC, I'll recommend them to try ESET solutions as they are known in the market for their lightest footprint. I'm sure once you try it, even for a single day, you'll see the difference.


Is an antivirus enough to protect a PC or is a complete internet security suite (antivirus, antispyware, firewall, antispam, parental control) necessary?
It always depends on user, his system specification, and his activities. While for some users antivirus is more than enough, others would like to set additional layers of security, such as antispam, firewall, parental control features, or removable media security tools, which are available in complete security suites. The reason for this is that viruses are no longer the primary threat for PC security. There are many other threats such as spam, spyware, phishing, social engineering etc., which use various vulnerabilities in users' systems or affect them by taking advantage of users' sometimes irresponsible behaviour in the internet space.


Regarding the earlier question, will ESET continue to make and sell NOD32 Antivirus instead of just making Smart Security, which is a complete security suite?
Yes, ESET will continue with NOD32 Antivirus as well as ESET Smart Security. We want the consumers to have a choice of what product they want and the level of the protection they desire. We don't want to force them to pay more for something they don't really need. For example, users can use the antivirus software and use another firewall, antispyware tools, etc, which can be free as well.  Another example could be, users of email services such as Gmail get really decent protection from spam due to the powerful filters provided by Google, thus making it unnecessary to use a separate antispam software.


With constant virus definition and engine updates, is heuristic scanning capability still necessary?
Heuristic scanning capability is one of the most essential parts of antivirus solutions. Heuristic scanning is able to detect new, unknown viruses using information known about particular malware and past experience, when a particular signature does not yet exist. Thus, proactive scanning is always a strong addition to endpoint security and we at ESET always rely on both ESET ThreatSense signature updates and advanced heuristic scanning straight from the ESET Virus Lab.

ESET's early warning system known as ThreatSense.Net, is a cloud-based malware collection system utilising data from users of ESET solutions worldwide. This continual streaming of information provides ESET Malware Lab specialists with real-time accurate snapshot of the nature and scope of global infiltrations. Careful analysis of the threats, attack vectors, and patterns serve ESET to fine-tune all heuristic and signature updates to protect its users against tomorrow's threats.


There are a lot of free antivirus solutions available such as avast!, AVG, and Microsoft Security Essentials, which are as good as paid antivirus solutions. How do you plan to combat them? Do you have any plan to launch free desktop versions of NOD32?
We don't have any plans to launch free products. We don't consider free antivirus solutions as our competitors, though. We rather consider them as our colleagues. While we think that some of the free security products are good enough, being a vendor that makes paid antivirus solutions, we invest a lot in technology, development, and research. That allows us to provide our users the most comprehensive protection and technical support. However, I must say it's always better to install free antivirus instead of not using any protection at all.


Recently, Indian government websites were hacked by hacker / terrorist groups and this has been happening regularly. How do you think global cyber threats affect India and what is ESET's plan to help combat them?
We estimate the size of the global cybercrime market to be around $7 billion. This figure shows only the earnings of cyber frauds, while the cost of total damage could be even ten times more. Take for example the Stuxnet threat discovered in 2010, which caused a lot of damage in Iran, Indonesia, India, Pakistan, and other countries. It was able to stay undetected for a substantial period. The use of a self-launching, 0-day vulnerability in the attack allowed the rapid distribution of Stuxnet in the targeted region. The choice of this kind of vulnerability is quite deliberate, because in the absence of information about its existence, use of the exploit will not be detected. All these facts suggest a well-planned attack, via a worm that remained dormant for a long time and suddenly attacked the target systems, taking them by surprise and inflicting considerable damage. We believe that such dangerous threats can't be created just by individual hackers. To create such threat as Stuxnet, you need hundreds of well-trained hackers, huge financial support, and other resources, which can probably be afforded only by powerful organizations or even governments.

Countries such as USA, UK, and some European countries are successfully implementing anti-cybercrime policies and regulations. However, many other countries including India are not that prompt in acting against cyber criminals. Companies such as ESET with their powerful virus labs and cyber forensic teams, help governments all over the world to fight against cyber criminals by investigating attacks, analysing the threats, and finally tracing the hackers. For example, in Russia, ESET has a partner company, Group-IB with an interesting project Cybercop. It is a global counter-cybercrime system, which helps the law enforcement agencies in Russia and around the world to combat cybercrime during the most difficult stages of the investigative process: evidence gathering, information analysis, and perpetrator finding. Through correlating data regarding cybercrimes, their methods, and the persons involved, the investigation will be conducted with complete information. Therefore, such technological means will not only contribute to information protection, but also directly reduce cybercrime volume. Cybercop has established partnership with government and non-government cyber-forensic organisations in 43 countries, including India.


We all agree that the internet is the most likely source for viruses entering most computing devices. Is there anything that can be done to stop this menace at the source; probably some kind of regulation on the internet?
The internet is not the only source of threats. Malware can be spread through client-based applications or removable media without any connection to the internet. Regulations regarding cyber frauds must be there for sure and many governments are successfully working on them and implementing legal practices to the cybercrime landscape. However, these regulations are and should be directed at cyber criminals' responsibility for creating and spreading malware, rather than at restricting users' and service providers' activities on the internet.


Antivirus makers and hackers have been playing a game of chess since the start of this phenomenon. Do you foresee an end to this with one clear winner or will this continue to remain like a balance of good and evil?
Threats are becoming more and more sophisticated day by day, while the cybercrime landscape is getting more organized. Hackers are no more some romantic creatures, but profit-oriented professionals. However, as we and other vendors continue to invest in research and development, security technologies to always a step ahead of cyber criminals' efforts.

Tags : Interviews, Security, Jayesh