Kaspersky: Malware May Have an Answer in the Cloud
Enterprise security vendors may have failed to stop the tide of malware in the past, but according to Eugene Kaspersky, cloud computing may help reverse that trend.
Enterprise security vendors have failed to stop the inexorable rise in cybercrime over the last few years, but cloud technology could soon have cybercriminals on the run.
That's the view of Eugene Kaspersky, the charismatic co-founder of Russian security vendor Kaspersky Labs. "I think that we can see light at the end of the tunnel," he said, speaking at the InfoSecurity 2011 conference in London last month.
Kaspersky believes that the global cloud-based threat detection and monitoring networks set up by major security vendors, including Symantec's Quorum, McAfee's Global Threat Intelligence and Trend Micro's Smart Protection Network, as well as Kaspersky's own Kaspersky Security Network, will have a significant negative impact on the profits that many cybercriminals can make from malware. And since cybercriminals are motivated by profits, this will have the effect of "reducing the load of cybercrime on the world," as Kaspersky puts it.
To get an idea of the cybercrime load the world is currently facing and how it has grown over recent years, Kaspersky offers a few statistics: In 2009 12 million new pieces of malware were discovered, while the following year this almost doubled to 20 million. And in 2007, five new pieces of malware were released onto the Internet every two minutes; by 2010 this had accelerated to one every two seconds.
The reasons for this huge jump in malware creation all stem from the fact that it has become progressively easier for criminals to make profits from cybercrime. That's simply because there are more people using online services such as banking which are easy to prey on, Kaspersky believes.
Additional factors that make cybercrime attractive to criminals are:
- Writing malware is technically simple to do
- Cybercrime involves no physical contact with the victims, so it is not dangerous
- Many cybercriminals can justify their actions by adopting the belief that cybercrime is not "real" crime
- Cybercrime is low risk: national law enforcement agencies are not well suited to catching international criminals operating overseas
But despite the huge rise in cybercrime, certain types of cybercriminal activities have declined sharply over the last few years. These include scams involving dial-up Trojans that use the victim's modem to call premium rate phone numbers, and online game fraud such as stealing game characters and property
The reason for this is fairly obvious, Kaspersky believes: very few people in Western countries still use a modem to connect to the Internet, so the opportunity to make money from dial-up Trojans has all but disappeared. As for online game fraud, Kaspersky points out that the prices that game characters and property fetch on the open market have fallen dramatically over the last few years. "What this shows is that when it comes to cybercrime, the motivation is money. When the profits from a particular type of cybercrime decline, so does the associated malware."