- Digital Identity Summit 2017: Brian Krebs Named as Keynote as Call for Speakers and Award Nominations Open
- Top 5 Reasons to Vote ThreatMetrix for the MRC People’s Choice Technology Award!
- Organized Fraud Rings Target Online Lenders and Emerging Financial Services, Reveals New ThreatMetrix Report
- ThreatMetrix Momentum Accelerates for Full Year 2016
- Digital Identity Summit 2017 Expands into Hong Kong, London and San Francisco
Ever hear the phrase we can fix it in beta? Sean Kalinich, in his piece on decryptedtech.com, observes this has been a common practice with software companies. However, fixing and patching flaws after a rollout makes problems with exploits that much worse.
(Too) many companies allow software and devices to be released to the world without proper testing. The intention is usually there to patch these flaws, but by the time they get around to it, someone else has discovered them and we have a new malware on the streets.
What is even more interesting is the fact that when companies do fix holes in their software all that does is start the conversation again. Right after Oracle updated Java to patch a number of flaws I was told about a “discussion” of exploits and flaws for Java. Some of these were over five years old and were still functional while others were new. From what I was told, this is very normal and appears to confirm a suspicion that I have had for a while: if an exploit is not made public or is not widely used no effort is made to patch it. There also appears to be a big malware push right after an update is released so that they can reach more people before everyone can update their software.
Between flaws in operating systems, plug-ins and bad user habits the malware writers have a very easy time of it. To give you a simple example during a recent malware outbreak one user actually stated: “It was a weird email so I opened it to see what it was”. (To quote that world renowned savant, Bugs Bunny, “What a maroon!”)
The user clearly knew it was out of the ordinary, but opened it anyway and caused a serious amount of damage to the network. The same user never reported the initial infection, but just moved to another computer. They only reported that their files appeared to be corrupted. By the time anyone was made aware of the infection it was hours later and additional files have been damaged.
This type of scenario is repeated daily around the world and not just with malware that is visible. If someone installs malware on a system that is designed to hide and gather information it could remain unnoticed for long time.
The people that are behind the spread of malware know these patterns and exploit them just as much as they do flaws in software and hardware. This makes stopping malware impossible and even makes slowing it down a tall order.