Malware Threat Can Be Reduced by Cloud Security Services

Cloud-based security services can cut into the profitability of criminal enterprise and thin out the number of cyber-criminals operating online, according to the CEO of Kaspersky Lab.

Cloud technology can be harnessed to make it less profitable -- or at least less lucrative -- to develop and distribute run-of-the-mill malware, Eugene Kaspersky, the CEO of Moscow-based Kaspersky Lab, told eWEEK.

If developers are forced to add sophisticated features to develop malware that can't be easily thwarted, it also raises the bar on who can enter the malware business.

Of the more than 20 million pieces of malware detected by Kaspersky Lab every year, a significant portion of them are considered "typical." They are often created using readily available tool kits or just re-skinned versions of existing malware.

Attack kits like Neosploit or Black Hole have made malware development easy to do from a technical standpoint. As a result, practically anyone can create common malware, such as those designed for banking fraud and botnet creation, according to Kaspersky. "While it's not possible to stop all of it, there are ways to make the malware business less profitable," he said.

Right now, writing malware is not only technically simple, but also low risk because national law enforcement agencies are not well-prepared to catch international criminals overseas.  A change in the landscape that would require more technical know-how to operate a criminal enterprise online would weed out a lot of the low-level criminals, Kaspersky said.

Designing sophisticated malware is difficult and is possible only for "a genius," Kaspersky said, noting that "teenagers can't develop this kind of sophisticated malware."

Motivated by Money

Building on a theme he introduced at the Infosecurity Europe event in late April, Kaspersky said cyber-criminals are primarily motivated by money. If they see profits decline in a certain type of attack, they switch to a more profitable line, he added.

For example, malware designed to steal resources and money from online games used to be common a few years ago, according to Kaspersky. However, with the glut of stolen goods on the black market, thieves are making less money.

The average prices criminals can get for characters and artifacts from online games declined by about two-thirds between 2008 and 2010, Kaspersky said. Over the same time period, the number of malware samples targeting game fraud dropped by nearly 60 percent.

This article was originally published on 07-18-2011
eWeek eWeek

Have the latest technology news and resources emailed to you everyday.