Roger Thompson, AVG Chief Security Officer: Shift In Tactics Against Cyber Attacks

By Frances Alonzo

March 3, 2010

Computer programmers and users should be more receptive to changing security measures to reduce the risk of being targeted by hackers.

The cyber-attacks that recently targeted Google, and perhaps 100 other companies, shows that relying on “known virus scanners” is not enough. So says Roger Thompson, Chief Security Officer at AVG, a leading international computer security company.

“The worst hack is the one you don’t know about,” says Thompson. He says there needs to be a push to use different anti-virus products that work at detecting “behavior” rather than anti-virus products that look for “specific viruses and bits of malicious code”.

A example of suspicious behavior might be a bit of malicious program attempting to install itself from opening an office document .

In order to reduce the threat, Thompson suggests adding a "behavior layer."

"If a certain behavior has never been seen before," Thompson explains, "it would exhibit the sort of activity that would look suspicious to another program.”

Thompson notes that every antivirus lab in the world daily gets thousands of new and unique samples of malicious code every day. The problem is, he says, it takes time to respond to the threats.

"The bad guys create massive numbers exactly to confuse the anti-virus labs and they know that in five or ten days all of those samples will be added, but in the meantime there’s another 20-30,000 brand new ones,” he says.

BRAVE NEW WORLD

Thompson says internet security issues need to be addressed especially in light of the increased threat of cyber-terrorism. He points to the apparent use of forged diplomatic passports by alleged assassins of a Hamas commander in Janurary.

"Seemingly, 11 or 12 people came in on forged passports, killed a guy, and then got out again," Thompson says. "Forged passports and identity theft are all tying into the same lack of privacy. It’s a brave new world.”

While governments are trying to stay ahead of cyber-thieves, Thompson says the problem they face is learning how to stay one step ahead. "“We have significantly less privacy than we’ve ever had in our lives and it’s possible to find out stuff about almost anyone at anytime, “ he says.

Thompson’s comments come as the world's largest conference on cyber-security is held this week in San Francisco.

The RSA Conference brings together IT professionals, developers, and policy makers exchange ideas on preventing hacking, cyber-terrorism, identity theft, secure web services and related topics.

The United States’ newly-appointed cyber security tsar, Howard Schmidt, Homeland Security Secretary Janet Napolitano, and FBI director Robert Mueller, are among those planning to attend the event.