There's been a lot of talk about the holidy that Rustock took and now it's active again, and becoming moreso. Some have pointed to the lull in activity as a weakness that can be used to combat it but I don't think so. How can you possibly exploit the fact that they went on a break in order to come up with a method to crack down on it?
If you ask me, the break was probably because of Winter break at schools as well as the companies shutting down. The college and high-school computer labs across the US would have been shut down for the break which for organisations, only mission critical servers would be running.
As for a this showing a weakness, all it means is that Rustock is dependent on people. If we can educate the majority of organisations about not only the people illegally making profit and wreaking havoc on their computers, but in what we tech savvy people consider basic Internet security, it would put a damper on their activities.
This includes something as simple as:
- not clicking links in emails from people they don't know
- how to use spam filters
- not clicking anything that says "you are the winner", "Person XYZ has died and left $1,000,000 to you", "click here to enter $200,000 lotto"
- not clicking anything that offers discount pharmaceuticals like viagra or any other medication...especially when you didn't sign up on an email list
- this list could go on...trust me
The fact is that Rustock depends on misinformed and uneducated computer users to make money.
How many computer users:
- know how to boot into safe mode?
- know the difference between safe mode and normal mode?
- understand how the Internet works and what happens when you click a link?
If we could address these things and empower the computer-using community with knowledge then their feasibility would be so low...they'd probably get bored and move on to something else (hopefully nothing more sinister)
This doesn't mean "make everyone a computer expert" 'cause that, in itself, isn't feasible. What it means is that if computer-users had a high-level view of what actually happens...it would give them some level of appreciation of different processes and help them to better protect themselves.
Of course this would be hard to do. I'm also pretty sure that building something like Rustock was no easy task. If the bad guys can do it, we can do it too.
If all the security companies were to come together with some other international bodies and governments to help fund a program like this, it would show that ya'll actually care about us, the consumer, and making our lives easier and safer (and not just about our money). I'm talking about the likes of Security-centric companies like Symantec, McAfee, AVG, Kaspersky, Barracuda, Cisco and Checkpoint, straight down to service providers like Google, MSN, Yahoo, Facebook, and Twitter joining hands to fight this thing at the root, rather than fighting the results.
THIS is the real face of Internet Security.
Peace,
~xlloyd.