For many years, we have covered various stories covering topics of malware, phishing, social engineering, cyber espionage and other cybercriminal activities that seem becoming endless. Anti-malware products and services came and went, some underwent mergers and acquisition by another antimalware company, while some announced “a new formula” for combating nasties in the Internet, but to no avail, cybercriminals continue to earn more and more profit. Should the antimalware/security suite industry stop using the same formula and look for better solutions?
Your guess is as good as mine, there are visible indications that researchers are looking for new ways to reverse the negative effects of cybercrime through Science. These researches are not grabbing the headlines in mainstream media, given that it is not “exciting” to hear for a common Joe and Jill in the world, but this information usually only cater for the geeky people amongst us. In this article, we give you a very brief introduction of such technologies coming soon (or even so-obscure right now, but already available publicly) to your computer and smart devices.
1. Blockchain powered cloud computing
Blockchain is the technology that made cryptocurrency to exist, the best thing about it is not for exclusive use with cryptocurrency. The use of blockchain in a web service guarantees integrity of data, as any changes can be traced thoroughly. This is especially useful when it comes to cloud-storage and similar services; files uploaded by users can be hashed, and the hash uses blockchain, auditing can be done without any hassle and provides an easy forensic process if ever the same files were leaked one way or another.
2. The future of network analysis tools
Simple Network Management Protocol (SNMP) has been the primary way for system and network administrators to analyze the operations of their respective networks. However, due to how sophisticated malware is today, these nasties carry-out its payload without triggering SNMP’s monitoring parameters. An example of this is a RAT (Remote Access Trojan) or a keylogger saving their “stolen” keylog data using a password-protected zip file. Zip files are very common way to transfer files in the Internet which is not triggering any red flags in SNMP, with a simple password protection it also bypasses the scrutiny of the real-time scan of antivirus products. A successor to SNMP should be in the works somewhere, by someone. Critics are trying to demand the industry to establish its successor, as SNMP no longer cut it, as the network technologies have improved a dozen fold compared to the late ‘80s.
3. A processor for pro-active security checks
There is a current trend of using a specially designed ARM processor to perform periodic security and integrity checks. Trying to bypass this chip may require disabling the feature through a BIOS setting (if provided by the motherboard vendor) or the computer itself will not work if the security chip is forcefully disconnected from the system. The former applies to Intel’s IME (Intel Management Engine) since 2008 and AMD’s PSP (Platform Security Processor) since 2013. Apple’s T2 chip since 2017 applies the latter property, which cannot be disabled by the user. For better or worse, these chips are designed to secure the platform where they are installed at. Critics are questioning the creation of such chips, as it blocks the installation of alternative operating systems such as Linux and BSD in a PC or Mac hardware.
4. Walled garden everywhere
The most problematic desktop operating system as far as security is concerned: Windows. It is because of the culture of how to install programs to the Windows operating system; users download .exe files from somewhere in the Internet and execute those files using an admin-level privilege account. It is so easy for end-users to commit a mistake, download a malicious .exe files, giving it admin capabilities to “install” and wreak havoc to the system. This is a sharp contrast with the MacOS, where Apple restricts users to the MacOS store for downloading apps. Though not strictly as a walled-garden, Linux distributions provide official repositories for downloading and installing new apps to Linux PCs. The “walled garden-like” approach to installing programs guarantees integrity of the code being downloaded by the team that maintains the repository servers.
5. Country-wide Internet
Some countries took an extreme approach in securing their network borders, this is through state-wide Intranet system which functions as a country’s Internal internet. Three countries right now have implemented this, North Korea, China and Russia. Western web services such as Youtube, Facebook, Twitter, Instagram and other similar services are not available inside the countrywide-Internet of the mentioned countries, but rather implement their own counterpart web service replacements. From the standpoint of security, the PCs inside these networks are more secure than any PCs that has direct global public internet connection.