Tag Archives: techworld

Malware Attacks – How Much Disclosure Are You Entitled To?

image I’m an advocate of full disclosure. I demand transparency (not always successfully), in every area that has the potential to impact my life at any level. Period.

Since cyber crime has the potential to affect me at a fundamental level, I expect that every aspect of all security vulnerabilities will be released by those you have access to this information. I’d be surprised if you felt differently.

As a reputable Blogger, I’m regularly updated by many of the leading security developers on recently discovered or pending security issues, so that my readers can stay current with changing malware conditions.

In fact, the objective of my Tech Thoughts Daily Net News column, is to do just that – notify readers of a seemingly never ending list of new security issues, as quickly as possible.

From time to time though, a security issue needs to be explained more fully. As an example, last week, BitDefender let me know of a so called Kiddie Script – Facebook Hacker, which can be used by amateur cyber crooks to construct malware designed to steal login credentials.

Based on the available information, I wrote an article “BitDefender Says Facebook Hacker: A Do-It-Yourself Kiddie Script Is On The Loose!” Not the first time, I might add, that I’ve reported on the availability of Kiddie Scripts, and the impact such freely available hacking tools can have on unwary Internet users.

I was not alone in reporting on this issue. Other tech sites that reported on Facebook Hacker included; hackinthebox, softpedia, itbusinessedge and techworld. As well, scores of prominent tech news aggregators, linked back to BitDefender’s original Blog post on this issue.

Imagine my surprise then, when I received a series of emails from a security developer executive, who argued that BitDefender, and by extension, me, had broken some sort of hidden rule – that it’s better to keep computer users in the dark with respect to certain security threats.

I must admit, I was taken aback by the implication that by reporting on Facebook Hacker, I was now part of the malware problem, and not part of the solution.

I’m on the far side of 50, and I’ve been at this game a very long time, so an insinuation that suddenly I’m part of the malware problem, definitely provoked a slow burn. Nevertheless, I was prepared to let this go. But, a security developer who can’t allow an alternative opinion, suggests a deeper issue exists.

Keeping computer users in the dark, at least in this security developer’s opinion, is less harmful than letting computer users know what they’re really facing in their increasingly difficult battle to stay safe against cyber criminals.

The gist of his argument was this – BitDefender, and again by extension, me, by reporting on Facebook Hacker, had told “every dickhead in the world where to find it.” So, I should have kept you in the dark.

Conveniently, the fact that  a Google search on “Facebook Hacker”, returns 24,900,000 results was not mentioned.

Curiously, in one email the following observation was made –

Until a couple of days ago Facebook Hacker was a low key (almost unknown, in fact) problem because very few people knew it existed….

Thanks to recent publicity there are now 34 anti-malware programs detecting the original … up from 20 a couple of days ago … up from a mere handful a couple of months ago.

So, you’d think that would be the end of the argument – that reporting on this issue was the right thing to do, since more antimalware applications are now  detecting malware produced by this kit – but no.

There was a further point that had to be made. One which negated the value of shining the light on this security threat.

If the grubs stay true to form there will almost certainly be more “upgrades” in the pipeline, and unlike the original which had limited distribution, a relatively minor payload, and little chance of success because most people aren’t silly enough to run an unsolicited email attachment, some of those “upgrades” might hit the mainstream as undetectable autorunners carrying vicious payloads.

Irresponsible “disclosures” telling perps where to download live malware ALWAYS do more harm than good!

Two questions need to be answered here:

First: What’s the point in paying for antimalware software unless there’s an implied agreement that the security vendor will do all that is necessary to seek out, and identify harmful threats, and develop an appropriate defense against these threats?

In this particular instance, that doesn’t seem to have been the case. Why did it take “recent publicity” before additional antimalware programs began detecting this malware?

Second: Why would cyber criminals need me, or anyone else for that matter, to point them to malware creation tools? The fact is, the Internet is awash in hacker sites. Pointing out that fact, was part of the purpose in writing the article.

I’ll restate my view, as I expressed it, in replying to these emails –

Being aware of danger is a prerequisite to preparing a defense against the danger. No, I’m definitely on the other side of the fence on this one. I expect full disclosure and access to information, not only in this type of situation, but in all areas where the information is required for me to adequately assess an issue.

I have a problem with anyone who sets themselves up as a arbitrator of what’s in my best interest. I don’t think I’m alone in recognizing that withholding information is rarely, if ever, in the public interest.

Do you see the value in full disclosure? Do you agree that antimalware vendors have an obligation to release information on threats that potentially can impact your Internet safety?

Or, would you rather remain unaware of existing, or impending security threats, and just take your chances with remaining malware free?

If you found this article useful, why not subscribe to this Blog via RSS, or email? It’s easy; just click on this link and you’ll never miss another Tech Thoughts article.

25 Comments

Filed under Bill's Rants, blogging, cybercrime, Internet Security Alerts, Point of View, Tech Net News