Mumbai: Security threats are becoming more complex with the explosion in devices and growth of electronic commerce and online social networking. Consumers now have to protect themselves from hackers and cyber criminals across multiple devices such as desktop computers, notebooks, laptops, tablets and smartphones.
Steve Petracca , senior vice-president and general manager of Intel Corp. subsidiary McAfee’s consumer business, cautions that while personal computers are being secured with anti-virus software, smartphones and other mobile devices remain vulnerable. Petracca should know, having held leadership positions with companies such as International Business Machines Corp., Lenovo Group Ltd and PC-Doctor Inc. In an interview, he spoke on the changing nature of online crime, its impact on consumers in India and globally and measures to tackle them. Edited excerpts:
In a June study, your company ranked India ahead of even the US, Japan and China in basic personal computer (PC) security.
After scanning 500 million computers over 18 months, with the permission of users, of course, we concluded that 80% of the world’s PCs (desktops and laptops) are protected by some sort of anti-virus software. In India, it was around 83%, which implies that the country has better protection as far as PCs are concerned. But that will not necessarily be the case when it comes to security in mobile devices.
While concluding that only one-in-six computers globally has some sort of cyber threat protection in a May report, you listed Singapore and the US among the top five most vulnerable countries. Isn’t it surprising?
The numbers surprised us as well. But the US can be a little complacent. Nevertheless, the data is accurate. What will be interesting to see is if security measures in mobile devices follow the same pattern. But if you were to do a survey of security in cellphones, we estimate that only 5% of the world’s smartphones would be protected.
If that’s the case, will the BYOD (bring your own device in enterprises) trend help consumers secure their mobiles?
The BYOD trend is indeed helping consumers secure their smartphones and tablets. Since enterprises cannot afford to have lax security measures, they are forcing employees (who are also consumers) to secure their personal devices if they’re using the same device in the enterprise.
At what pace are security threats gaining ground?
The volume of malware has shot up exponentially. Second, the people perpetrating cyber crimes have become much more sophisticated as there’s tremendous financial gain associated with these acts.
It’s not kids hacking for fun from their bedrooms any longer. These are organized crimes and there are even rogue governments that snoop on consumers. Cyber crimes have also moved from Windows PCs to mobile devices.
Hackers look for numbers to make their efforts pay. With more mobile devices accessing the Internet—at last count, there were 2.2 billion devices accessing the Internet, of which 1.2 billion were mobiles—hackers get their volumes. Hence, it’s going to be very challenging to protect oneself across all these devices.
The latest report (14 November) uncovered new details of Operation High Roller (sophisticated automated attack on global banks and financial institutions). It also revealed that mobile malware has increased and so have database breaches. McAfee Labs also saw jumps in some categories of malware, including ransomware. Rootkits and Mac malware continue to rise, while password-stealing Trojans and AutoRun malware also trended strongly upward.
What are the trends?
There are two elements of personal security that will become extraordinarily important as the days go by—one is protecting your privacy and the other, your identity. By privacy, I mean the authorized use of your personal identifiable information. It means that you control how your personal data is utilized—whether medical records or financial information.
Identity poses, perhaps, a bigger challenge than privacy. It is the ability for you to effortlessly, but consistently, prove that it’s you and not someone else.
How is McAfee tackling this security landscape and how are you leveraging the Intel expertise?
Our strategy is to provide tools to protect both your privacy and identity, a strategy that goes beyond just passwords like biometrics to deal with the multiple levels of authentication mandated by banks and financial institutions. But the solutions have to be simple.
For instance, if authentication takes too long, or if passwords are complicated, consumers could tune out. So biometrics are simpler and work better. With the recent explosion in mobile devices, the tasks have become much more complicated with multiple form factors that have different operating systems.
Anti-virus vendors like McAfee are good at protecting consumers from malware but one of the biggest changes coming in our industry, and one of the reasons that Intel paid $7.7 billion (around Rs.42,042 crore today) to buy McAfee, is the whole notion of personal security.
Intel-based ultrabooks ship with a version of McAfee anti-theft which leverages Intel’s embedded anti-theft technology.
When the Haswell chips are introduced, it will dramatically move identification verification forward (Intel’s next-generation core processor is code-named Haswell, and is expected in the first half of 2013). We will, increasingly, have more intelligence in the cloud (metaphor for Internet-based technologies), creating instantaneous responses to evolving cyber threats. It’s here, too, that Intel’s expertise comes in.