Bogdan Botezatu is Director of Threat Research at Bitdefender and as such a person who keeps a finger on the pulse when it comes to the latest malware trends. We asked him a series of questions about the biggest threats, the dangers of smart home gadgets and much more …
TechRadar Pro (TRP): Bogdan, can you tell us more about yourself, your role within Bitdefender and why you chose safety as a career?
Bogdan Botezatu (BB): Hi there. My name is Bogdan, but most people call me Bob! I am a director of Threat Research at Bitdefender and have spent more than 11 years researching threats: looking at existing malware, tracking trends and trying to predict what the next big things in malware development will be.
I am one of the few happy people born in the early 80s in a home with a personal computer. I have spent most of my life trying to discover technology, to communicate with the computer and – at some point – to manipulate it to achieve my end goals.
I naturally understand that systems are subject to subversion and manipulation – something that I experienced firsthand in my previous roles in system administration and devops. I chose security as a career because it is one of the most challenging areas in information technology. It is a high-stakes, extremely unbalanced game with unknown opponents where an error can cost a fortune. It is a very exciting and very rewarding job.
TRP: AI plays an increasingly important role in security, as a result of which companies such as yours and others close the growing gap between supply and demand among security professionals. Do you see a time when people are no longer needed in safety?
BB: Machine learning is an extremely powerful tool in combating threats, but it is not a panacea to end all challenges. These machine learning models are developed, perfected and constantly trained by human engineers. If artificial intelligence ever takes over the security industry, this will not happen soon. On the contrary, the consolidation of companies and their increased dependence on the Internet have put the world in a huge crisis when it comes to skills. The World Economic Forum lists the lack of cyber security skills as one of the most important challenges for organizations. By 2020, companies will have 1.5 million unfilled jobs in cyber security.
TRP: What are the biggest security and privacy threats for small businesses identified by Bitdefender and why are they so dangerous?
BB: There is a joke going on in the cyber security industry that says the biggest threat to businesses is between the chair and the keyboard. The human factor is still one of the biggest risks for companies because people are subject to social engineering or deception. Whether we are talking about employees who fall for phishing schemes or dissatisfied personnel acting against companies, the biggest threats come from within.
Another major threat to companies is the ever-increasing perimeter and the diversity of modern IT infrastructures. Companies have no physical boundaries to limit them to a number of physical locations where security controls can be placed between their network and the "outside world." Their attack surface extends over data centers on multiple continents.
This infrastructure is a mix and match of legacy systems, software-defined infrastructure and a wide range of cloud services, which introduce complexity of management and security challenges. Any unpatched vulnerability in these supplier stacks can open the door for skilled cyber criminals who can collect customer data over the years.
I said that cyber security is a high-stakes, extremely unbalanced game – the good ones must defend the fort at all times, but it takes the attackers only one luck to reach their goals.
Last but not least, modern malware attacks are becoming more and more pervasive. Ransomware is just one of many threats to business, but it is one of the most devastating in terms of impact. Healthcare, transport and critical infrastructure are some of the most targeted industries and data encoded by malware can bring them to a halt.
TRP: Bitdefender is primarily a software company and yet you launched a piece of hardware: the Box. What was the thought process behind such a ' n product?
BB: Bitdefender Box was a product that came from a huge necessity – we saw that the IoT industry gained a lot of control because millions and millions of smart, yet vulnerable devices were connected to the internet. By design, these devices have minimal computer and storage resources, making it impossible for a cyber security vendor to develop a local agent.
The only feasible approach was to secure these devices from outside and a network device at the network level was the best way to do it. The Bitdefender Box was the first product of its kind and we have put a lot of effort into not only turning it into what it is now, but also informing the public about why Internet of Things security should not be a side issue.
TRP: Bitdefender is from Romania – what were the circumstances / factors that allowed the company to thrive in a country that is generally not associated with the very latest technology.
BB: In various respects, Eastern Europe is home to several top-level cyber security companies, and this is probably due to the socio-economic context following the fall of the Soviet Union. Romania is a country that has consistently invested in education, particularly in science. Mathematics, engineering and information security were – and still are – the core of the education curriculum in Romania.
The fall of the Soviet Union brought the Eastern European economy to a halt. Factories were closed, most people lost their jobs, and the general perceived guilt for these inequalities and pain was based on the ' capitalist ' Western world.
At that time, various groups for creating malware in the former Soviet bloc (in particular Bulgaria and Russia) started making malware to fight the capitalist world ' at an early stage of digital hacktivism. The majority of this malware also spread to Romania due to its geographical proximity. It was at the time that the internet was years ago to connect a significant number of people, and most malware was inadvertently distributed through removable media such as floppy disks.
Bitdefender was born as a response to the malware invasion and has therefore grown into a full company.
We are currently one of the few cyber security solutions that are constantly top independent benchmarks in the industry. We offer protection to more than 500 million customers around the world and license our technologies to almost 40% of competing products.
Romania has become one of the largest players in the IT sector and has the largest number of technology workers per capita on the continent. More than 9,000 specialized IT staff graduate from Romanian universities every year, contributing to the existing pool of talent. About 90% of these employees speak English fluently.
TRP: Which security-related stories (hacks, discoveries, hijackings) have caught your attention in the past 12 months?
BB: We have been busy with ransomware, one of the biggest threats at the moment. Our threat investigation teams have worked with law enforcement agencies such as Europol, Interpol, and the FBI (to name just a few) to help clients get rid of a very defamatory ransomware family known as GandCrab.
This family alone holds 50% of the ransomware market share and has estimated to infect at least one million computers worldwide. Our decryptors – the result of more than nine months of continuous work – have helped home and business users to decrypt valuable data and save more than $ 44 million in unpaid ransom.
TRP: What are the major trends / shifts in security that you anticipate in the coming 24 months? Do you still believe, as you wrote in 2008, that "it is difficult to predict and develop the security solution for tomorrow and it will become increasingly easier for attackers to predict where and how they can strike next."
BB: Cyber security is evolving at a very fast pace and it is indeed extremely difficult to predict. As the internet of things becomes more closely connected to the consumer, cyber-criminal groups will increasingly focus on this segment. An important subcategory that is targeted is medical wearables (wireless insulin dispensers, pacemakers, etc.).
Another major trend that we are following are mobile attacks. As fintech services get a better grasp, cyber criminals get more attention from mobile platforms.
TRP: A disturbingly high number of ' smart ' devices do not seem to take even the most basic safety measures, making them unsafe in design. If we were to buy a connected security camera, what would we have to look at from a security perspective?
BB: As a rule, we recommend that customers purchase IoT devices manufactured by suppliers with a reputation behind it. A smart switch of $ 5 is certainly attractive, but you only get what you paid for and nothing more.
Most of the time, production costs are kept to a minimum, because the supplier saves a lot by outsourcing firmware to a third party and by skipping security tests and hurrying a product through R&D. Price is a big indicator of quality, but it is not the only factor that needs to be taken into account. Also view the history of firmware releases – a vendor that is often patches is a vendor that takes security extremely seriously.
TRP: Given the absurd number of ways a person's persona can be stolen or a system compromised, it is reasonable to state that antivirus solutions are over; that they have to retire?
BB: No not at all. On the contrary. A cyber security solution offers layered defenses that have been proven to work in more than 99% of infections. Their goal is to increase the cost of an attack and make it too expensive for the vast majority of cyber criminals.
Without a security solution, a computer is wide open to attack – anyone, from script kiddies to key actors in the field of commercial threats, could endanger a device and the stored data. Behavioral protection technologies, machine learning models and advanced heuristics are highly effective against known and unknown threats.
- With a worldwide network of 500 million machines, Bitdefender has the largest security delivery infrastructure in the world. With 11 billion security quays per day, Bitdefender detects, anticipates and takes action to neutralize even the newest threats anywhere in the world in just 3 seconds.