« Why Google is Brilliant; Case Study: Google App Engine | Main | Stupid web 2.0 grumble grumble... »

Malware shifts and value chains.

Amrit Williams is calling me on predicting malware emergence. His assertion is that by the time AV improves enough to push attackers onto Macs at their current market share, then attackers will shift to another layer altogether and abandon the idea of monetized malware. I had always assumed that the value chain established by attackers would be largely preserved, but he may be right: there could be a point where AV is so good that attackers will just move to popping webmail accounts and routers rather than attacking client systems. Now wouldn't that be nice.

Comments (1)

Hey Adam,

My basic assertion was that the effectiveness, or more appropriately the lack thereof, of AV on Windows, had limited, if any effect on an increase in Mac malware

So couple of points I would like to make:

1. I don't think AV will ever improve enough to be the catalyst that will push attackers to other layers or platforms. I do believe the platforms themselves, combined with other security measures have a higher likelihood of improvement and are more critical in driving attacks against other layers and platforms

2. Even if AV were to improve to a point where it was highly effective against new attacks, I doubt this would result in the switch to new platforms since it would be fairly easy to port the technology.

3. By layer I meant application-based attacks, especially as they relate to enterprise applications, web services, SOA, et al.

4. I am confused by your statement that I asserted attackers would abandon the idea of monetized malware by going after new layers. First off I never said that at all, so it can hardly be an assertion. Second attacking different layers would still largely be driven by financial gain - which would result in monetized malware

I hope that makes sense

Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)

About

This page contains a single entry from the blog posted on April 11, 2008 5:33 PM.

The previous post in this blog was Why Google is Brilliant; Case Study: Google App Engine.

The next post in this blog is Stupid web 2.0 grumble grumble....

Many more can be found on the main index page or by looking through the archives.

Powered by
Movable Type 3.33