14 DAY TRIAL // Whenever a company is hacked or a user’s device is infected with malware, someone is blamed. However, that “someone” is rarely the malicious entity that’s responsible for the hack or the infection.
Panda Security technician and malware researcher Bart Blaze wrote an interesting blog post on this “blame game.” The expert believes that the only guilty party is the malicious entity and he proposes a new model where nobody is blamed except for the malware writers and botnet operators.
According to Blaze, every party has its own responsibilities. The users should know their responsibilities and risks when surfing the web, they should install a security solution, and they should be aware of the fact that there’s no 100% protection.
Antivirus vendors should also know that there’s no 100% protection, they should know the user’s needs and shortcomings, and they should acknowledge the customer.
Security companies, on the other hand, should acknowledge both the user and the antivirus vendor, they should give both of them feedback, and they should accept the fact that there’s a constant cat and mouse game between threats and security solutions.
For third parties, although it’s not easy, they should recognize the user, know their needs and shortcomings, and simplify the process while increasing the security.
“The foundations suggested above are what they are, foundations, and is how I see it. Your foundations may differ depending on the situation you're in, but in the end we're all in the same situation: fighting the malicious entity,” Blaze noted.
The key to achieving this lies in cooperation, coordination and consolidation, the researcher notes.
Each party must focus not on blaming the other good guys, but on blaming the malicious entity. For instance, third parties must listen to feedback from security firms and researchers, and prioritize security.
Security companies can share, if possible, their more interesting findings, and cooperate with other organizations.
Antivirus vendors are advised to consolidate their resources by encouraging researchers to share their findings with them. They should also share their own findings in case they uncover a major threat such as an APT.
ISPs can contribute by warning their customers in case a malicious traffic pattern is identified, while web hosts can provide clear and useful information on how to report abuses.
Users also play an important role in this foundation where only the bad guys are blamed. When they're targeted by cybercriminals, the best thing they can do is try to determine how it all happened.
Was it pirated software, did they click on a link , did they download malware, were they a victim of identity theft?
Unfortunately, as Blaze highlights, there’s not enough information online to teach users what to do next. However, the easiest thing they can do is contact their local law enforcement office and try to file a cybercrime complaint.
Another useful tip is to visit the website of the local Computer Emergency Response Team (CERT) since in many cases they can provide advice on what to do.
