Entrust at RSA: “Is It You, Or Is It the Malware?”

February 27, 2013 by Entrust, Inc.     No Comments

This entry is part 6 of 9 in the series Entrust at RSA Conference 2013

In case you missed it, Entrust’s Jason Soroko (@jasonsoroko), who’s head of malware research, is doing  real-time, split-screen key-logging demos via Metasploit, an anti-forensic and evasion detection tool.

It’s live. It’s cool. And it’s going on each day at Entrust Booth 1139.

But, your biggest takeaway from his presentation? Single-factor authentication is absolutely unsecure, and username-and-password schemes should be not considered safe with advanced malware on the prowl.

Why? Online criminals simply don’t need to crack passwords anymore. Key-logging malware is well-crafted and does most of the heavy lifting for them. And because of the advancements in social engineering, it’s quite easy for malware to infiltrate the desktops of someone in just about any organization.

Soroko’s live demo is something you don’t want to miss. You’ll see first-hand how simple it is to intercept real credentials via applications easily available online.

His final sessions are Wednesday (today) at 4 p.m. PST and again Thursday (tomorrow) at 11:30 a.m. PST.

The worst part? By the time the malware is identified and removed — and that’s assuming that it’s actually ever found — the damage has been done and the identity has been hacked.

For example, as Jason shows, ZeuS easily penetrates your system, is skillful at remaining undetected, and is based on architecture that’s core to Microsoft Windows and, to do date, can’t be patched.

There is good news. Secure mobile devices — sorry, Jailbreakers, you don’t qualify —are not susceptible to any current malware that’s capable of executing attacks from application to application. ZeuS-in-the-mobile (ZITMO), for example, exploited SMS redirection within the Google Android OS — a vulnerability the industry has known for some time.

Other basic mobile malware only has gained access to contacts, calendars, photos, etc. The individual apps (e.g., banking, finance, enterprise) remain secure on non-jailbroken devices.

Even better, Entrust’s mobile security solutions perform routine jailbreak detection so organizations and enterprises know that staff aren’t jailbreaking their devices in bring-your-own-device (BYOD) environments. If they do jailbreak their device, any and all Entrust identity credentials are immediately wiped from the device.

Reading about the dangers of malware is interesting enough. But seeing the ease and simplicity of a real-time demo is truly eye-opening. Don’t miss Jason’s presentation this week at Entrust Booth 1139.


Entrust at RSA Conference 2013 | Moscone Center | Booth 1139

About

Entrust provides identity-based security solutions that empower enterprises, consumers, citizens and websites in more than 5,000 organizations spanning 85 countries. Entrust's identity-based approach offers the right balance between affordability, expertise and service. With more than 125 patents granted and pending, these world-class solutions include strong authentication, physical and logical access, credentialing, mobile security, fraud detection, digital certificates, SSL and PKI.

Add to the Conversation