We hear the warnings everywhere these days. Don't click on links from unknown sources, don't open attachments unless you know their contents, don't friend strangers on Facebook, and so many more. It's safe to say that the average Internet user is more aware of the dangers they face online than they were 10 years ago. But is user education going to be enough?
Threatpost reports that Jeremiah Grossman, CTO of Whitehat Security, believes that we have indeed lost the war for desktop security. Citing a policy that many large-scale and high profile companies are implementing, that every PC should and will be considered compromised, he infers that "the good guys have ceded victory in the desktop security battle." Considering the breadth and scope of the Internet, a statement like that can't be taken lightly.
It isn't just infected PCs that cause Grossman to throw in the digital towel. He points to a new class of malware that is slowly but surely becoming popular as the real impetus of his statements.
"Botnets are starting to target and infect routers and DSL modems. Scary, and a possible trend. Think about what this could mean. Should this problem become pervasive, it won’t matter if PCs are disinfected, swapped out, or replaced with iPads, the bad guys are still control because they own the network below. They’ll own DNS, the routers in between, and so on. There is effectively little defensive countermeasures to protect home routers and DSL modems, which are not exactly secure to begin with, or detect if they’ve been compromised."