Nearly every week brings news that a corporate or government network has been penetrated by cyber-criminals, unfriendly nation-states or malicious hackers, resulting in the theft of trade secrets, personal information or sensitive public documents.
Government agencies and
the private sector are coming under additional pressure to increase their
vigilance and to implement new technologies to protect sensitive information
and critical infrastructure.
One of the prominent
conclusions that emerged from the September National Security Agency
(NSA) Trusted Computing Conference & Exposition in Orlando, Fla., was that
Trusted Computing technologies would play an important role in making
cyber-defenses strong enough to thwart the latest cyber-threats.
Consumers and organizations are facing a constant barrage of attacks,
and the NSA is calling on the security industry to do "something different" to
address the problem, Brian Berger, executive vice president at Wave Systems and
a member of the Trusted Computing Group's board, told eWEEK.
People and their devices around the world are being targeted by
spear-phishing, social engineering, malware exploiting zero-day vulnerabilities
and crimeware, Anthony Stramella, special assistant to the director at the
NSA's Central Service Threat Operations Center, said in his opening keynote
speech at the conference. Mobile security is a concern, as malicious apps can
collect personal data and transmit the harvested data to remote servers.
"How much security is built into a 99-cent golf app?" Stramella
asked his audience before adding, "And people are using these devices for
banking and everything else too."
Malware is becoming more
sophisticated, he said, with more than 68,000 tools available for developing
malware and launching attacks-many of which don't require special technical
knowledge or skills to use. Stramella also said that people are exposing too
much of their personal information online, putting them at risk for targeted
"The collective impact of
his message was that the bad guys have something of an upper hand in a world in
which people are surprisingly trusting and careless in their online behavior,"
wrote Neil Roiter, a contributor to
the Wave Systems blog.
One of the central messages
of the conference was that it's time to take advantage of Trusted Computing
technologies to develop security countermeasures,
said Wave's Berger. Trusted Computing
uses hardware-based security to
protect the endpoint, network, data,
mobile devices and other non-PC computing devices.