Thursday, June 3, 2010

Windows, Mac, or Linux: It's Not the OS, It's the User

Via -

Who's got the safest operating system? Apple, Google, Microsoft? According to one security expert, what really matters is who's using the OS.

"Microsoft doesn't have a monopoly on all the technical vulnerabilities that are out there," Zulfikar Ramzan, technical director of Symantec Security Response, said Tuesday in a phone interview with PCWorld.

Today's online criminals are far more likely to target user behavior rather than a technical flaw in the OS. "It's a lot easier to do that," said Zulfikar. "You don't need as many technical skills to find one person who might be willing, in a moment of weakness, to open up an attachment that contains malicious content."

This trend has been rising rapidly over the past two years. Currently, only about 3 percent of the malicious software that Symantec encounters exploits a technical vulnerability. The other 97 percent of malware is either "piggybacking on that 3 percent," or more likely trying to trick a user through some type of "social engineering" scheme, according to Zulfikar.

In other words, most attackers now target human, not technical, vulnerabilities. The key is to trick someone, usually via psychological manipulation, into compromising their own security by installing malware, for instance.

No comments:

Post a Comment