Bitdefender’s Director of Threat Research Bogdan Botezatu explains the need to educate everyone on even the simplest cyberattacks, dealing with up to 550 new threats a minute and how a baby monitor can spy on you.
It’s a testament to an antivirus company to be at the forefront of cybersecurity for over 20 years, but it’s another thing to have competitors ask for the technology it developed to keep up. Bitdefender rightfully prides itself on its decades of thwarting malware invading people’s devices, but the fight against cybercriminals is unceasing, and old tricks still prevail.
Based in the cyber capital of Europe, Romania, Bitdefender is known as one of the best antivirus software for both personal and business users. If that’s not impressive enough, the company works with law enforcement to take down major criminal rings around the globe, teaming up with Europol, the FBI and the US Department of Justice to shut down dark web marketplaces AlphaBay and Hansa back in 2017.
Despite these credentials, Bitdefender still has to deal with the onslaught of viruses, malware, zero-day vulnerabilities and more on a daily basis, and the rise of ransomware attacks doesn’t make defending devices any easier. That, and the potential ways hackers can digitally infiltrate your home.
But, as Bitdefender’s Director of Threat Research Bogdan Botezatu puts it, it’s the human factor that makes Bitdefender overcome these cybersecurity threats – new and old. Not just in a “team effort” sense; as in, sponsoring and hosting master’s degrees in cybersecurity at the largest university in Romania and hiring the best to do the job.
There’s still more education to be done, though, as Botezatu tells us about the overwhelming amount of malware flying around, how hackers exploit vulnerabilities, and the importance of using an antivirus.
A sea of malware
One of the most dangerous types of malware a user can get is ransomware. It’s a type of software that burrows deep into a system and effectively takes a victim’s personal data hostage by permanently blocking access to it – unless the victim gives into the hacker’s demands.
“One wrong click, and you’re done. One small attachment that you open inadvertently, and you’re done. One file that you download from the internet, or your friend, and your computer is done,” Botezatu states. “Cyber threats have become more mischievous. Back in the day, when I was working the labs, we would see malware that would have a negative impact on a computer for as long as it used to run. You clean it up and you go back to work.
“It doesn’t work like that anymore because ransomware has changed the paradigm. All it takes is one small infection. The device runs the ransomware, and whatever you do to remove the ransomware will not be able to bring your data back. The ransomware process is irreversible. It’s a simple threat that shows that one small lapse in protection can completely kill year’s worth of your data.”
Ransomware isn’t anything new, but it’s been on the rise over the past few years. While being such a danger to people’s devices, it doesn’t take much to contract it. In fact, as Botezatu explains, sometimes it doesn’t even need one click.
“There are techniques that allow for transparent exploitation of users. Say you are a cybercrime group that specializes in distributing a special type of malware, like ransomware, you can involve something called an exploit kit. It’s a piece of software that lives on a server, and once you land on its pages, it will qualify the technology that your browser uses and attempt to serve a malicious code that crashes your browser, toolbar or extension. When [the device] recovers from that crash, it will automatically launch the malware.”
He continues: “[Threat actors] lead people onto these exploit kits by, for instance, purchasing ads on specific websites. It only takes the user to see that ad in the browser, and then that’s it. User’s don’t have to click on the add; once they see the malicious content, they are already infected.
Botezatu is hammering in the importance of using antivirus software. While browsers have become better at stopping these types of attacks, the director states the team at Bitdefender still see these exploit kits. But that’s only a small percentage of what they deal with.
“Ransomware only accounts for a couple of percent out of the sea of malware,” Botezatu says. “The biggest threat is the sheer volume of generic malware that we’re seeing today. On good days, we get about 400 new threats a minute. On really bad days, it goes all the way up to 550 a minute.
“We run one of the largest cybersecurity shops in Eastern Europe, with 250 malware analysts always on deck. It would be insane to assume that 250 people can analyze 550 samples of malware every single minute. The volume is one impediment. But that’s why, since 2008, we started using machine learning algorithms and training them to protect against emerging malware. It’s nothing new, and has been long in the works. But at this point, no serious vendors will be able to fend off modern cyber threats in the absence of machine learning algorithms.”
Competitive reach
Speaking of using technology to deal with malware, Botezatu states that Bitdefender “is so cool that even our competitors use us.” That’s quite the statement, especially in the cybersecurity field, but it shows just how good Bitdefender has become at detecting malware.
“We license technologies. We have three technology pillars: Bitdefender Cloud, the static antivirus component and behavioural technology, which is amazing. We’ve been ranking ‘number one’ in detections for the past decade, so several vendors reached out to us, and they were like, ‘can we buy several technologies to spin off our own antivirus business?’
While Botezatu doesn’t state which vendors are using Bitdefender’s technology, he hints that antivirus testing companies such as AV-Test and AV-Comparatives give you a nudge in the right direction.
“If you’re looking at AV-Test and AV-Comparatives benchmarks, you will see how many companies use Bitdefender engines to propel their business,” he says. “It’s an impressive amount of them.”
Is the individual at risk?
What’s the main reason hackers use malware? To get money, of course. This had me wondering if a majority of people are actually at risk. Wouldn’t threat actors solely target big companies or high-flyers with bundles of cash they can potentially obtain? Why bother with people that don’t have a million dollars stashed away?
Well, while they do target the heavy hitters, everyone is still at risk, and the consequences of one person getting hacked can have a significant impact on everyone else.
“Whatever happens in a company, it eventually trickles down to the user in some way,” Botezatu claims. “Look at the Colonial Pipeline incident, where one company got ransomed, and people were unable to pump fuel into their cars.”
This ransomware attack brought down a major gas pipeline in 2021 and was deemed a national security threat in the U.S. The hacker group, DarkSide, accessed the Colonial Pipeline network and stole 100GB of data, and infected its IT network. This led the company to shut down the pipeline, affecting everyone from airlines to consumers. That’s just one way an individual can be affected by a hack of that scale, but anyone is vulnerable to getting hacked – no matter their position.
“When [cybercriminals] ransom a company, they don’t go all in. They do a bit of reconnaissance. They get into a company in two primary ways: exploiting a vulnerability that allows them to compromise a computer or server and run remote code, or stealing an employee’s credentials and logging into the infrastructure as an employee.
“When they get in, they scout for valuable information like source code or customer data to steal.” Whatever the attacker can use to monetize or leverage in an extortion attempt, they’ll use it as a threat to the individual and company. And all it can take is for a hacker to breach one employee’s device or account. Not only is the victim’s data at risk, but so is everyone else at their company.
It’s another reason why antivirus software is important to have – not just for those in executive positions or companies as a whole, but for the individual, too. And, since just about anyone can buy malware, the amount of people that can fall into the trap is wide.
“The commoditization of cybercrime is one of the challenges. Everybody can purchase technology to launch their cybercrime operation – if they have the money to invest and a willingness to spend time in jail,” Botezatu states.
Internet of Things
It’s clear that Bitdefender faces a flurry of cyberthreats daily, but new risks are starting to take effect, and the cause is the array of devices in our homes. The Internet of Things (IoT), the devices with sensors or software that can exchange data with other devices over the internet or other networks, are vulnerabilities that hackers can exploit.
“There’s one piece of technology that’s becoming increasingly threatening, and that’s the IoT space. We’re now at somewhere around 23 billion units connected to the internet, ranging from sensors to smart TVs and even cattle monitoring devices. These devices rarely meet the minimum cybersecurity standards, and I know that for sure because I run an IoT research program where we break into most devices.
“We got into an Amazon Ring, surveillance cameras and many things that are available on the market with just a bit of effort. Of course, cybercriminals are creating botnets out of these devices, and they can create quite a blow in DDOS attacks.
“We’re going to find a way to keep people’s privacy safe and preserve the integrity of the internet. It’s one thing for criminals to use your camera to spy on you or use your baby monitor as a two-way communication mechanism, but when they’re using these devices against the core of the internet infrastructure like DNS servers, everybody loses.”
Botezatu continues to explain how the more devices we have, including with 5G, the worse it’s going to get because these won’t have the security standards that our smartphones, tablets and laptops have.
In an IoT landscape report he’s working on, the numbers show that every home in Europe has an average of 25 connected devices, while the average household in the U.S. has 40 connected devices. Some of these are smart switches and sensors behind walls, meaning some people aren’t even aware of them – let alone know if they are vulnerable.
The IoT threat is something Bitdefender continues to work on, along with its fight against criminal acts online. Botezatu signs off by saying: “We never make any compromise in protection, because we believe that basic protection is a human right.” He isn’t kidding, as Bitdefender’s many packages, from the most expensive to its free option, all have the same antivirus detection capabilities. For more about Bitdefender, check out ReviewFire’s Bitdefender review.