How did the Internet change the everyday work of a security researcher?

Every May 17th is World Telecommunication and Information Society Day, which attempts to raise global awareness on how the Internet and new technologies changed our society, and the opportunities they gave to improve our lifestyle. This special date, also known as Internet Day in some Spanish-speaking countries, is an opportunity for us at ESET to celebrate its existence by remembering what it was like to work in security before the Internet appeared.

What do you think it was like to do the everyday work of a security researcher in the 1980’s? What has changed in terms of protection against threats? And, how has the procedure to find and investigate security issues changed?

This and other queries were answered by two of ESET’s respected security researchers, with decades of experience and a lot of stories to tell: Aryeh Goretsky and David Harley.

ESET’s Distinguished Researcher Aryeh Goretsky has been around technology and computers ever since he used a Commodore PET for the first time in the late 1970’s. H having worked now for some two-and-a-half decades in this industry, he has an interesting point of view when it comes to the rise of the Internet:

“We used to say that computer viruses spread at the speed at which courier and postal services could ship and deliver infected floppies.”I suppose the Internet has been something of a mixed blessing for me. While it has enabled all sorts of means of communication that simply were not possible before (think instant messaging) as well as allowing existing lines of communication to occur at faster rates, it has also allowed malicious code to spread orders of magnitude more quickly than it previously could: before that, network connections often meant computers calling each other with  modems over telephone lines, or overnighting a set of floppy diskettes or CDs by courier, since that was faster than the network communications we had.

In the beginning, we used to say that computer viruses spread at the speed at which courier and postal services could ship and deliver infected floppies. Nowadays, a worm or other malware can become globally pandemic in an hour or two.”

In the early days of malware, floppy disks were the main means of distribution.

In the early days of malware, floppy disks were the main means of distribution.

Meanwhile, ESET Senior Research Fellow David Harley started his career in information technology in the 1980’s and, ever since, he says industry puts up with him because, well, he’s been around so long –having written a number of Internet FAQs and articles on programming and security back when those were issues that most people didn’t think of as being important to them.

“In the 1980s, when I moved into information technology as a career, the Internet had already existed for a couple of decades – in fact, some of its underlying technologies, notably the telephone system, are far older. Nonetheless, it was a very different environment. There was no World Wide Web as such, though there were protocols and utilities subsequently assimilated into and/or replaced by web browser technology (archie, gopher, veronica).

“I first began to work from home – using a US Robotics modem borrowed from work that cost more than my own PC and occupied almost as much space as a trio of 12” baguettes.” Access to the handful of machines that were permanently connected to the Internet was usually filtered for home users through services like AOL. Until I left the UK’s National Health Service in 1989, my online communications with the outside world were mostly restricted to services that sidestepped the ‘proper’ Internet – bulletin boards and the UK’s Prestel videotex/Viewdata system (rather like the teletext systems that have been gradually vanishing from television in recent years).

Moving to the Imperial Cancer Research Fund (now merged into Cancer Research UK) gave me direct access to more hardware – one of the (then) new 80386-driven PCs, a Mac IIcx, and a Sun workstation – but even when we got our own permanent connection to the Internet, it was limited to terminal access to a server in the NOC (Network Ops Centre) via telnet, kermit, and FTP. Still, it gave me access to useful resources such as mailing lists, security newsgroups, and vendor web sites.

And when I first began to work from home – using a US Robotics modem borrowed from work that cost more than my own PC and occupied almost as much space as a trio of 12” baguettes – I was able to add those resources to my home access to CIX and Compuserve (which both already gave me email, and access to various useful forums). Indeed, it’s through all these resources that I first met (virtually at any rate) many of the people I work with now (inside and outside ESET), and work I did on Internet FAQs provided a basis for some of my early articles, papers and books.”

Dial up modems were once our main way of accessing the internet.

Dial up modems were once our main way of accessing the internet.

So how did the Internet change our lives and what new possibilities emerged? Aryeh Goretsky says:

“Most financial crimes use computers instead of guns to accomplish their thefts.”The Internet changed not just how people did existing things on their computers, like writing letters or drawing pictures, but gave rise to new services as well. Electronic banking existed well before—it was available on some dial-up services like CompuServe, Prodigy and QuantumLink, to name a few—but it was not until ISPs came onto the scene that banking followed, eager to give their customers new conveniences and services.

PayPal emerged as the de-facto standard for person-to-person financial transactions, and even criminals had their own payment systems, like e-gold and Liberty Reserve. With all of this money moving around the web, it wasn’t long before criminals looked for ways to steal it, and today, most financial crimes use computers instead of guns to accomplish their thefts.”

Nowadays bank robberies are more likely to be done remotely than with a high risk gun-heist.

Nowadays bank robberies are more likely to be done remotely than with a high risk gun-heist.

While according to David Harley:

“By 2001, Windows and Mac machines were able to make good use of the Internet and the Web in and out of the office. Indeed, working from home (which I’ve done full-time since 2006) tends to give the computer user more control and wider scope in terms of the services and applications used, at any rate if s/he uses his or her own device and is not reliant on an employer for Internet access.

The flipside is that users were more able to put themselves in harm’s way when the IT unit wasn’t responsible for their connection: by that time there was a lot more to worry about than infected floppy disks, with threats of all sorts capable of traversing the ether almost instantaneously, and keeping up with security news and having good network protection was more important than ever. Of course that hasn’t changed with the onset of BYOD/CYOD.”

Windows-XP-hot-topic

And what does this mean for a security researcher? Aryeh Goretsky says there’s a challenge:

“It means that things move much faster, and as a result, we have to respond more quickly.”It means that things move much faster, and as a result, we have to respond more quickly.  Fortunately, the same Internet which empowers all the positive things allows us to communicate more efficiently as well, sharing threat intelligence and data.

And that means we can do things like leverage the power of the advances in networking, software and hardware that allow the Internet to run at scale not just to distribute things like updates more quickly than before, but reduce false positives, compatibility issues and other types of problems that plagued the old reactive kinds of anti-virus software that were reactive.”

The always-on internet connections mean that it's easier than ever to keep software updated.

The always-on internet connections mean that it’s easier than ever to keep software updated.

That being said, David Harley concludes:

“The interactive nature of today’s web means that there is more information (and misinformation) out there than any one person can ever hope to gather and verify.”The Internet gives me access to my colleagues at ESET, specialist mailing lists that share threat intelligence (and much else), the media, and a multitude of resources that simply didn’t exist or were impossible to find in the early 90s. Of course it’s easier to publish timely commentary (or papers, manuals, FAQs and so forth) with standard blogging and CMS tools than it was with lynx on a Unix server, and researching the topics for that content is far easier.

However, those advantages also have a flipside. The interactive nature of today’s web means that there is more information (and misinformation) out there than any one person can ever hope to gather and verify, unless it concerns an unusually esoteric topic.

It’s easier for someone who already has expertise in a particular field to select and evaluate information from that field, of course, but what is the everyday user supposed to do when anyone with a laptop – or even a cell phone – can find somewhere to say what they like?”

Rob Wilson / Shutterstock.com

Author , ESET

Follow us

Copyright © 2016 ESET, All Rights Reserved.