You will all know computer security company ESET, since it is one of the best known and leader in the cybersecurity sector. It is based in Bratislava, Slovakia, but currently has offices in many countries. It was founded in 1992 and, as you all know, one of its best known and most prominent products is the famous NOD32 antivirus software. Currently its antivirus is available for various platforms, including GNU / Linux, which is why we found it interesting to do this interview to get to know ESET a little more closely ...
Specifically, he has kindly assisted us Joseph Albors, the person in charge of research and awareness of ESET Spain. With him we continue with our series of interviews with VIPs and companies in the technology sector that we started a while ago. I hope you are enjoying these interviews and that together we will learn a little more about them and about the topics covered. So without further delay, here is the content:
Linux Addicts: Would you recommend that users of UNIX / Linux systems install an antivirus?
Joseph Albors: As a user of GNU / Linux, macOS and Windows, I do not see obstacles when installing a security solution since it hardly affects the performance of the system and not only allows detecting threats directed at our system. In this way, in a multiplatform ecosystem, we will be able to detect and eliminate threats directed at other operating systems that are more prone to them and avoid them having a bad drink.
LxW: Do you see the security landscape better on systems like GNU / Linux, Solaris, FreeBSD, macOS, etc., than in the case of Microsoft Windows?
HA: At this point we would have to define very well what we mean when we mention each of these systems. It is not the same a Up-to-date and well-managed GNU / Linux than an outdated GNU / Linux with multiple security holes installed on an IoT device that will hardly receive a security update. In the same way, a Windows 10 at the user level is not the same as a Windows Server 2016 managed by an experienced sysadmin.
The situation changes a lot from scenario to scenario, and while Windows has greatly improved its security in recent years, at the desktop level it is still a favorite target of criminals (although its install base has a lot to do with it as well). For its part, although GNU / Linux hardly has threats in the form of malware on desktop systems, in other environments where the system is embedded in devices with limited management and security capabilities and that are distributed in the millions, the situation is quite worrying.
When it comes to macOS, we have seen how threats directed at this platform have grown slowly but unstoppably in recent years, so users of this platform would do well to consider the security of their systems essential.
LxW: … And in the case of Android and iOS?
HA: Although these two operating systems have UNIX as their common ancestor, the dominance of Android over iOS has also caused criminals to focus on the Google platform. At this point, the application approval and review policies in the official application stores of each company also affect, Apple's being much more restrictive and therefore limiting the number of malicious applications found with respect to those detected on Android.
LxW: How do you plan to provide greater security for the IoT?
HA: For a couple of versions, ESET solutions have a home network monitoring tool. This option allows you to scan the router and other smart devices for known vulnerabilities, offering suggestions to fix them. We also have a specific free solution for Smart TV and other devices with Android TV that protect against threats directed at this platform.
We know that the security of the Internet of Things is an issue that must be taken into account and these features included in our products are only the beginning. We continue to research and develop solutions that adapt to the needs of this unique ecosystem and we hope to contribute to making the IoT a safer place.
LxW: Can an antivirus company do anything about privacy? I am not just referring to preventing attacks on a system, but, for example, preventing certain apps from collecting user information, or avoiding what some developers and companies are calling "bidirectional telemetry" ...
HA: It is not only that it can but that it should help protect the privacy of its users. In the case of ESET, we detect applications that are clearly malicious and, in the case of being a legitimate application but that affects our privacy in some negative way that we are aware of, we notify the user that they are trying to download or install an application potentially undesirable.
LxW: What other challenges or challenges have you been facing lately in terms of cybersecurity?
HA: Despite the fact that many criminals are quite lazy and hardly innovate in creating malware, there are a few who like to make things difficult for us. Threats such as those that do not use any malicious files and use system tools such as PowerShell or those that use trusted third parties to spread and also have legitimate certificates are a dangerous threat because they make users lower their guard and allow bypassing some security measures .
LxW: How can users contribute to reporting or reporting malicious code?
HA: You can contribute in various ways, both by sending these samples to analysis services such as Virustotal (which then shares them among the different associated antivirus houses) to sending them directly to our laboratories by email at firstname.lastname@example.org.
LxW: Why have some antivirus been put under suspicion and discarded to be installed in certain government systems? We all know the case of a well-known antivirus firm that has been rejected by Europe. I know it is because antivirus is given full permissions, and that can be a double-edged sword, but I would like to know your opinion ...
HA: We do not speculate on what other manufacturers do but ESET, as a company located in the European Union, complies with all current regulations and is fully committed to the safety of its users. In the same way, we are against the use of threats even with supposed legal purposes and, therefore, we will detect them as we have done previously, whether they are carried out by a group of criminals or a government or official body.
LxW: Are antivirus for Linux a simple port of antivirus for Windows? That is, is it the same software ported to be able to be run on GNU / Linux systems?
HA: The versions of our security solutions for GNU / Linux share some characteristics with those of Windows and macOS but they have been developed from scratch for this specific platform. In fact, solutions for GNU / Linux servers allow a very extensive configuration for system administrators to configure them to their liking.
LxW: Does the malware search engine in the case of the Linux version detect viruses for Windows, rootkits, and so-called multiplatform (Flash, Java,…)? Or something else?
HA: Indeed, the analysis engine is the same for GNU / Linux as well as for macOS and Windows and, therefore, allows the detection of cross-platform malware, including threats for mobile operating systems such as Android and iOS.
LxW: What does your Linux antivirus software bring that the competition doesn't?
HA: Our security solutions have more than 30 years of experience and it shows in several key points. One of them is the ability to detect threats and being ESET a leading company in the sector, it allows our users to have effective protection. Furthermore, our analysis engine is one of the fastest and one that consumes the least resources, so the impact on the system is minimal.
LxW: Do you think that antivirus will be replaced by other security tools in the near future?
HA: As a company that has been in this industry for more than 30 years, we have heard that question quite a few times. We sincerely believe that antivirus as such has long evolved into more complex security solutions prepared to deal with the most advanced threats. How each manufacturer evolves is up to it, but ESET will continue to support a multi-layered solution that continues to make things difficult for malware creators, always taking into account the best technology available at all times.
Do not forget to leave your comments about the interview… I hope you liked it and that you are attentive to our LxA posts, because more of these interviews will come… We haven't finished the series yet!