We’re incredibly excited to celebrate Bitdefender’s 20th anniversary and thought we would take this opportunity to highlight some of the amazing individuals that have helped Bitdefender thrive over the past few years.
We spoke to key members of our security and threat research teams to get their perspective on what the cybersecurity landscape looked like in the past (and what we can learn from it), what challenges we’re seeing in the wild today, and what kind of threats and advances we can expect in the near future.
First, let’s meet our experts.
Alex “Jay” Balan - Director, Security Research
Bogdan “Bob” Botezatu - Director, Threat Research
Alexandru Catalin Cosoi - Sr. Director, Investigations & Forensics Unit
This interview has been edited for clarity and length
Can you tell us about when you first heard of Bitdefender and how it led to you working here?
Alex "Jay" Balan (AJB): I'm Romanian and Bitdefender is a Romanian brand. It's been a tremendous point of pride for us Romanians to have a company as successful as BitDefender. Even back in 2004, Bitdefender was already a worldwide brand and we were very, very happy to be in the same country as them.
Bob Botezatu (BB): It's quite funny because I was on the customer side back then. I was working at a university as a System Administrator and we were overrun with a newly emerged worm. I tried different solutions until I got my hands on a copy of Bitdefender. From there, things moved quite rapidly. Bitdefender had opened up an office in my city. I applied for a new department, got selected, and have been with the company ever since.
Catalin Cosoi (CC): There was this IT fair that was held every year in Bucharest, Romania. I was going through the lanes, looking for the newest laptop or the newest software product and I stumbled on to the Bitdefender group. And I remember that they caught me by surprise because they were dressed as pirates. So I started to look into Bitdefender more to understand what they're doing, what they’re all about. When I realized they were in cybersecurity, I became interested in it and looked into it more.
Let’s talk about the threat landscape. How have things changed over the last two decades?
AJB: When I joined Bitdefender, things were quite simple, because everything could be fixed with a system scan. Now, things have become a little bit more complicated in terms of the damage that's being inflicted to data, and things aren’t as irreversible as they used to be.
Hackers also acted much differently back then. They had less of a financial motivation behind attacks and instead attacked systems, devices, and programs just to prove a point. The only threats that were actually benefiting hackers from a financial standpoint were phishing attacks which are still present today, arguably more evolved and spam.
BB: The threat landscape almost 30 years ago was fundamentally different than back then. We had less of a financial motivation behind attacks and a lot more on the bravado part. For example, ransomware attacks are much more prevalent, and that’s largely due to Bitcoin. This untraceable currency is the thing that made ransomware so lucrative and prevalent.
CC: Back when I started, there was a new malware sample that was appearing and being discovered every two weeks. Now, we’re observing 2-3 malware families come out each second. That was largely because there wasn’t the underground economy that there is now, making cyber attacks lucrative.
What do you think is the next big threat on the horizon?
AJB: Device-based threats will only grow exponentially as far as threats go, especially when it comes to targeted attacks and advanced persistent threats because of the widespread use of IoT devices. Now you’re going to have an APT in your light bulb, one in your printer, which is part of your infrastructure, even though there’s no antivirus installed on the printer.
Attacks as a service will also grow. It’s in the infant stages right now, but there will be a modular way of purchasing and delivering an attack. Hackers will build their offering by purchasing these services from various vendors. You'll get the delivery platform from one vendor, the actual virus from one vendor, the command and control servers from another vendor, and even the money mules, and the money laundering service from another vendor.
BB: Ransomware will remain the one hot threat because it monetizes so well. Emerging players are making enough money now to better weaponize these threats and I wouldn't be surprised if next generations of ransomware carry zero-day exploits bought with the money cybercriminals harvest from victims, for instance.
We and the cybersecurity industry are working towards developing and providing free ransomware decryptors but ransomware is here to stay the more people pay up.
CC: My bet is that the future of cyber hacking and cyber security is going to involve attacking cloud infrastructures. If you are a company and you're essentially renting infrastructure from a cloud provider, that doesn't mean you have to know how to configure it correctly.
The hackers of tomorrow may be exploiting simple misconfigurations that will allow them to access critical infrastructures that are stored in some cloud system.
What kind of solutions do you think will make an impact against these new threats?
AJB: I expect to have more and more XDR solutions emerging into the market to mitigate these kinds of threats as well as device-based solutions that address new smart devices and the risk they pose to individuals and organizations.
BB: I think cyber-resilience, for any company, and especially cybersecurity, needs to come from a mix of people and technology, not just a reliance on new tech. Having people working on state of the art tech, ground-breaking cryptography, and researching new threats is how we bring cyber-resiliency to our clients.
CC: The endpoint is an increasingly complicated target for hackers over the last few years. With VPNs, two-three-factor authentication, and passwords over passwords, it’s becoming more difficult for hackers to target these endpoints which is why I think we’ll see a migration over to cloud-based attacks but that doesn’t mean we can’t develop ways to secure the cloud.