Has security moved from prevention to detection and response?

Recently, Symantec’s senior vice president of information security Brian Dye declared that anti-virus is dead, as told to the Wall Street Journal.

Is it?

Has the security industry moved away from prevention to early detection and quick response?

I know when I started WeWatchYourWebsite back in 2007, I started preaching prevention. However, it became evident that nobody was interested. It appeared that people, even then, were more interested in early detection and quick remediation.

If you look at many of the startups and large security companies, it becomes real clear that most of the industry is focused on early detection and quick remediation. Is this like closing the barn door after the horses are out?

Is this giving up on prevention and focusing instead on early detection? That, to me, is like admitting defeat to the cyber criminals of the world.

Or, is it a different strategy?

In combat, whether your battlefield is on soil or a chess board, one key strategy is to lure your opponent into an area and then close in and destroy them.

Could this work in cyber security?

Of course, we’ll never catch the cyber criminals, unless they’re really lazy, but can we capture their methods? That would be considered a victory.

battleIn the book, “The Art of War” it states:

All warfare is based on deception. Hence, when able to attack, we must seem unable; when using our forces, we must seem inactive; when we are near, we must make the enemy believe we are far away; when far away, we must make him believe we are near.

If our deception is to lure the cyber criminal into our website, but record and report everything, then we can consider that a victory for the masses. That information can be used to protect other websites and prevent other sites from being successfully breached.

What do you think?

Should focus be placed on detection and response? Is that a sound strategy?

Share your thoughts…

Thank you.


Fake iTunes cards – next cybercriminal profit center

What if you were offered a $200 iTunes card for less than $5?

How about for $2.60?

Would you buy it?

Apparently cybercriminals based in China have cracked the algorithm used by Apple to generate legitimate iTune cards. This along with their stolen credit card data has become yet another revenue stream for the cyber-criminals.

What’s really amazing is that you can’t even buy a $200 gift card from Apple. Their denominations are: $15, $25 and $50.

This story originally broke here: and a little investigation on our part revealed some interesting sites.

We’ve seen some “middle men” insert themselves in this tangled web of deceit. They actually buy the numbers from the original cybercriminals and then resell them to people they know, thus creating a wholesale/distributor type of business. Talk about an affiliate program that pays big dollars!

Some people are offering cards on various auction type websites. (I’m not mentioning any names but one of them rhymes with prepay)

Please know that buying and using these cards is illegal. We’re posting this so you know NOT to buy them and think they’re legit – they’re not.

What will they think of next?

I don’t know, but I’m sure we’ll see it soon.