Paul F Burgueño

Hunting bugs from Bilbao

Last month I visited the laboratories of Panda Software in Bilbao with other members of National Council of cybersecurity consultant .

The purpose of the trip (to which we invited the Security Panda addition to an outstanding lunch at Bilbao) was seen from the front line the intense battle that keep this company technicians Spanish against malware developers around the world. I put down striking examples of what a virus can do to infiltrate our computers, steal information or take control of our bank account without our noticing.

The software company founded by Mikel Urizarbarrena and Juan Santana's CEO, began selling software for driving and is now one of the three major cybersecurity companies worldwide. In the event First Tuesday I attended on 10 February this year, both (founder and CEO) explained in the hall of Madrid Lemon that business success lay in their early territorial specialization of antivirus little impact due to Internet and other telecommunications networks, as well, while the protection of an antivirus program created in the United States was absolutely ineffective against viruses created in or for Spain, Panda Antivirus he could easily block them and neutralize them. However, the globalization of communications has resulted in the internationalization of threats as in recent years, Panda, and all other antivirus companies, has had to adapt its system of detection, neutralization and development of solutions to this new reality.

Panda Security is one of four Spanish companies that are part of the National Council cybersecurity Consultant, whose ultimate mission to make networks more secure public. In this regard, the Council was appointed by the Senate to urge the Government to have a cybersecurity plan coinciding with the European Union presidency 2010. To this end, the Council will help and encourage the initiative from several angles:

• Propose concrete measures for that cybersecurity plan, for example, the creation of a "cyber czar" own style of Obama's policy.
• Promote support for the Government to issue the time (six months)
• Council carry out actions to support the development of various initiatives aimed at security level (campaigns, safety committees, etc.)..

To achieve these aims, the Council has the support of INTECO , the Guardia Civil and a group of experts in Internet and Information Security . Within this group, our mission is to propose measures to boost cybersecurity, developing plans to raise awareness and advise the Council on various issues to be raised in the meetings we hold regularly. So far, the key points on which were discussed were the following:

• The privacy and other fundamental rights should prevail over any initiative to protect the user against cybercrime
• Legislative barriers on the subject and, above all, the executive, do better work on standards and codes of conduct to which laws can refer later.
• Each proposal will take into account different user profiles and / or companies affected, both by size and by sector.
• Initiatives Boost real and effective awareness of cybersecurity.

During the visit to Panda Labs, Luis Corrons was responsible for presenting the company's progress in cybersecurity, using the medium of presentation I have uploaded to Scribd .

Fighting Malware - Fighting Cyber Crime

For his part, Bernardo Quintero Hispasec (another of the big companies that are part of the Council), gave us some time before some videos about what the Trojans can do on our computers to get the keys to the bank or gain control of our accounts:

• Flash Demo Trojan that makes screenshots
• Flash Demo of the Trojan that captures video
• Depth analysis of the Trojan that makes screenshots
• Trojan-depth analysis of video capture

And to finish this post, some pictures of the meeting:

Fernando Tellado has uploaded to your Flickr account photos of the meeting held in Bilbao in July, and the Advisory Council luncheon CNCCS June.

The same photos that you see here you also have my own Flickr account (if a little scattered).