News & Notes for Certified Professionals
Visually Imaging Virtual Threats
Images often are used to make an impression. In many high schools, pictures of blackened lungs or grisly car accidents are shown to warn students about the dangers of smoking or not wearing a seatbelt. Whether or not this technique acts as a scientifically proven deterrent, it makes enough of an impact that educators keep using it year after year. All sorts of invisible threats have received artistic interpretations, whether it’s seeing your brain on drugs or your arteries clogged after too many burgers.
Internet security research firm MessageLabs has done the same thing with IT security threats. As part of a new ad campaign, it provided Romanian visual artist Alex Dragulescu with the binary code of such threats as viruses, spam, phishing attacks, spyware, malicious links and Trojans to render visual interpretations of each.
Maksym Schipka, senior architect at MessageLabs, feels that end users are too often only told and not shown how dangerous an online threat can be.
“Basically, the big idea behind the visualization is to convey our message that it’s a very scary world on the Internet, and it’s difficult to actually identify threats and catch them,” Schipka said. “We are interested in and committed to stopping these threats for our customers, so we wanted to visualize that instead of just relying on words.”
In this project, each virus, spam, phishing attack, spyware, malicious link or Trojan has its unique representation, looking not unlike a group of miniscule protozoa from the depths of the ocean. There have been earlier attempts to visualize cyberthreats, but according to Schipka, even though they were technically correct, they didn’t capture the true essence of the threat.
“The difference [between this and] the previous attempts was the involvement of an artist,” he said. “You can get brilliant researchers and brilliant programmers who would do a precise job in visualizing a cyberthreat, yet its look wouldn’t convey the message, which is the important point. [Dragulescu] was able to convey the whole passionate feeling about being able to stop these threats.”
Dragulescu’s new visualizations actually may be less technically accurate than previous attempts to visualize cyberthreats. But MessageLabs feels they make twice the impact because they are expressive images.
MessageLabs spokesperson Marissa Vicario told of the effectiveness of the new visual campaign, indicating it came about because the firm was never really convinced by threat visualizations it had seen before: “The thinking behind it initially was that when you look at pictures in magazines or Web sites and see them in print trying to represent a [cyberthreat], it’s generally a very generic picture. We felt there [had been] a struggle to represent what [a cyberthreat] really looks like, and when we found Alex, we felt he could produce accurate representations because the pictures are based on actual virus and malware code.”
While Dragulescu’s art may have started as a tool to help people picture the threats they face online, it has made an impact on the technology side of MessageLabs just the same. Since previously visualized cyberthreats looked the same, Dragulescu’s variety of threats has showcased the depth of what antivirus firms such as MessageLabs have to deal with everyday.
Through the drawings, “even similar threats can be represented quite differently. They are all very similar internally,” Schipka said. The renderings of cyberthreats serve to illuminate the fact that internally similar threats may still look and behave differently, and interrupting them requires casting a wide net.
“That’s one of the challenges the antivirus industry has: One of the same family of threats can actually be a lot different and require a different approach or tools to take it apart and figure it out,” Schipka said. “So antivirus researchers end up being specialists in a wide variety of technologies, not just one, and I think the pictures quite well represent that.”
Because of this, the functionality of these images is twofold for MessageLabs. On one hand, the provocative pictures get people’s attention, and on the other, they show people that the world of online threats isn’t as simple as a virus here or a phishing scam there, but it includes many versions of all different types of threats. “In the media, the old visualization attempts were perhaps a bit distant from the threat itself, and those attempts to represent the precise threat were not suitable for media,” Schipka said. “Alex’s work has satisfied both the technical people and the marketing people.”
– Ben Warden, editor (at) certmag (dot) com