Based in Monrovia, CA , Trlokom is a Computer & Network Security company specializing in endpoint security and provide solutions that protect enterprise networks from external and internal threats.

Reported incidents of high-profile cyber attacks are increasing and computer security is once again in the spotlight. Today the theft of credit card numbers as well as identity theft by cyber criminals seeking financial gains has become commonplace. On the world stage Cyber Warfare has become reality. Increased activities by state actors as demonstrated by the devastating Suxnet cyber-attack that destroyed Iranian centrifuges, is now frequently revealed. The GAUSS malware, believed to be related to the Stuxnet, is even more worrisome because security companies were not able to analyze the files and we have no idea about its purpose.


It is very clear that the sophistication of cyber attacks is increasing, but there is progress being made in improving the defense against them. Security measures taken by Microsoft, Apple, and Google, have made it difficult for the lower wrung cyber-criminals to inflict the damage that we observed in the early days of the spyware epidemic. Innovative network-based solutions are capable of detecting cyber attacks faster and before they reach their target.

Further, law enforcement agencies, in conjunction with payment processing companies, regularly go after cyber criminals across the globe and shut them down.
While the progress is laudable, does it imply we will have a handle on the cyber security problems? The answer, unfortunately, is a "no". Even with the aforementioned progress, the status of securing networks, computers, and mobile devices against cyber attacks remains a mixed bag. We indeed have better security against run-of-the-mill malware, but at the same time we are increasingly vulnerable to targeted attacks because they break the signature- and heuristics-based defenses. The perspective of the attackers is very simple. Their motivation is mostly financial gains and their chosen path is to exploit the imperfectness of security solutions deployed by their target. Because no security product will catch 100 percent of malware or cyber-attacks, the attacker has to simply tweak their attack until it can bypass the security measures of their target, e.g. the Stuxnet. Another approach is to develop new methods for evading detection and an example of that is the GAUSS malware.