The latest news regarding Wikileaks documents from the CIA has caused quite an industry stir, and also caught Comodo’s attention since we were mentioned in a couple of documents (and Stephen Colbert mentioned Comodo). Gaining notoriety with U.S. Intelligence Community is something in which Comodo takes some pride. While this latest news involved evaluating a four year old version, that version proved to be a Pain In The Ass (PITA) for professional hackers and was not compromised. While no security is perfect, Comodo has a noteworthy track record of protecting our customers and causing consternation for nation-states trying to compromise computers.
If you rewind to 2014, Wikileaks published documents discussed “FinSpy” (also called FinFisher) surveillance software designed to compromise systems. While the software could bypass a variety of antivirus vendor solutions, the published tests showed that it could not bypass Comodo Internet Security.
Move forward to the past week’s Wikileaks dump of CIA documents and Comodo’s security technology was again catching the interest of the US Intelligence Community. It was a collection of documents about how the CIA might compromise various devices including mobile devices, TVs and PCs. The leaked documents showed the CIA’s attempts to build a hack, step-by-step with the ultimate goal of achieving a total bypass of the security, such as trying to find something like a kernel exploit.
As the leaked documents show, in the case of Comodo, they hit a wall. The quote that caught my eye was a document calling Comodo “a colossal pain in the posterior”. Some of the most talented hackers in the world performed an analysis to see what they could penetrate and, while they could hack into some other products, they could not compromise Comodo Internet Security.
The new Wikileaks documents describe an attack against one part (the run time executable component) of a four-year-old version of the product. As Bruce Schneier noted, the latest Wikileaks documents discuss Comodo Internet Security 5.x and 6.x – 6.x was released in 2013. The current Comodo Internet Security v10 was released January 2017. Comodo Internet Security (CIS) has come a long way since V6.x, and the tricks described in the documents did not bypass security then and could not compromise CIS now. Comodo uses a defense-in-depth strategy that combines layers including Antivirus, HIPS, Firewall, Containment/Sandboxing, Behavioral Analysis (VirusScope), and Cloud File Analysis (Valkyrie). The Wikileaks documents show hackers poking around the edge security layers, but are not able to bypass Comodo security for windows.
For those wishing to avoid attacks, state-sponsored or otherwise, check out the latest versions of Comodo Internet Security (for consumers) or Comodo Advanced Endpoint Protection (for enterprises) that will help you avoid security doom and despair.