SOURCE: Panda Security

October 15, 2007 19:52 ET

Antivirus: Malware Detection Is Key to Success

With the Amount of Malware, Spyware, Adware, SPAM, Etc., Simply Exploding on the Net, the Success or Failure of Antivirus and Security Software Will Be Measured by Its Ability to "Detect the Undetectable"

GLENDALE, CA--(Marketwire - October 15, 2007) - It can now be safely stated that the entirety of the antivirus and computer security industry has undergone a complete sea-change in recent years. Gone are the "good ol' days" when viral attacks made big headlines and all the antivirus industry had to do was sit back while everyone rushed out to get the latest security software.

Nope. Those days are long gone. Nowadays, we are much more likely to hear about some large Fortune 500 company, a financial institution, or even the government being hacked into by cyber-criminals for the purposes of stealing money, confidential information, or both.

And if we do hear about it, the odds are that we are hearing about such break-ins long after the fact, and only after a public disclosure was unavoidable.

The current state-of-affairs has lead to a very weird set of circumstances that has left companies who thought they were protected baffled, and unsuspecting public more vulnerable than they have ever been, and the antivirus industry scrambling for solutions.

"The truth of the matter is that we are living in a day and age where cyber-criminals and hackers rule the Internet, and the general public is more vulnerable to attack than they have ever been," says Ryan Sherstobitoff, senior security analyst for Panda Security. "The lack of big headlines has lulled the general public into a false sense of security. As the public begins to find out what is really going on, many will experience a sense of disappointment -- to put it mildly."

In a nutshell, this is the situation. A few years ago, criminal elements -- including organized crime -- began to realize that the Internet was going to be a prime source of ill-gotten profit. A quiet evolution began to take place where malware attacks began to go silent. Stealth became the name of the game with financial gain as the main motivation.

"A whole new class of malware began to appear," says Sherstobitoff. "This new breed of malware could sneak past traditional antivirus programs and firewalls, and reside totally undetected on computer systems. While there, they would steal as much information as they could, and then disappear without a trace."

In other words, hackers and cyber-criminals realized that some of the best targets of their attacks were computer networks that thought that they were "protected." Because the antivirus programs in use said the system was not infected, hidden malware could sit within a system for months. If the breach was discovered, it was usually by accident and almost always far too late to undo the damage.

And no one is anxious to talk about this. If you are the company whose computer security has been compromised, it's not something that you are going to want to broadcast. If you are the antivirus or security company supplying the protection, you are not going to want to let it be known that your software isn't working.

The unfortunate consumer, not hearing much publically, assumes everything is fine without much to worry about.

There is another tactic, however, that the bad guys are using to defeat the antivirus companies: overwhelming the system with so much malware that the industry can't keep up.

"This has proven to be a very smart maneuver by the bad guys," notes Sherstobitoff. "Somebody got the bright idea that if enough malware was created and released on the Internet, the antivirus industry might not be able to keep up. Well, I hate to say it, but they were right."

Research, in fact, shows that more malware has been released into the wild in the past 12 months, than in the previous 15 years combined. PandaLabs, a division of Panda Security, reports that it detects some 3000 new malware samples a day via its worldwide detection system.

The result has been that most antivirus companies simply don't have the manpower or resources to keep up with the deluge. This means that a certain percentage of malware is never detected or diagnosed -- which means the public at large is left completely vulnerable.

Panda Security, however, may have come up with a solution to this problem. Using a worldwide detection system called "Collective Intelligence," Panda decided to automate the entire process. As a result, Panda Security is one of the few antivirus companies that is able to reasonably keep pace with the flood of malware on the Internet.

"Collective Intelligence was a real breakthrough for us," explains Sherstobitoff. "Now, instead of having a problem keeping up, we are able to detect, analyze, and release an antidote far, far faster than any human could do it. This technology has allowed us to maintain a very high level of protection for our customers without the vulnerabilities that many other companies have to contend with."

Indeed, the situation has gotten so bad that many of the major IT publications have run feature articles questioning the future of the industry as a whole if it does not come up with solutions to the current boom in malware. Gartner, in fact, predicted this situation over a year ago by noting that traditional antivirus solutions were no longer effective against today's malware.

It's fairly obvious that no antivirus or security program is going to be able to remove what it can't "see." Unfortunately, not knowing is the kind of thing that can make it hard to sleep at night (if you're the type that has valuable information you need to protect in your computer systems or network).

So, how do you determine your actual level of protection? Sherstobitoff recommends two sites.

"If you're concerned about your network, I recommend www.malwareradar.com. The site can detect some 2 million different forms of malware and is highly effective. For individual PCs, I recommend www.infectedornot.com."

The world of the Internet has changed, and if you think you're protected, you may want to think again. Don't assume that just because you're antivirus program says the system is clean that you might not have a hidden infection.

Contact Information

  • For more information:
    Iria Gala Barxa
    Email Contact
    Tel. +34 91 806 37 00