RSS Alerts

Share

More services

Related Links

Related Stories

  • Security Vendors: Trend-Setters, or Trend Followers?
    How far ahead of the curve – or behind it – are vendors when it comes to identifying security trends? Danny Bradbury finds out that the curve may not matter at all
  • Anti-virus: Is There Life in the Old Dog?
    Once upon a time, anti-virus technology was a well-coveted standalone product. These days, it is often considered a commodity that can be adequately built into a UTM offering. Cath Everett investigates whether or not a market for standalone anti-virus technology still exists
  • Comment: Cyber-gang Crackdown Cripples Malware Traffic…for Now
    This past summer’s FBI-coordinated crackdown on computer scareware companies virtually shut the fake security software business down, but without the implementation of tough, diverse preventative solutions, Enigma Software's Alvin Estevez says it might remain akin to nothing more than cutting off the head of a hydra
  • Please Feed the Bear: The Growing Russian Infosec Market
    The Russian information security market is thriving, fueled by a rise in cybercrime. Some foreign security firms, however, have found it difficult to break into the market. Fred Donovan explains why
  • Global cybersecurity market to reach $80 billion by 2017
    The global cybersecurity market is predicted to reach $80 billion by 2017, according to a report by Global Industry Analysts.

Top 5 Stories

News

ISSE 2009: Existing anti-virus software is not good enough

08 October 2009

Existing anti-virus is not good enough, a panel of speakers agreed on 7 October at ISSE 2009 in The Hague.

Moderator Norbert Pohlmann, professor at the Institute for Internet Security, University of Applied Sciences Gelsenkirchen, Germany, started the session by outlining some of the challenges anti-virus and anti-malware vendors will face in the next year.

The anti-virus and malware challenges are due to a plethora of reasons, some of which were identified as:

  • Software errors in code basis
  • Complex upgrades and updates
  • Increasing number of new malware – increased by 500% from 2007 to 2008. Also see increase in professional crime
  • Malware is the basis for botnets, and botnets produce spam, distributed denial of service (DDoS) attacks and well-directed espionage
  • Detection rate of malware is up to 99% - not secure enough

Pohlmann threw the ball over to the panel discussing The Malware Challenge in the Next Year, which existed of Felix Freiling, professor at the Laboratory for Dependable Distributed Systems at the University Mannheim; Rolf Strehle, CISO at manufacturing firm Voith AG; Ronny Bjones, security strategist at Microsoft EMEA; Marius van Oers, research scientist at McAfee and Chris Bender, security product manager at BlackBerry’s Research in Motion.

Freiling said that malware is becoming hard to detect for anti-virus programmes due to encryption, virtual machines, its increasingly targeted nature, etc. Furthermore, malware is becoming more and more powerful.

He added that the problems facing those fighting malware, are the quality of software, the fact that “users don’t care”, and that “anti-virus products are not good enough”.

Strehle agreed with Freiling, saying that at Voith, they ended up building their own security infrastructure, which amongst other things, monitors abnormalities in the systems. He said Voith had to build their own system, because two or three years ago, there was nothing on the commercial market in terms of full IT security systems that fitted the needs of Voith.

Microsoft’s Bjones pointed out that anti-virus and anti-malware writing is nowhere near as ‘fashionable’ as creating virus and malware: “Black hats are more fashionable than white hats”, he told the ISSE 2009 audience.

He also pointed out a problem in the anti-virus and anti-malware industry – namely that the developers are testing their own systems – and that “this has to change” as people do not always spot their own mistakes or issues they have overlooked.

Furthermore, virus and malware attacks used to be based on statistics – i.e. malware writers tried to hit as many as possible. The trend is now changing, and Bjones said Microsoft is now seeing more and more targeted malware and virus attacks.

One of the solutions to the increasing threat of malware favoured by Microsoft, is to give free anti-virus and firewalls to users. Microsoft has already launched its own free anti-virus and security package for consumers.

Bender from BlackBerry, said: “Anti-virus is not perfect – not terrible, but not perfect.”

He posed the question to anti-virus vendors and developers whether it would be possible to reverse the strategy of anti-virus and have it look for safe software rather than malware?

Van Oers from McAfee also agreed that ‘traditional’ anti-virus “is not perfect” and that the anti-virus industry “must find ways of detecting malware sooner”.

He said one approach would be to combine anti-virus, cloud scanning, behavioural protection and white listing in one way or another taking the best of all anti-virus and anti-malware technologies.

Will the malware situation get better or worse next year?

The panel was challenged by Pohlmann to give their answers in one word:

  • Freiling: Better
  • Strehle: Worse
  • Bjones: Security better, situation worse
  • Bender: Security better, situation worse
  • Van Oers: Better – get better at handling the situation

 

This article is featured in:
Internet and Network Security • Malware and Hardware Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012