 |
|
| FREE NEWS SERVICES • Newsletters • RSS feeds • Alerts |
CAREERWEB • Register • Post your CV • Find your job |
BRAINSTORM
• Subscribe • Read online |
iWEEK • Subscribe • Read online • Get into iWeek |
IT TRAINING • TrainingWeb ITWEB EVENTS • Events Calendar |
FEEDBACK
• Post your feedback • Send us a news tip |
 |
 |
|
Sponsor's
Message
22 February 2007
Proactive malware response needed
BY
LEON ENGELBRECHT
, ITWEB SENIOR WRITER
READ IN THIS STORY:
[
Johannesburg, 22 February 2007
] -
Traditional anti-virus solutions are worthless against a targeted malware attack or zero-day exploit, says Jeremy Matthews, MD of Panda Software SA.
He says companies need proactive technologies to block these. “There is no such thing as 100% foolproof security. But reactive technologies are still the most effective way of blocking known malware.”
Matthews believes combining reactive technologies or signature scanning and passive-proactive technologies, such as firewalls; as well as proactive technologies, like heuristic engines, is far more effective.
“Traditional anti-virus refers to signature-base detection,” says Matthews. “This is a reactive process, which implies a number of users getting infected first and then sending on the malware information to their anti-virus provider. The research lab will then prepare a signature file update and the malware will be removed from the infected computers once they update. It will also block the malicious file on all updated computers in the future.”
However, hackers now operate faster than this business cycle, delivering malware to target computers faster than anti-virus providers can generate signatures and patches.
Malware audit
In 2006, PandaLabs received more samples of new malware than in the past 15 years combined. “While malware creators used to blast the Internet users with their one creation, they now create an infinite number of variants to affect as many computers as possible – and give anti-virus researchers sleepless nights,” Matthews says.
“Malware creators are not trying to draw attention to their creations anymore. The ‘I love you' virus and other blue screens of death are viruses of the past. Now hackers prepare and use (or sell) one unique variant of malware (mostly Trojans) to infect one unique target. This is known as a targeted attack and is far more dangerous than people realise.”
Panda has released Malware Radar, a Web-based on-demand automated malware audit service. “An astonishing 76% of the companies audited during the Malware Radar test phase were infected by malware, even though they had security solutions installed,” he notes.
Related stories:
The importance of IT security
Worm bypasses gatekeepers
He says companies need proactive technologies to block these. “There is no such thing as 100% foolproof security. But reactive technologies are still the most effective way of blocking known malware.”
Matthews believes combining reactive technologies or signature scanning and passive-proactive technologies, such as firewalls; as well as proactive technologies, like heuristic engines, is far more effective.
“Traditional anti-virus refers to signature-base detection,” says Matthews. “This is a reactive process, which implies a number of users getting infected first and then sending on the malware information to their anti-virus provider. The research lab will then prepare a signature file update and the malware will be removed from the infected computers once they update. It will also block the malicious file on all updated computers in the future.”
However, hackers now operate faster than this business cycle, delivering malware to target computers faster than anti-virus providers can generate signatures and patches.
Malware audit
In 2006, PandaLabs received more samples of new malware than in the past 15 years combined. “While malware creators used to blast the Internet users with their one creation, they now create an infinite number of variants to affect as many computers as possible – and give anti-virus researchers sleepless nights,” Matthews says.
“Malware creators are not trying to draw attention to their creations anymore. The ‘I love you' virus and other blue screens of death are viruses of the past. Now hackers prepare and use (or sell) one unique variant of malware (mostly Trojans) to infect one unique target. This is known as a targeted attack and is far more dangerous than people realise.”
Panda has released Malware Radar, a Web-based on-demand automated malware audit service. “An astonishing 76% of the companies audited during the Malware Radar test phase were infected by malware, even though they had security solutions installed,” he notes.
Related stories:
The importance of IT security
Worm bypasses gatekeepers
|
Hear
from Mervyn King and others, including five leading SA corporates
explaining best practices and legal requirements as prescribed in
King III and other frameworks. Plus, attend a practical one-day
workshop.
 |
|
Copyright (c) 1996 - 2010 ITWeb Limited. All rights reserved. Would you like to see your news here? Contact us for more details at itnews@itweb.co.za |
|||||||||||
|
