1. Home
  2. Anti-virus industry"s best kept secret

Anti-virus industry"s best kept secret

[email protected] (New York Times)
January 7, 2013

antivirus

Consumers and businesses spend billions of dollars every year on anti-virus software. But these programs rarely, if ever, block freshly minted computer viruses, experts say, because the virus creators move too quickly. “The bad guys are always trying to be a step ahead,” said Matthew D Howard, a venture capitalist at Norwest Venture Partners. “And it doesn"t take a lot to be a step ahead.”

Computer viruses used to be the domain of digital mischief makers. But in the mid-2000s, when criminals discovered that malicious software could be profitable, the number of new viruses began to grow exponentially.

The anti-virus industry has grown as well, but experts say it is falling behind. By the time its products are able to block new viruses, it is often too late. The bad guys have already had their fun, siphoning out a company"s trade secrets, erasing data or emptying a consumer"s bank account.

A new study by Imperva, a data security firm in Redwood City, California, and students from the Technion-Israel Institute of Technology is the latest confirmation of this. Amichai Shulman, Imperva"s chief technology officer, and a group of researchers collected and analysed 82 new computer viruses and put them up against more than 40 anti-virus products, made by top companies like Microsoft, Symantec, McAfee and Kaspersky Lab. They found that the initial detection rate was less than 5 percent.

On average, it took almost a month for anti-virus products to update their detection mechanisms and spot the new viruses. And two of the products with the best detection rates — Avast and Emsisoft — are available free; users are encouraged to pay for additional features. This despite the fact that consumers and businesses spent a combined $7.4 billion on anti-virus software last year — nearly half of the $17.7 billion spent on security software in 2011, according to Gartner.

“Existing methodologies we"ve been protecting ourselves with have lost their efficacy,” said Ted Schlein, a security-focused investment partner at Kleiner Perkins Caufield & Byers.

Part of the problem is that anti-virus products are inherently reactive. Just as medical researchers have to study a virus before they can create a vaccine, anti-virus makers must capture a computer virus, take it apart and identify its “signature” — unique signs in its code — before they can write a program that removes it.

That process can take as little as a few hours or as long as several years. In May, researchers at Kaspersky Lab discovered Flame, a complex piece of malware that had been stealing data from computers for an estimated five years.

Mikko H Hypponen, chief researcher at F-Secure, called Flame “a spectacular failure” for the anti-virus industry. “We really should have been able to do better,” he wrote in an essay for Wired.com after Flame"s discovery.

Symantec and McAfee, which built their businesses on anti-virus products, have begun to acknowledge their limitations and to try new approaches. The word “anti-virus” does not appear once on their home pages. Symantec rebranded its popular anti-virus packages: its consumer product is now called Norton Internet Security, and its corporate offering is now Symantec Endpoint Protection.

“Nobody is saying anti-virus is enough,” said Kevin Haley, Symantec"s director of security response. Haley said Symantec"s anti-virus products included a handful of new technologies, like behaviour-based blocking, which looks at some 30 characteristics of a file, including when it was created and where else it has been installed, before allowing it to run. “In over two-thirds of cases, malware is detected by one of these other technologies,” he said.

Imperva, which sponsored the anti-virus study, has a horse in this race. Its Web application and data security software are part of a wave of products that look at security in a new way. Instead of simply blocking what is bad, as anti-virus programs and perimeter firewalls are designed to do, Imperva monitors access to servers, databases and files for suspicious activity.

“The game has changed from the attacker"s standpoint,” said Phil Hochmuth, a Web security analyst at the research firm International Data Corporation. “The traditional signature-based method of detecting malware is not keeping up.”

Investors are backing a new crop of start-ups that turn the whole notion of security on its head. If it is no longer possible to block everything that is bad, the thinking goes, then the security companies of the future will be the ones whose software can spot unusual behaviour and clean up systems once they have been breached.

The hottest security start-ups today are companies like Bit9, Bromium, FireEye and Seculert that monitor Internet traffic, and companies like Mandiant and CrowdStrike that have expertise in cleaning up after an attack. Bit9 uses an approach known as whitelisting, allowing only traffic that the system knows is innocuous.

McAfee acquired Solidcore, a whitelisting start-up, in 2009, and Symantec"s products now include its Insight technology, which is similar in that it does not let any unknown files run on a machine.

McAfee"s former chief executive, David G DeWalt, was rumoured to be a contender for the top job at Intel, which acquired McAfee in 2010. Instead, he joined FireEye, a start-up with a system that isolates a company"s applications in virtual containers, then looks for suspicious activity in a sort of digital petri dish before deciding whether to let traffic through. Two McAfee executives, George Kurtz and Dmitri Alperovitch, left to start CrowdStrike, a start-up that offers a similar forensics service.

Seculert, an Israeli start-up, approaches the problem somewhat differently. It looks at where threats are coming from — the command and control centers used to coordinate attacks — to give governments and businesses an early warning system.

As the number of prominent online attacks rises, analysts and venture capitalists are betting that corporate spending patterns will change. “Technologies that once were only used by very sensitive industries like finance are moving into the mainstream,” Hochmuth said. “Very soon, if you are not running these technologies and you"re a security professional, your colleagues and counterparts will start to look at you funny.”

Companies have started working from the assumption that they will be hacked, Hochmuth said, and that when they are, they will need top-notch cleanup crews. If and when anti-virus makers are able to fortify desktop computers, chances are the criminals will have already moved on to smartphones.

In October, the FBI warned that a number of malicious apps were compromising Android devices. And in July, Kaspersky Lab discovered the first malicious app in Apple"s app store.

McAfee, Symantec and others are working on solutions, and Lookout, a start-up whose products scan apps for malware and viruses, recently raised funding that valued it at $1 billion.

“The bad guys are getting worse,” Howard of Norwest said. “Anti-virus helps filter down the problem, but the next big security company will be the one that offers a comprehensive solution.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 6,2020

The Covid-19 pandemic has made an unprecedented impact on the Indian businesses, particularly small and medium enterprises (SMEs) and startups. According to a joint survey by FICCI and Indian Angel Network (IAN), the pandemic has hit the businesses of around 70% startups.

With uncertainty in the business environment and an unexpected shift in priorities of the government as well as corporates, many startups are struggling to survive, it says.

In a nationwide survey on the 'Impact of Covid-19 on Indian Startups' involving 250 startups, 70% participants said their businesses had been impacted by Covid-19 and around 12% had shut operations.

The survey shows only 22% startups have cash reserves to meet the fixed cost expenses over the next 3-6 months, and 68% are reducing operational and administrative expenses.

Around 30% of the companies said they would retrench employees if the lockdown was extended too long. The 43% startups have already started 20-40% salary cuts over April-June.

Over 33% startups said investors had put the investment decision on hold and 10% said the deals had been scrapped. Only 8% startups had received funds as per the deals signed before Covid-19 outbreak, the survey revealed.

The reduced funding has forced startups to put a hold on business development and manufacturing activities, which has resulted in loss of projected orders.

The survey highlights the need of an urgent relief package for startups, including possible purchase orders from the government, tax relief and swifter tax refunds, and immediate fiscal support measures, including grants, soft loans and payroll grants.

Besides 250 startups, 61 incubators and investors also participated in the survey.

While 96% of investors accepted that their investments in startups had been impacted by Covid-19, 92% said their investments in startups would continue to be low over the next six months.

Around 59% investors said they would prefer to work with the existing portfolio firms in the coming months. Only 41% said they would consider new deals.

"A comparison of priority investment sectors before and during Covid-19 shows 35% investors are now looking at investments in healthcare startups, followed by EdTech, AI/Deep Tech, FinTech and Agri," said the survey.

Around 44% incubators surveyed said their day-to-day operations had been considerably hit by Covid-19. Most incubators are now supporting their portfolio firms by providing them virtual platforms to interact with mentors, investors and industries.

Dilip Chenoy, FICCI Secretary General, said, "The startup sector is stressed for survival at the moment. The investment sentiment is also subdued and is expected to remain so in the coming months. Lack of working capital and cash flows may lead to major layoffs over the next 3-6 months."

Indian startups needed an enabling ecosystem and flow of funds to continue operations, the survey said.

Padmaja Ruparel, President, Indian Angel Network & Co-Chair of FICCI Startup Committee, said, "In these uncertain times, as investors, we must play an important role to provide the Indian startups funding, mentoring and hand-holding support to stay afloat and come out at the other end of this crisis."

To that end, IAN recently announced a debt fund to help IAN portfolio companies raise working capital and ensure business continuity by partnering with debt providers.

This must be replicated on a wider scale, so a larger number of startups are provided the capital support to make it during these tough times, Ruparel said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
June 22,2020

Chennai, Jun 22: Commuting the death sentence to life imprisonment for five convicts, the Madras High Court on Monday set free Chinnasamy, the main convict, who had also been sentenced to death in the Udumalpet Shankar honour killing case.

A Division Bench comprising Justice M. Sathyanarayanan and Justice M. Nirmal Kumar also dismissed the appeal by the state police against the acquittal of three persons by a lower court.

The Bench ordered the five convicts sentenced for life to undergo a jail term of not less than 25 years.

In 2016, V. Shankar, who had married C. Kausalya, was killed by a gang in Udumalpet in Tamil Nadu. The gang also injured Kausalya in the attack.

It was alleged the parents of Kausalya -- Chinnasamy, Annalakshmi -- were against the marriage.

P. Pandidurai, the uncle of Kausalya at the behest of Chinnasamy and Annalakshmi had hired a gang to kill Shankar.

The gang killed Shankar in broad daylight in a public place and Kausalya too got injured in the attack as she tried to save her husband.

The Principal District and Sessions Court in Tiruppur had convicted and sentenced to death six accused persons -- Chinnasamy, P. Jagadeesan, P. Selvakumar, M. Manikandan, M. Mathan alias Michael and P. Kalaithamilvaanan.

The court also sentenced two other accused, K. Dhanraj for life and Manikandan to a five year jail term, while acquitting Annalakshmi, Pandidurai and Prasanna.

The convicts had filed an appeal against their sentence in the Madras High Court while the police filed an appeal against the acquittal of three persons.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 19,2020

New Delhi, Jul 19: Three of the 10 most valued companies added a total of Rs 98,622.89 crore to their market valuation last week, led by stellar gains in IT major Infosys.

Seven companies from the coveted list witnessed a decline in their market valuation last week, but their cumulative loss of Rs 37,701.1 crore was less than the total gain made by three firms -- Reliance Industries Limited, Hindustan Unilever Limited and Infosys.

The market capitalisation of Infosys zoomed Rs 52,046.87 crore to Rs 3,85,027.58 crore. Shares of Infosys had rallied over 9 per cent on Thursday after the company posted a stronger-than-expected 12.4 per cent rise in the first quarter consolidated net profit.

Hindustan Unilever Limited added Rs 25,751.07 crore in its market valuation which stood at Rs 5,48,232.26 crore at close on Friday. Reliance Industries' m-cap jumped Rs 20,824.95 crore to Rs 12,11,682.08 crore.

In contrast, HDFC's valuation plunged Rs 13,920.21 crore to Rs 3,13,269.70 crore and that of Tata Consultancy Services (TCS) declined Rs 7,617.34 crore to Rs 8,26,031.21 crore.

The valuation of ICICI Bank tumbled Rs 4,205.71 crore to Rs 2,29,156.24 crore and that of Kotak Mahindra Bank by Rs 4,175.28 crore to Rs 2,62,864.37 crore.

Bharti Airtel's m-cap dipped Rs 4,009.83 crore to Rs 3,09,521.05 crore and HDFC Bank's by Rs 3,403.97 crore to Rs 6,03,463.97 crore.

The valuation of ITC declined by Rs 368.76 crore to Rs 2,38,469.29 crore.

In the ranking of top-10 firms, RIL was at the number one rank followed by TCS, HDFC Bank, HUL, Infosys, HDFC, Bharti Airtel, Kotak Mahindra Bank, ITC and ICICI Bank.

During the last week, the 30-share BSE index advanced 425.81 points or 1.16 per cent.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.