1. Home
  2. Anti-virus industry"s best kept secret

Anti-virus industry"s best kept secret

[email protected] (New York Times)
January 7, 2013

antivirus

Consumers and businesses spend billions of dollars every year on anti-virus software. But these programs rarely, if ever, block freshly minted computer viruses, experts say, because the virus creators move too quickly. “The bad guys are always trying to be a step ahead,” said Matthew D Howard, a venture capitalist at Norwest Venture Partners. “And it doesn"t take a lot to be a step ahead.”

Computer viruses used to be the domain of digital mischief makers. But in the mid-2000s, when criminals discovered that malicious software could be profitable, the number of new viruses began to grow exponentially.

The anti-virus industry has grown as well, but experts say it is falling behind. By the time its products are able to block new viruses, it is often too late. The bad guys have already had their fun, siphoning out a company"s trade secrets, erasing data or emptying a consumer"s bank account.

A new study by Imperva, a data security firm in Redwood City, California, and students from the Technion-Israel Institute of Technology is the latest confirmation of this. Amichai Shulman, Imperva"s chief technology officer, and a group of researchers collected and analysed 82 new computer viruses and put them up against more than 40 anti-virus products, made by top companies like Microsoft, Symantec, McAfee and Kaspersky Lab. They found that the initial detection rate was less than 5 percent.

On average, it took almost a month for anti-virus products to update their detection mechanisms and spot the new viruses. And two of the products with the best detection rates — Avast and Emsisoft — are available free; users are encouraged to pay for additional features. This despite the fact that consumers and businesses spent a combined $7.4 billion on anti-virus software last year — nearly half of the $17.7 billion spent on security software in 2011, according to Gartner.

“Existing methodologies we"ve been protecting ourselves with have lost their efficacy,” said Ted Schlein, a security-focused investment partner at Kleiner Perkins Caufield & Byers.

Part of the problem is that anti-virus products are inherently reactive. Just as medical researchers have to study a virus before they can create a vaccine, anti-virus makers must capture a computer virus, take it apart and identify its “signature” — unique signs in its code — before they can write a program that removes it.

That process can take as little as a few hours or as long as several years. In May, researchers at Kaspersky Lab discovered Flame, a complex piece of malware that had been stealing data from computers for an estimated five years.

Mikko H Hypponen, chief researcher at F-Secure, called Flame “a spectacular failure” for the anti-virus industry. “We really should have been able to do better,” he wrote in an essay for Wired.com after Flame"s discovery.

Symantec and McAfee, which built their businesses on anti-virus products, have begun to acknowledge their limitations and to try new approaches. The word “anti-virus” does not appear once on their home pages. Symantec rebranded its popular anti-virus packages: its consumer product is now called Norton Internet Security, and its corporate offering is now Symantec Endpoint Protection.

“Nobody is saying anti-virus is enough,” said Kevin Haley, Symantec"s director of security response. Haley said Symantec"s anti-virus products included a handful of new technologies, like behaviour-based blocking, which looks at some 30 characteristics of a file, including when it was created and where else it has been installed, before allowing it to run. “In over two-thirds of cases, malware is detected by one of these other technologies,” he said.

Imperva, which sponsored the anti-virus study, has a horse in this race. Its Web application and data security software are part of a wave of products that look at security in a new way. Instead of simply blocking what is bad, as anti-virus programs and perimeter firewalls are designed to do, Imperva monitors access to servers, databases and files for suspicious activity.

“The game has changed from the attacker"s standpoint,” said Phil Hochmuth, a Web security analyst at the research firm International Data Corporation. “The traditional signature-based method of detecting malware is not keeping up.”

Investors are backing a new crop of start-ups that turn the whole notion of security on its head. If it is no longer possible to block everything that is bad, the thinking goes, then the security companies of the future will be the ones whose software can spot unusual behaviour and clean up systems once they have been breached.

The hottest security start-ups today are companies like Bit9, Bromium, FireEye and Seculert that monitor Internet traffic, and companies like Mandiant and CrowdStrike that have expertise in cleaning up after an attack. Bit9 uses an approach known as whitelisting, allowing only traffic that the system knows is innocuous.

McAfee acquired Solidcore, a whitelisting start-up, in 2009, and Symantec"s products now include its Insight technology, which is similar in that it does not let any unknown files run on a machine.

McAfee"s former chief executive, David G DeWalt, was rumoured to be a contender for the top job at Intel, which acquired McAfee in 2010. Instead, he joined FireEye, a start-up with a system that isolates a company"s applications in virtual containers, then looks for suspicious activity in a sort of digital petri dish before deciding whether to let traffic through. Two McAfee executives, George Kurtz and Dmitri Alperovitch, left to start CrowdStrike, a start-up that offers a similar forensics service.

Seculert, an Israeli start-up, approaches the problem somewhat differently. It looks at where threats are coming from — the command and control centers used to coordinate attacks — to give governments and businesses an early warning system.

As the number of prominent online attacks rises, analysts and venture capitalists are betting that corporate spending patterns will change. “Technologies that once were only used by very sensitive industries like finance are moving into the mainstream,” Hochmuth said. “Very soon, if you are not running these technologies and you"re a security professional, your colleagues and counterparts will start to look at you funny.”

Companies have started working from the assumption that they will be hacked, Hochmuth said, and that when they are, they will need top-notch cleanup crews. If and when anti-virus makers are able to fortify desktop computers, chances are the criminals will have already moved on to smartphones.

In October, the FBI warned that a number of malicious apps were compromising Android devices. And in July, Kaspersky Lab discovered the first malicious app in Apple"s app store.

McAfee, Symantec and others are working on solutions, and Lookout, a start-up whose products scan apps for malware and viruses, recently raised funding that valued it at $1 billion.

“The bad guys are getting worse,” Howard of Norwest said. “Anti-virus helps filter down the problem, but the next big security company will be the one that offers a comprehensive solution.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 13,2020

Amid the rapid spread of the novel coronavirus (COVID-19), which has infected 73 people in India and killed more than 4,500 individuals globally, doctors have advised that in addition to regularly washing hands, one should also disinfect their smartphone every 90 minutes with alcohol-based hand sanitizer.

Ravi Shekhar Jha, Head of Department at Fortis Escorts Hospital in Faridabad said the best method to disinfect your smartphone is to use regular doctor spirit or the alcohol-based hand sanitizer at least every 90 minutes.

"Avoid touching your eyes, mouth, or nose. The best option is to use a phone cover or a Bluetooth device and try to touch your phone as less as possible. We would also recommend cleaning your phone at least twice a day," Jha told IANS.

According to research, published in 2018 by Insurance2Go, a gadget insurance provider, revealed that smartphone screens have three times more germs than a toilet seat.

One in 20 smartphone users was found to clean their phones less than every six months, said the study.

"In the time of fear of coronavirus, smartphones should also be disinfected with alcohol-based sanitizer rub. Pour few drops of sanitizer on a tiny clean cotton pad and rub it safely on your entire phone," said Jyoti Mutta, Senior Consultant, Microbiology, Sri Balaji Action Medical Institute in New Delhi.

"You can repeat this process every evening coming back home after an entire day out at work and once in the morning before going out," Mutta added.

"Maintain basic cleanliness, and try to avoid using other's phones especially if suffering from respiratory illness or flu-like symptoms as there is no other way to disinfect these regular gadgets," she stressed.

Another study from the University of Surrey in the UK, also found that the home button on your smartphone may be harbouring millions of bacteria - some even harmful.

The World Health Organisation (WHO) declared the novel coronavirus as a global pandemic on Wednesday. The death toll of COVID-19 has crossed the 4,500 marks and confirmed cases globally have touched one lakh as per the reports.

According to Suranjeet Chatterjee, Senior Consultant in Internal Medicine Department of Indraprastha Apollo Hospitals in New Delhi, "We should frequently wash our hands, cover our coughs and it is important to adapt to other good hygiene habits that are most important in such a situation."

"Coronavirus and other germs can live on surfaces like glass, metal or plastics and phones are bacteria-ridden. It is necessary that we sanitize our hands frequently and make sure that our hands are clean all the time," Chatterjee told IANS.

"The emphasis should be laid on sanitising our hands rather than sanitizing the phone - once in a while the phone can be sanitized under the guidance of the makers of the phone," Chatterjee stressed.

According to the global health agency, the most effective way to protect yourself against coronavirus is by frequently cleaning of your hands with alcohol-based hand rub or washing them with soap and water.

The WHO's report showed the virus infects people of all ages, among which older people and those with underlying medical conditions are at a higher risk of getting infected.

People should eat only well-cooked food, avoid spitting in public, and avoid close contact, the WHO said, adding that it is important for people to seek medical care at the earliest if they become sick.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 10,2020

New Delhi, Mar 10: Crisis-hit Yes Bank on Tuesday said that it has enabled inward IMPS and NEFT services.

The move allows people to send money from other bank accounts to their Yes Bank account through IMPS (Immediate Payment Service) and NEFT (National Electronic Funds Transfer) mode.

In a tweet, the bank also said that Yes Bank customers can pay their credit card dues and loan obligations from other bank accounts.

"Inward IMPS/NEFT services have now been enabled. You can make payments towards YES BANK Credit Card dues and loan obligations from other bank accounts. Thank you for your co-operation. @RBIA @FinMinIndia," said tweet.

Last week Yes Bank was placed under moratorium and a withdrawal cap of Rs 50,000 was imposed till April 3.

The administrator of Yes Bank, Prashant Kumar and Rajnish Kumar, the Chairman of the State Bank of India are hopeful that moratorium would be lifted within a week.

As per the Reserve Bank of India (RBI) draft reconstruction scheme for the crisis-hit private lender, the SBI will take up 49 per cent in the bank by investing Rs 2,450 crore.

The new board of directors will stand constituted from the appointed date. It will comprise a CEO and MD, non-executive chairman and non-executive directors. The SBI will have nominee directors appointed on the board of the reconstructed bank.

The RBI may appoint additional directors to the board, who shall continue in office for one year, or until an alternate board is constituted by Yes Bank.

The SBI will not reduce its holding below 26 per cent before completion of three years from the date of infusion of the capital.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
January 12,2020

Washington D.C., Jan 12: A recent study has claimed that people end up wasting almost an entire day when they take a vacation.

This can happen while standing in a queue or searching for places to visit, people do not keep a count of the time they have actually utilised during the trip. As a result, they end up doing much lesser activities than they originally had planned.

According to a recent report in Fox News, the study has also shared the fact that people try to justify time waste with planning and scheduling activities whereas the truth is that these things can be done well ahead to save time during the trip.

The average time waste according to the study commissioned by Sykes Holiday Cottages also said the people taking a seven days' trip waste a minimum of 17-and-a-half hours to figure out various factors.

But there are other causes involved as well. When one visits any crowded location, the real-time spent to enjoy the location is lesser than the time spent on reaching and trying to get involved. For instance, if one visits an amusement park, the activities take lesser time than the preparatory and other phases.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.