1. Home
  2. Anti-virus industry"s best kept secret

Anti-virus industry"s best kept secret

[email protected] (New York Times)
January 7, 2013

antivirus

Consumers and businesses spend billions of dollars every year on anti-virus software. But these programs rarely, if ever, block freshly minted computer viruses, experts say, because the virus creators move too quickly. “The bad guys are always trying to be a step ahead,” said Matthew D Howard, a venture capitalist at Norwest Venture Partners. “And it doesn"t take a lot to be a step ahead.”

Computer viruses used to be the domain of digital mischief makers. But in the mid-2000s, when criminals discovered that malicious software could be profitable, the number of new viruses began to grow exponentially.

The anti-virus industry has grown as well, but experts say it is falling behind. By the time its products are able to block new viruses, it is often too late. The bad guys have already had their fun, siphoning out a company"s trade secrets, erasing data or emptying a consumer"s bank account.

A new study by Imperva, a data security firm in Redwood City, California, and students from the Technion-Israel Institute of Technology is the latest confirmation of this. Amichai Shulman, Imperva"s chief technology officer, and a group of researchers collected and analysed 82 new computer viruses and put them up against more than 40 anti-virus products, made by top companies like Microsoft, Symantec, McAfee and Kaspersky Lab. They found that the initial detection rate was less than 5 percent.

On average, it took almost a month for anti-virus products to update their detection mechanisms and spot the new viruses. And two of the products with the best detection rates — Avast and Emsisoft — are available free; users are encouraged to pay for additional features. This despite the fact that consumers and businesses spent a combined $7.4 billion on anti-virus software last year — nearly half of the $17.7 billion spent on security software in 2011, according to Gartner.

“Existing methodologies we"ve been protecting ourselves with have lost their efficacy,” said Ted Schlein, a security-focused investment partner at Kleiner Perkins Caufield & Byers.

Part of the problem is that anti-virus products are inherently reactive. Just as medical researchers have to study a virus before they can create a vaccine, anti-virus makers must capture a computer virus, take it apart and identify its “signature” — unique signs in its code — before they can write a program that removes it.

That process can take as little as a few hours or as long as several years. In May, researchers at Kaspersky Lab discovered Flame, a complex piece of malware that had been stealing data from computers for an estimated five years.

Mikko H Hypponen, chief researcher at F-Secure, called Flame “a spectacular failure” for the anti-virus industry. “We really should have been able to do better,” he wrote in an essay for Wired.com after Flame"s discovery.

Symantec and McAfee, which built their businesses on anti-virus products, have begun to acknowledge their limitations and to try new approaches. The word “anti-virus” does not appear once on their home pages. Symantec rebranded its popular anti-virus packages: its consumer product is now called Norton Internet Security, and its corporate offering is now Symantec Endpoint Protection.

“Nobody is saying anti-virus is enough,” said Kevin Haley, Symantec"s director of security response. Haley said Symantec"s anti-virus products included a handful of new technologies, like behaviour-based blocking, which looks at some 30 characteristics of a file, including when it was created and where else it has been installed, before allowing it to run. “In over two-thirds of cases, malware is detected by one of these other technologies,” he said.

Imperva, which sponsored the anti-virus study, has a horse in this race. Its Web application and data security software are part of a wave of products that look at security in a new way. Instead of simply blocking what is bad, as anti-virus programs and perimeter firewalls are designed to do, Imperva monitors access to servers, databases and files for suspicious activity.

“The game has changed from the attacker"s standpoint,” said Phil Hochmuth, a Web security analyst at the research firm International Data Corporation. “The traditional signature-based method of detecting malware is not keeping up.”

Investors are backing a new crop of start-ups that turn the whole notion of security on its head. If it is no longer possible to block everything that is bad, the thinking goes, then the security companies of the future will be the ones whose software can spot unusual behaviour and clean up systems once they have been breached.

The hottest security start-ups today are companies like Bit9, Bromium, FireEye and Seculert that monitor Internet traffic, and companies like Mandiant and CrowdStrike that have expertise in cleaning up after an attack. Bit9 uses an approach known as whitelisting, allowing only traffic that the system knows is innocuous.

McAfee acquired Solidcore, a whitelisting start-up, in 2009, and Symantec"s products now include its Insight technology, which is similar in that it does not let any unknown files run on a machine.

McAfee"s former chief executive, David G DeWalt, was rumoured to be a contender for the top job at Intel, which acquired McAfee in 2010. Instead, he joined FireEye, a start-up with a system that isolates a company"s applications in virtual containers, then looks for suspicious activity in a sort of digital petri dish before deciding whether to let traffic through. Two McAfee executives, George Kurtz and Dmitri Alperovitch, left to start CrowdStrike, a start-up that offers a similar forensics service.

Seculert, an Israeli start-up, approaches the problem somewhat differently. It looks at where threats are coming from — the command and control centers used to coordinate attacks — to give governments and businesses an early warning system.

As the number of prominent online attacks rises, analysts and venture capitalists are betting that corporate spending patterns will change. “Technologies that once were only used by very sensitive industries like finance are moving into the mainstream,” Hochmuth said. “Very soon, if you are not running these technologies and you"re a security professional, your colleagues and counterparts will start to look at you funny.”

Companies have started working from the assumption that they will be hacked, Hochmuth said, and that when they are, they will need top-notch cleanup crews. If and when anti-virus makers are able to fortify desktop computers, chances are the criminals will have already moved on to smartphones.

In October, the FBI warned that a number of malicious apps were compromising Android devices. And in July, Kaspersky Lab discovered the first malicious app in Apple"s app store.

McAfee, Symantec and others are working on solutions, and Lookout, a start-up whose products scan apps for malware and viruses, recently raised funding that valued it at $1 billion.

“The bad guys are getting worse,” Howard of Norwest said. “Anti-virus helps filter down the problem, but the next big security company will be the one that offers a comprehensive solution.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
August 2,2020

New Delhi, Aug 2: The National Commission for Women (NCW) has issued notice to some Bollywood celebrities named in a complaint against the promoter of a company for allegedly blackmailing and sexually assaulting a number of girls on the pretext of giving them a career in modelling.

Taking cognizance of the complaint filed by social activist Yogita Bhayana of People Against Rape in India (PARI), the NCW scheduled a virtual hearing presided by its chairperson on August 6.

The complaint against Sunny Verma, promoter of a company named IMG Ventures with its headquarter in Chandigarh, alleged that he has been blackmailing and sexually assaulting a number of girls on the pretext of giving them career in modelling.

PARI's Yogita Bhayana wrote a complaint letter to NCW chairperson Rekha Sharma.

"Through his company, he (Sunny Verma) invites the girls on the pretext of organising a Miss Asia contest with a claim that the contest will launch them as models. To make it look genuine, his company has also been taking an entry fee of Rs 2,950. Once the girls apply, they are alluded by the female accomplices of Sunny Verma to submit their nude pictures in order to get the better ranking in the contest," the complaint letter said on July 31.

It alleged that Verma, after receiving the pictures and sometimes even before, used to get in touch with the girls and ask for completely nude pictures and videos.

The complaint letter said that Verma also used to allude as well as threaten the girls to submit to his sexual desires if they were interested in modelling as a career or wish to win the contest.

"Once he established a physical relationship with the girls, he used to blackmail them for regular sexual favours. Many girls from across the country have suffered a sexual and mental assault from Sunny and his accomplices," said the complaint citing several letters, texts and audio clips from several girls as proof of this modus operandi of Sunny Verma and his company.

The complaint also said that Sunny Verma has been previously also arrested on charges of sexual assault.

"We would demand that NCW should investigate the case to its depth and get the guilty punished so that any other person should not dare to exploit these kinds of innocent girls on any pretext. It will be a message to people like Sunny Verma and all associated Bollywood stars. Looking forward to strict action from NCW against sexual offenders like Sunny Verma & others," the complaint said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
January 17,2020

Bengaluru, Jan 17: India’s latest communication satellite GSAT-30 was successfully launched from the Spaceport in French Guiana during the early hours on Friday.

In a press release, ISRO, has stated that the launch vehicle 'Ariane-5 VA-251' was blasted off from Kourou Launch Base, French Ginana at 0230 hours, carrying India’s GSA-30 and EUTELSAT KONNECT for Eutelasat, as per schedule.

The Ariane 5 upper stage in an elliptical Geosynchronous Transfer Orbit.

With a lift-off mass of 3,357 kg, GSAT-30 will provide continuity to operational services on some of the in-orbit satellites.

GSAT-30 derives its heritage from ISRO’s earlier INSAT/GSAT satellite series and will replace INSAT-4A in orbit.

“GSAT-30 has a unique configuration of providing flexible frequency segments and flexible coverage. The satellite will provide communication services to Indian mainland and islands through Ku-band and wide coverage covering Gulf countries, a large number of Asian countries and Australia through C-band," ISRO Chairman Dr K Sivan said.

Dr Sivan also said that “GSAT-30 will provide DTH Television Services, connectivity to VSATs for ATM, Stock-exchange, Television uplinking and teleport Services, Digital Satellite News Gathering (DSNG) and e-governance applications. The satellite will also be used for bulk data transfer for a host of emerging telecommunication applications.”

ISRO’s Master Control Facility (MCF) at Hassan in Karnataka took over the command and control of GSAT-30 immediately after its separation from the launch vehicle. Preliminary health checks of the satellite revealed its normal health.

In the days ahead, orbit-raising maneuvers will be performed to place the satellite in Geostationary Orbit (36,000 km above the equator) by using its onboard propulsion system.

During the final stages of its orbit raising operations, the two solar arrays and the antenna reflectors of GSAT-30 will be deployed. Following this, the satellite will be put in its final orbital configuration.

The satellite will be operational after the successful completion of all in-orbit tests.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
News Network
May 7,2020

Toronto, May 7: Scientists have uncovered how bats can carry the MERS coronavirus without getting sick, shedding light on what triggers coronaviruses, including the one behind the COVID-19 pandemic, to jump to humans.

According to the study, published in the journal Scientific Reports, coronaviruses like the Middle East respiratory syndrome (MERS) virus, and the COVID19-causing SARS-CoV-2 virus, are thought to have originated in bats.

While these viruses can cause serious, and often fatal disease in people, bats seem unharmed, the researchers, including those from the University of Saskatchewan (USask) in Canada, said.

"The bats don't get rid of the virus and yet don't get sick. We wanted to understand why the MERS virus doesn't shut down the bat immune responses as it does in humans," said USask microbiologist Vikram Misra.

In the study, the scientists demonstrated that cells from an insect-eating brown bat can be persistently infected with MERS coronavirus for months, due to important adaptations from both the bat and the virus working together.

"Instead of killing bat cells as the virus does with human cells, the MERS coronavirus enters a long-term relationship with the host, maintained by the bat's unique 'super' immune system," said Misra, one of the study's co-authors.

"SARS-CoV-2 is thought to operate in the same way," he added.

Stresses on bats, such as wet markets, other diseases, and habitat loss, may have a role in coronavirus spilling over to other species, the study noted.

"When a bat experiences stress to their immune system, it disrupts this immune system-virus balance and allows the virus to multiply," Misra said.

The scientists, involved in the study, had earlier developed a potential treatment for MERS-CoV, and are currently working towards a vaccine against COVID-19.

While camels are the known intermediate hosts of MERS-CoV, they said bats are suspected to be the ancestral host.

There is no vaccine for either SARS-CoV-2 or MERS, the researchers noted.

Follow latest updates on the COVID-19 pandemic here

"We see that the MERS coronavirus can very quickly adapt itself to a particular niche, and although we do not completely understand what is going on, this demonstrates how coronaviruses are able to jump from species to species so effortlessly," said USask scientist Darryl Falzarano, who co-led the study.

According to Misra, coronaviruses rapidly adapt to the species they infect, but little is known on the molecular interactions of these viruses with their natural bat hosts.

An earlier study had shown that bat coronaviruses can persist in their natural bat host for at least four months of hibernation.

When exposed to the MERS virus, the researchers said, bat cells adapt, not by producing inflammation-causing proteins that are hallmarks of getting sick, but instead by maintaining a natural antiviral response.

On the contrary, they said this function shuts down in other species, including humans.

The MERS virus, the researchers said, also adapts to the bat host cells by very rapidly mutating one specific gene.

These adaptations, according to the study, result in the virus remaining long-term in the bat, but being rendered harmless until something like a disease, or other stressors, upsets this balance.

In future experiments, the scientists hope to understand how the bat-borne MERS virus adapts to infection and replication in human cells.

"This information may be critical for predicting the next bat virus that will cause a pandemic," Misra said.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.