1. Home
  2. Anti-virus industry"s best kept secret

Anti-virus industry"s best kept secret

[email protected] (New York Times)
January 7, 2013

antivirus

Consumers and businesses spend billions of dollars every year on anti-virus software. But these programs rarely, if ever, block freshly minted computer viruses, experts say, because the virus creators move too quickly. “The bad guys are always trying to be a step ahead,” said Matthew D Howard, a venture capitalist at Norwest Venture Partners. “And it doesn"t take a lot to be a step ahead.”

Computer viruses used to be the domain of digital mischief makers. But in the mid-2000s, when criminals discovered that malicious software could be profitable, the number of new viruses began to grow exponentially.

The anti-virus industry has grown as well, but experts say it is falling behind. By the time its products are able to block new viruses, it is often too late. The bad guys have already had their fun, siphoning out a company"s trade secrets, erasing data or emptying a consumer"s bank account.

A new study by Imperva, a data security firm in Redwood City, California, and students from the Technion-Israel Institute of Technology is the latest confirmation of this. Amichai Shulman, Imperva"s chief technology officer, and a group of researchers collected and analysed 82 new computer viruses and put them up against more than 40 anti-virus products, made by top companies like Microsoft, Symantec, McAfee and Kaspersky Lab. They found that the initial detection rate was less than 5 percent.

On average, it took almost a month for anti-virus products to update their detection mechanisms and spot the new viruses. And two of the products with the best detection rates — Avast and Emsisoft — are available free; users are encouraged to pay for additional features. This despite the fact that consumers and businesses spent a combined $7.4 billion on anti-virus software last year — nearly half of the $17.7 billion spent on security software in 2011, according to Gartner.

“Existing methodologies we"ve been protecting ourselves with have lost their efficacy,” said Ted Schlein, a security-focused investment partner at Kleiner Perkins Caufield & Byers.

Part of the problem is that anti-virus products are inherently reactive. Just as medical researchers have to study a virus before they can create a vaccine, anti-virus makers must capture a computer virus, take it apart and identify its “signature” — unique signs in its code — before they can write a program that removes it.

That process can take as little as a few hours or as long as several years. In May, researchers at Kaspersky Lab discovered Flame, a complex piece of malware that had been stealing data from computers for an estimated five years.

Mikko H Hypponen, chief researcher at F-Secure, called Flame “a spectacular failure” for the anti-virus industry. “We really should have been able to do better,” he wrote in an essay for Wired.com after Flame"s discovery.

Symantec and McAfee, which built their businesses on anti-virus products, have begun to acknowledge their limitations and to try new approaches. The word “anti-virus” does not appear once on their home pages. Symantec rebranded its popular anti-virus packages: its consumer product is now called Norton Internet Security, and its corporate offering is now Symantec Endpoint Protection.

“Nobody is saying anti-virus is enough,” said Kevin Haley, Symantec"s director of security response. Haley said Symantec"s anti-virus products included a handful of new technologies, like behaviour-based blocking, which looks at some 30 characteristics of a file, including when it was created and where else it has been installed, before allowing it to run. “In over two-thirds of cases, malware is detected by one of these other technologies,” he said.

Imperva, which sponsored the anti-virus study, has a horse in this race. Its Web application and data security software are part of a wave of products that look at security in a new way. Instead of simply blocking what is bad, as anti-virus programs and perimeter firewalls are designed to do, Imperva monitors access to servers, databases and files for suspicious activity.

“The game has changed from the attacker"s standpoint,” said Phil Hochmuth, a Web security analyst at the research firm International Data Corporation. “The traditional signature-based method of detecting malware is not keeping up.”

Investors are backing a new crop of start-ups that turn the whole notion of security on its head. If it is no longer possible to block everything that is bad, the thinking goes, then the security companies of the future will be the ones whose software can spot unusual behaviour and clean up systems once they have been breached.

The hottest security start-ups today are companies like Bit9, Bromium, FireEye and Seculert that monitor Internet traffic, and companies like Mandiant and CrowdStrike that have expertise in cleaning up after an attack. Bit9 uses an approach known as whitelisting, allowing only traffic that the system knows is innocuous.

McAfee acquired Solidcore, a whitelisting start-up, in 2009, and Symantec"s products now include its Insight technology, which is similar in that it does not let any unknown files run on a machine.

McAfee"s former chief executive, David G DeWalt, was rumoured to be a contender for the top job at Intel, which acquired McAfee in 2010. Instead, he joined FireEye, a start-up with a system that isolates a company"s applications in virtual containers, then looks for suspicious activity in a sort of digital petri dish before deciding whether to let traffic through. Two McAfee executives, George Kurtz and Dmitri Alperovitch, left to start CrowdStrike, a start-up that offers a similar forensics service.

Seculert, an Israeli start-up, approaches the problem somewhat differently. It looks at where threats are coming from — the command and control centers used to coordinate attacks — to give governments and businesses an early warning system.

As the number of prominent online attacks rises, analysts and venture capitalists are betting that corporate spending patterns will change. “Technologies that once were only used by very sensitive industries like finance are moving into the mainstream,” Hochmuth said. “Very soon, if you are not running these technologies and you"re a security professional, your colleagues and counterparts will start to look at you funny.”

Companies have started working from the assumption that they will be hacked, Hochmuth said, and that when they are, they will need top-notch cleanup crews. If and when anti-virus makers are able to fortify desktop computers, chances are the criminals will have already moved on to smartphones.

In October, the FBI warned that a number of malicious apps were compromising Android devices. And in July, Kaspersky Lab discovered the first malicious app in Apple"s app store.

McAfee, Symantec and others are working on solutions, and Lookout, a start-up whose products scan apps for malware and viruses, recently raised funding that valued it at $1 billion.

“The bad guys are getting worse,” Howard of Norwest said. “Anti-virus helps filter down the problem, but the next big security company will be the one that offers a comprehensive solution.”

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 24,2020

Pune, Jul 24: Agile and dexterous, 85-year-old Shantabai Pawar wields sticks with absolute ease as she displays 'lathi-kathi' on the streets of Pune.

A video of her, displaying her skills in the Indian martial art form for livelihood, has gone viral on social media.

Pawar told media persons that she learnt the art form when she was only eight and has been practising it since then. The ancient martial art s believed to be linked to Dombari community, a nomadic tribe in Maharashtra.

"I have been pursuing the art of lathi-kathi since I was eight. I have never left it. It is part of me and it is an honour to practice it. My father taught me this. He taught me to work hard," Pawar told media persons.

In the video, the sari-clad octogenarian takes a warrior-like stride and effortlessly rotates a stick several times in a second in her hand and around her head and then does it with two sticks together with a smile on her face. She also tosses a stick in the air and catches it with ease.

The assembled gathering is impressed and enthused.

"People come and say, 'Well done Daadi!' I practice it to earn money for my children and grandchildren," she said.

Pawar leaves her home in the morning in the conditions created by coronavirus and performs the art form on roads and streets.

"I go to various areas to perform the art form and people give money," she said.

The artiste also uses thali and stick to gather the attention of people as most of them are indoors due to conditions created by COVID-19.

Senior citizens have been advised against venturing out due to their greater susceptibility to coronavirus but Pawar said she is not afraid to step out.

"People do advise me to not go out due to fear of COVID-19 but I am not scared. Whenever I step out, I pray to my God and he has kept me safe so far," she said.

Aishwarya Kale, a dancer and the person who uploaded the video on social media, said that it is "only an artist who can understand what help another artist needs".

"I was in that area shopping for some items and it was then I saw her performing and thought that I should film her and upload her video on social media. But I never thought that the video would go viral and she would receive financial help not just from people in the country but overseas as well," Kale told media persons.

"She is now getting honour for her craft that she couldn't get in the last 85 years. I feel good that through my small video, her art form has become viral," she added. 

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
March 21,2020

The World Health Organisation (WHO) on Saturday launched a Health Alert on WhatsApp where over 1.5 billion users can ask questions and they will be provided with reliable information about new coronavirus 24/7.

This will also serve government decision-makers by providing the latest numbers and situation reports, WhatsApp said in a statement.

To contact the WHO Health Alert, save the number +41 79 893 1892 in phone contacts, and then simply text the word 'Hi' in a WhatsApp message to get started.

The service responds to a series of prompts and will be updated daily with the latest information.

"You can also visit the WhatsApp Coronavirus Information Hub at whatsapp.com/coronavirus," and click on the WHO link on the homepage to open up a chat with the WHO Health Alert if you have WhatsApp installed," said the micro-blogging platform.

The WHO Health Alert will provide official information on topics such as how to protect yourself from infection, travel advice, and debunking new coronavirus myths.

The service is initially launching in English but will be available in all six languages within the coming weeks (English, Arabic, Chinese, French, Russian and Spanish.)

"Digital technology gives us an unprecedented opportunity for vital health information to go viral and spread faster than the pandemic. We are proud to have partners like Facebook and WhatsApp, that are supporting us in reaching billions of people with important health information," said Dr Tedros Adhanom Ghebreyesus, Director-General of the WHO.

The WHO Health Alert is the latest official NGO or government helpline to become available on WhatsApp, joining the Singapore Government, The Israel Ministry of Health, the South Africa Department of Health, and KOMINFO Indonesia.

Earlier this week, WhatsApp, in partnership with the World Health Organization, UNICEF, and UNDP, launched the WhatsApp Coronavirus Information Hub. The hub offers general tips and resources for users around the world to reduce the spread of rumours and connect with accurate health information.

WhatsApp also announced a $1 million grant to the International Fact Checking Network to support fact-checking for the #CoronaVirusFacts Alliance.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.
Agencies
July 13,2020

New Delhi, Jul 13: The Income Tax Department has facilitated a new functionality for banks and post offices to ascertain TDS applicability rates on cash withdrawal of above Rs 20 lakh in case of a non-filer of the income-tax return and that of above Rs 1 crore in case of a filer of the income-tax return.

In a statement, the Central Board of Direct Taxes (CBDT) said that now banks and post offices have to only enter the PAN of the person who is withdrawing cash for ascertaining the applicable rate of TDS.

So far, more than 53,000 verification requests have been executed successfully on this facility, a statement by the CBDT said.

"CBDT today said that this functionality available as 'Verification of applicability u/s 194N' on www.incometaxindiaefiling.gov.in since 1st July 2020, is also made available to the Banks through web-services so that the entire process can be automated and be linked to the Bank's internal core banking solution," it said.

On entering PAN by the bank or the post office, a message will be instantly displayed on the departmental utility: "TDS is deductible at the rate of 2 per cent if cash withdrawal exceeds Rs 1 crore", in case the person withdrawing cash is a filer of the income-tax return.

In case the person withdrawing cash is a non-filer of income tax return, the message shown would be: "TDS is deductible at the rate of 2 per cent if cash withdrawal exceeds Rs 20 lakh and at the rate of 5 per cent if it exceeds Rs 1 crore."

The CBDT said that the data on cash withdrawal indicated that huge amount of cash is withdrawn by the persons who have never filed income-tax returns.

To ensure filing of return by these persons and to keep track on cash withdrawals by the non-filers, and to curb black money, the Finance Act, 2020 with effect from July 1, 2020 further amended IT Act to lower threshold of cash withdrawal to Rs 20 lakh for the applicability of this TDS for the non-filers and also mandated TDS at the higher rate of 5 per cent on cash withdrawal exceeding Rs 1 crore by the non-filers.

Comments

Add new comment

About text formats
  • Coastaldigest.com reserves the right to delete or block any comments.
  • Coastaldigset.com is not responsible for its readers’ comments.
  • Comments that are abusive, incendiary or irrelevant are strictly prohibited.
  • Please use a genuine email ID and provide your name to avoid reject.