New Research Suggests That Mass-Mailing Viruses Could Be a Thing Of The Past if AV Vendors Are Quicker Off The Mark

London, 21st October 2004 – New research shows that reducing the “window of vulnerability’, or signature delay time, could make email virus outbreaks a rarity, reports MessageLabs, the leading provider of managed email security services to businesses. The findings were presented by security experts at the recent Virus Bulletin Conference in Chicago.

The window of vulnerability is the delay between the appearance of a new email-borne virus or worm, and the release of signatures by traditional anti-virus software vendors. Customers of managed email security vendors such as MessageLabs are not subject to signature delay times, owing to the use of predictive technology capable of detecting previously unseen viruses.

The research presented by Gabor Szappanos from Virus Buster shows that when a new mass-mailing virus emerges, it usually takes a few hours to gather enough momentum to result in an outbreak. If anti-virus vendors were able to reduce the window of vulnerability to three hours or less, mass-mailing viruses would have little if any impact. Findings from Andreas Marx at AV-test.org showed that the average signature delay time has only been reduced from 12 to 10 hours during the past year, demonstrating how wide the gulf is.

According to a report published by IDC in August 2004, proactive virus detection techniques are expected to be increasingly adopted by organizations to combat the more complex, fast-spreading threats of the future. The integration of proactive virus detection technologies with traditional signature-based anti-virus technologies will allow for a greater degree of accuracy in detecting known and unknown threats.

A survey1 of 125 European businesses published by MessageLabs in July 2004, indicated that 65% of businesses believe that the signature-based approach will either not be able to cope with the increasing volume and destructiveness of email viruses and worms in the future, or will be obsolete.

Alex Shipp, MessageLabs’ Senior Anti-Virus Technologist, comments: “While malicious code has developed at a rapid rate, traditional anti-virus software relies on the same model as it did 20 years ago. Virus writers have become adept at exploiting windows of vulnerability because they know that the delay around getting signature files out has a critical effect on the scale of an outbreak. Companies are realising that they cannot rely solely on the old methods and are looking for a more proactive approach, such as Internet-level managed services that can stop known and unknown virus threats immediately, before they reach an organisation’s network boundary.”

During September, MessageLabs scanned over 1.78 billion emails for viruses, Trojans and other malicious content, and more than 86 million or 4.83% (1 in 20.69) were intercepted (33.27 per second).

1. The Email Security Survey was carried out on the MessageLabs’ website between 28th May and 28th June 2004. A total of 125 companies from across Europe responded. A copy of the full survey results is available on the link below: www.messagelabs.co.uk/news/virusnews/detail/
default.asp?contentItemId=927&region=

About MessageLabs
MessageLabs is the leading provider of managed email security services to businesses based on market shares or revenue according to the Yankee Group Security Solutions & Services, February 2004 Report. The company currently offers industry-leading protection to more than 9,000 businesses around the world from email threats such as viruses, spam and other unwanted content before they reach their networks and without the need for additional hardware or software. Powered by a global network of control towers that currently spans 13 data centres in the United States, the United Kingdom, Germany, the Netherlands, Australia and Hong Kong, MessageLabs scans millions of emails a day on behalf of customers such as The British Government, The Bank of New York, Bertelsmann, Bic, CSC, Conde Nast Publications, EMI Music, Diageo, Orange, Random House, SC Johnson and StorageTek. The company has more than 600 channel partners, including BT, Cable & Wireless, CSC, IBM, MCI and Unisys. The information relating to MessageLabs’ services contained in this news release is based on data generated internally by MessageLabs and has not been subject to an independent review by a third party.

For more information on MessageLabs and its industry-leading email security and management services, please visit www.messagelabs.com.