Security labs cannot cope with volume of internet threats

Security labs cannot cope with volume of internet threats There is a dramatic increase in the quantity of malware being unleashed on the Internet,” said Luis Corrons, technical director of PandaLabs, Panda Software’s malware research laboratory. “There is such a great volume that the computer security labs are being overwhelmed and are not able to keep up with developing the vaccines needed for a large percent of new threats. This means that even computers with antivirus software installed are still vulnerable to new infections.”

To complicate the problem, this new wave of malicious software is designed to infect computers silently, creating a false sense of security among computer users since they see no visible infections. This is very good for the new breed of hackers who develop these infections. They are no longer kids in their basements developing viruses for the sake of fame — this new breed of hackers are criminals who are stealing identities, emptying bank accounts, and infiltrating corporations.

Corrons said that Panda Software is carrying out an investigation to determine how many computers are really malware-infected. Panda has created a website where Internet users can scan their PCs using revolutionary security technology. The new technology is based on a “collective intelligence” that vastly accelerates the detection of malicious infections and the development of vaccines so infections that other programs miss can be found.

1. In the absence of major news on email-worms infecting millions of computers for some time, is the Internet safer?

“No way. There is a false sense of security among users,” explained Corrons. “And that is precisely what malware creators are after. Their goal is no longer the notoriety of having caused the most destruction, but simply to quietly make money.

“The safer users feel, the greater the chance they will fall victim to threats designed to silently steal their user names, passwords, credit card numbers, PINs, etc. This is what we call a ‘silent epidemic.'”

2. So then, what are the consequences of the ‘silent epidemic’?

“It is evident that the amount of malware circulating has increased,” explained Corrons. “For example, in 2006 we identified as many new samples as in the previous 15 years combined. Security laboratories cannot cope with the amount of Internet-threats received daily, and their ‘up-to-date’ signature files are missing a significant amount of critical vaccines. Consequently, it is very easy for computers with up-to-date security solutions installed to be infected.

“The malware-types we see most frequently have also changed. Up until 2006 email worms accounted for most new threats. In 2006 Trojans took the lead, being responsible for 53.65% of new malware samples. This shift is due to the fact that Trojans are very useful for stealing confidential data or remotely controlling computers and this is what today’s hackers are after.”

3. Are traditional antiviruses not effective any more?

“They are not effective enough,” said Corrons. “There are so many new malware samples that security laboratories are overrun. Some malware is silent, it can go unnoticed for a considerable length time.

“We are currently carrying out an investigation on our website nfectedornot.com to try to determine to what extent users visiting it are infected or not by malicious codes.”

Based on a new ‘collective intelligence’ approach, Panda is able to detect much more malware than traditional antiviruses.

“This approach is based on three main factors,” explained Corrons. “The first is the collection of data from the broad internet community (Panda users, companies and collaborating entities). The second is automated data processing, where an expert system correlates the data received from the community with PandaLabs’ extensive malware knowledge base. The system automatically returns verdicts (malware or goodware) on the new files received, thereby reducing the tasks PandaLabs must carry out manually to a minimum and greatly reducing the time it takes to come up with vaccines.

“The last factor involves making the knowledge available. This knowledge is delivered to users as Web services or through signature file updates. Due to the new approach, Panda is able to detect malware samples on infectedornot.com visitors’ computers that have bypassed other antiviruses.”

4. What security measures should users take to avoid falling victim to an attack?

“Apart from having up-to-date security protection, it is vital to complement it with proactive technologies capable of detecting threats by analyzing their behavior,” Corrons explained.