Fear of viruses and poor protection grows
Results 1 to 6 of 6

Thread: Fear of viruses and poor protection grows

  1. #1
    AO French Antique News Whore
    Join Date
    Aug 2001
    Posts
    2,126

    Fear of viruses and poor protection grows

    Three-quarters of European businesses surveyed said they believe viruses will become more dangerous, while two-thirds believe the frequency of attacks will increase, according to e-mail security company MessageLabs.

    Natasha Staley, an information security analyst at MessageLabs, said Tuesday that given the massive increase in virus activity over the past couple of years, it's likely this alarming growth will continue.

    The greatest concern to the antivirus industry, however, will be the fact that many businesses believe time is running out for companies whose protection from malicious software now lags behind the advances being made by virus writers.

    According to separate research from the FBI, 99 percent of businesses have antivirus protection. Yet in 2003, 82 percent were attacked by a virus, resulting in more than $200 billion in losses.

    Therefore, it's perhaps unsurprising that only 35 percent of respondents to the MessageLabs survey expressed confidence in traditional antivirus software, while 43 percent said they are no longer confident about the protection it affords. Almost a quarter of respondents (22 percent) said the changing face of virus threats means traditional antivirus products will be obsolete within the decade.

    MessageLabs' Staley said that much of the problem results from the inherent "sacrificial lamb" approach to so-called signature-based antivirus technology--the chance that somebody may "need" to get infected with a virus for others to be protected. Signatures are short code snippets or patterns found in a virus or Trojan horse that are unique to the program. Antivirus software can use such identifiers to weed out bad programs from the good.

    "This research shows that customers are starting to lose faith in traditional antivirus solutions," Staley said. "It can be very frustrating for companies who are still be getting caught out, despite doing everything they can to protect themselves."

    Much of the problem is with the rapid propagation of worms. Those pieces of malware known as "Warhol" worms, worms that spread rapidly and enjoy "15 minutes of fame," often do their damage long before patches have been put in place or a signature-based antivirus solution database has been updated.

    Often that process of updating signature files and putting a fix in place can take anywhere between six or seven hours and a whole day.

    Security software company Finjan, which claims to proactively stop viruses by scanning and monitoring all active content on a network, refers to this as a "window of vulnerability." In essence, a window exists from the point a vulnerability is known until the point when it is fixed. Any exploit released into the wild during that time can cause serious harm to a business.

    Nick Sears, a vice president at Finjan Software, said: "Many of the current (antivirus) solutions are excellent at recognizing and blocking viruses that currently exist, but cannot cope with new Internet attacks."

    The very nature of signature-based antivirus technology, at its most rudimentary, means there is always a danger some customers will be hit, so that others can be protected.

    Sears added: "As a result, it is purely a question of luck as to whether you or your competitor is hit in this interim period."
    Source : http://zdnet.com.com/2100-1104_2-5258497.html

    I delete the other post because it was post in the wrong forum. Sorry for deleting your post Spyder.
    -Simon \"SDK\"

  2. #2
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    I delete the other post because it was post in the wrong forum. Sorry for deleting your post Spyder.
    Ahh!!! Damn you!
    Space For Rent.. =]

  3. #3
    One thing that people may forget is to update on time. You need to check for updates on your anti virus everyday, especially in the time when you know that a medium or high risk threat is in the wild.

    Another thing is, on business and on networks, disable or ban the commodities that some people enjoy if they are not needed.

    Some people still allow Instant Messaging to be happening. In the last year alone, the infection of viruses thru instant messaging went up 300%. What exactly do you need to talk to others for if you're at work?

    Another thing is email. Unless your company needs it, email is the number one carrier of viruses. If you do need email, make sure that your keep the AV updated constantly, and also that you make rules which disable harmful attachments, such as VB Scripts.

    Patching vulnerabilities in time is another thing that can infect PCs with viruses. Outbreaks like MSBlaster and Sasser spread thru ports of unpatched systems.

    In the end, it all depends on how system admins decide to secure their networks, and what methods to take in order to bring down the risk of infection in the next virus outbreak.
    Neon Security

    It\'s time to put an end to malicious code & black hat hackers - Use a firewall and anti virus!

  4. #4
    Just Another Geek
    Join Date
    Jul 2002
    Location
    Rotterdam, Netherlands
    Posts
    3,401
    Eventhough you need to update your AV it still isn't enough. I've seen alot of brand new viruses that weren't detected by any of our virusscanners (we use multiple vendors at differerent stages). In short don't blindly accept your virusscanner if it says "No virus found".

    A rather simple but highly effective method of preventing email viruses from entering your network is to use a content-scanner and drop *all* executables. Make sure you use a good content-scanner, you should use one that doesn't look at the extension or the file's mime-type (both are easily faked). Pick one that actually looks at the file itself (windows PE headers).
    Oliver's Law:
    Experience is something you don't get until just after you need it.

  5. #5
    Senior Member
    Join Date
    Oct 2002
    Posts
    4,055
    In my opinion, if you make sure all of your download's are from the vendor's direct site and not a site created by a fan or whatnot, you've just eliminated and decreased the risk of getting a virus by ALOT. Top that off with constantly updating your A/V software and making sure you don't accept any program's off of e-mail's/IM application's, then you should be set.
    Space For Rent.. =]

  6. #6
    Leftie Linux Lover the_JinX's Avatar
    Join Date
    Nov 2001
    Location
    Beverwijk Netherlands
    Posts
    2,534
    Originally posted here by NeonWizard
    Some people still allow Instant Messaging to be happening. In the last year alone, the infection of viruses thru instant messaging went up 300%. What exactly do you need to talk to others for if you're at work?
    I'm the sysadmin at work.. I use IM to keep in contact with some AO members, friends and other tech-savy people online..
    It is a great tool for me.. Usualy two people know more then one
    I only use licq and amsn (the linux versions of icq and msn) they are a lot safer then the "ordinary" versions..

    Another thing is email. Unless your company needs it, email is the number one carrier of viruses. If you do need email, make sure that your keep the AV updated constantly, and also that you make rules which disable harmful attachments, such as VB Scripts.
    Our company needs it.. but no apps and scripts are allowed thrue
    ASCII stupid question, get a stupid ANSI.
    When in Russia, pet a PETSCII.

    Get your ass over to SLAYRadio the best station for C64 Remixes !

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •