Tag Archive for Anti-Virus

| May 21, 2011
Comments Off on 2/3 K-12 Networks Breached Multiple Times

2/3 K-12 Networks Breached Multiple Times

2 of 3 K-12 Networks Breached Multiple Times a YearPanda Security, a provider of cloud-based security software, recently released a report that says 63 percent of K-12 schools experience malware outbreaks or unauthorized user access at least twice a year.  The report, Kindergarten-12 Education IT Security Report (PDF), had some other interesting infobits.

Personal devices on K-12 networks

The survey reports that eighty-two percent of schools allow students and staff to connect personal computers and laptops to the school network. Panda says schools recognize outside devices introduce external risks, but they struggle to fully integrate security policies for multiple devices. Only 74 percent of districts are monitoring the use of external devices. Fifteen percent fail to take any extra security measures, leaving those school systems more vulnerable to infection.Pamda Laptop chart Most schools have implemented IT security best practices, there is still room for improvement reports Panda. The report says ninety percent of schools install anti-virus and/or anti-malware on computers, but nearly 25 percent fail to use firewalls, block high-risk websites, or employ user authentication. 86% prevented the use of very risky websites; while 89% mandated users install security software on their systems. Further, 15% of respondents acknowledged that there weren’t any extra security measures in their districts if they wanted to use laptops.Panda Best Pratices

Social media threats

Social media is a top concern for schools, but the stringency of school policy varies greatly. Ninety-five percent of schools have a social media policy in place, citing the mitigation of malware-related risks as the main reason for implementation. Twenty-nine percent of schools allow students unlimited access to social media sites, while 32 percent deny students access altogether.

Panda Social MediaSchools lack the funding to be secure. I have always said that schools face attacks from the inside and the outside. Insiders in a K-12 school network range from technically unsavvy to damn good malicious attackers. Despite this, the report says 72% of schools reported that budget limitations were the main obstacle, to better security and 38% reported non-availability of staff, and 29% of the schools, reported their IT staff had to attend to other more important tasks than IT security.  IT administrative staff at 38 percent of schools report removing viruses or malware from IT systems a few times a week, and 21 percent are doing this daily according to Panda.

With malware on the rise and new threats propagated through social media every day, having the right security tools in schools has never been more important. Security issues consume staff time, diverting attention from the business of education. Help Net Security quotes Rick Carlson, president of Panda Security US, who has a great grasp of the obvious, “While the Internet is an invaluable tool for education, it can cause serious interruptions to day-to-day operations if schools fail to properly address security concerns.”

rb-

Just to prove the point, the Oakland Press is reporting that 4 students at Romeo High School in Romeo, Michigan were caught allegedly intercepting 60 staff members’ emails, including the Superintendent after “something goofy” happened to the website. While I have no first-hand knowledge, the news did say the attackers went after people who read their emails on their cellphones. So more than likely it was some kind of Bluesnarfing attack, maybe including a Cain and Able payload to get at passwords.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , ,
| July 13, 2010
Comments Off on Free Antivirus Rules Market

Free Antivirus Rules Market

Free Antivirus Rules MarketOPSWAT, Inc. a provider of integration technologies to software developers and vendors recently released a report on the use of antivirus applications. According to the report, free products control 42% of the product market, and vendors that primarily offer a free product have a 48% market share.

The top 10 Windows antivirus applications for January to May 2010 according to OPSWAT were:

  • avast! Free Antivirus 11.45%
  • Avira AntiVir Personal – Free Antivirus 9.19%
  • AVG AntiVirus Free 8.6%
  • Microsoft Security Essentials 7.48%
  • avast! Antivirus 5.4%
  • Kaspersky Internet Security 4.48%
  • Norton AntiVirus 4.24%
  • ESET NOD32 Antivirus 3.84%
  • avast! Antivirus Professional 3.5%
  • McAfee VirusScan 3.26%

opswat AV market share graph 2010

This data indicates that free products account for 42% of the market. From a vendor perspective, European vendors, total just over 50% of the market which include:

  • AVAST,
  • Avira,
  • AVG,
  • ESET,
  • Panda,
  • BitDefender,
  • G Data and
  • Sophos.

Whereas US-based vendors, make up just over 30% include:

Vendors that primarily offer a free product have a 48% market share.

The top 10 Windows antivirus vendors by market share for January to May 2010 according to OPSWAT were:

rb-

According to the firm’s website, OPSWAT collected information from tens of thousands of volunteers out of the 50 million endpoints that use the OESIS Framework and the free Am I OESIS OK? online utility with which end users can check the interoperability and quality level of their applications.  I have said this before, with other fun factoids like this, the adoption rate of the vendor’s tools may skew the results. Nonetheless, it is notable that

  • Microsoft, not usually seen as a security vendor has captured a significant share with their recent anti-virus solutions and could be a legitimate challenger to pure-play security players Symantec and McAfee.
  • Symantec and McAfee who are often seen as the top choices in the U.S. do not do well in this list. This data seems to show that AV competition is alive and well in the highly fragmented consumer sector.
  • The fragmented marketplace may help keep innovation active in the AV market, which is a good thing in the face of the increasing variety of threats from malware.

So despite the claims of this or that vendor to dominate a market based on sales numbers, the OPSWAT data seems to show that end-users have developed a degree of trust in free antivirus applications to keep them secure as they do with paid antivirus.

Related articles

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , , , ,
| December 9, 2009
Comments Off on Which Anti-Malware is Best?

Which Anti-Malware is Best?

Which Anti-Malware is Best?In a report, AV-Comparatives compared the base performance of some of the top anti-malware products on the market. The objective of these tests was to identify how well antivirus scanners can detect new malware using their base functions.

Base anti-malware functions included their proactive scanning and heuristics methods, without the advantage of downloading the latest signatures. Forcing a test without the latest virus signatures makes it possible to evaluate the strength of the heuristic-or proactive, technology of the anti-malware engines.

ArsTechnica summarizes that the tests were run on two sets of malware. Set A, which contains malware from December 2007 to December 2008 (of which most products could detect over 97%). Set B, contained 1.6 million samples of malware collected between August 11 and August 17, 2009. This set included the following categories of malware: Trojans (69.5%), Backdoors/Bots (20.7%), Worms (6.1%), other malware (1.5%), and Windows viruses (0.4%).

Results

Ars reported these proactive detection results (rounded to the nearest percent):

After taking these results into consideration and adjusting for false positives, AV-Comparatives rated the security companies from best to worst in three categories:

  • Advanced+:
    • G DATA,
    • Kaspersky,
    • ESET,
    • F-Secure,
    • Microsoft,
    • Avast,
    • eScan.
  • Advanced:
  • Standard:

In September of 2008 NetworkWorld reported on Gartner claims that enterprises are paying too much for security software. Gartner says vendors simply aren’t doing enough to keep up with the prevalence of threats on the Internet. Neil MacDonald, a research vice president at Gartner says that security vendors are “maintaining high-profit margins on firewalls and antivirus software despite these products being nothing more than commodities.NetworkWorld says that during his presentation at the Gartner’s 2008 IT Security Summit in London, Mr. MacDonald was vociferous in his condemnation of how security products are actually increasing their prices over the years across a backdrop of lowered effectiveness, contradicting pricing schemes across the rest of the IT industry.

Anti-malware pricing is broken

Security vendors have maintained a pricing scheme that contradicts the rest of the IT industry, Mr. MacDonald said. Typically with software or hardware, prices go down year after year with the introduction of new and better products. In some cases, however, security software often loses its effectiveness as new threats emerge, while prices stay high. “Why in antivirus year after year do we pay more for something that gives us less?” MacDonald asked. “It’s insanity. Why is information security immune from the trends of the IT industry?

Gartner recommends that firms use the commodity status of security software to their advantage, “I know it’s hard to switch but you have to seriously enter the negotiations,” MacDonald said. “Let the vendors know that you are not afraid to switch.”  And he recommends that buyers should aggressively negotiate for better prices.

rb-

While most malware writers are script kiddies with an affinity to making minor modifications to existing malware there are some very good black hat hackers out there that are not dummies.  These tests are important for buyers to understand which product’s core functionality is more efficient against new threats and not rely on constant updates to augment their capabilities. In the face of new threats, superior heuristic capabilities are crucial to anti-malware software? The weekly, daily, or even multiple times a day, definitions updates are the lifeline of the anti-malware industry. The need for constant updates is what drives the annual payments for subscriptions.

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
  Recent Entries »