Tag Archive for McAfee

| December 9, 2009
Comments Off on Which Anti-Malware is Best?

Which Anti-Malware is Best?

Which Anti-Malware is Best?In a report, AV-Comparatives compared the base performance of some of the top anti-malware products on the market. The objective of these tests was to identify how well antivirus scanners can detect new malware using their base functions.

Base anti-malware functions included their proactive scanning and heuristics methods, without the advantage of downloading the latest signatures. Forcing a test without the latest virus signatures makes it possible to evaluate the strength of the heuristic-or proactive, technology of the anti-malware engines.

ArsTechnica summarizes that the tests were run on two sets of malware. Set A, which contains malware from December 2007 to December 2008 (of which most products could detect over 97%). Set B, contained 1.6 million samples of malware collected between August 11 and August 17, 2009. This set included the following categories of malware: Trojans (69.5%), Backdoors/Bots (20.7%), Worms (6.1%), other malware (1.5%), and Windows viruses (0.4%).

Results

Ars reported these proactive detection results (rounded to the nearest percent):

After taking these results into consideration and adjusting for false positives, AV-Comparatives rated the security companies from best to worst in three categories:

  • Advanced+:
    • G DATA,
    • Kaspersky,
    • ESET,
    • F-Secure,
    • Microsoft,
    • Avast,
    • eScan.
  • Advanced:
  • Standard:

In September of 2008 NetworkWorld reported on Gartner claims that enterprises are paying too much for security software. Gartner says vendors simply aren’t doing enough to keep up with the prevalence of threats on the Internet. Neil MacDonald, a research vice president at Gartner says that security vendors are “maintaining high-profit margins on firewalls and antivirus software despite these products being nothing more than commodities.NetworkWorld says that during his presentation at the Gartner’s 2008 IT Security Summit in London, Mr. MacDonald was vociferous in his condemnation of how security products are actually increasing their prices over the years across a backdrop of lowered effectiveness, contradicting pricing schemes across the rest of the IT industry.

Anti-malware pricing is broken

Security vendors have maintained a pricing scheme that contradicts the rest of the IT industry, Mr. MacDonald said. Typically with software or hardware, prices go down year after year with the introduction of new and better products. In some cases, however, security software often loses its effectiveness as new threats emerge, while prices stay high. “Why in antivirus year after year do we pay more for something that gives us less?” MacDonald asked. “It’s insanity. Why is information security immune from the trends of the IT industry?

Gartner recommends that firms use the commodity status of security software to their advantage, “I know it’s hard to switch but you have to seriously enter the negotiations,” MacDonald said. “Let the vendors know that you are not afraid to switch.”  And he recommends that buyers should aggressively negotiate for better prices.

rb-

While most malware writers are script kiddies with an affinity to making minor modifications to existing malware there are some very good black hat hackers out there that are not dummies.  These tests are important for buyers to understand which product’s core functionality is more efficient against new threats and not rely on constant updates to augment their capabilities. In the face of new threats, superior heuristic capabilities are crucial to anti-malware software? The weekly, daily, or even multiple times a day, definitions updates are the lifeline of the anti-malware industry. The need for constant updates is what drives the annual payments for subscriptions.

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , , , , , , , ,
| October 20, 2008
Comments Off on Cybercrime Better Than Drugs

Cybercrime Better Than Drugs

Cybercrime Better Than DrugsThe FBI reports that, for the first time, revenues from cybercrime have exceeded drug trafficking as the most lucrative illegal global business, estimated at reaping in more than $1 trillion annually in illegal profits.

According to an article, The New Face Of Cybercrime from ChannelWeb It didn’t happen overnight. According to the Q2 2008 Web Security Trends Report by Finjan, a San José, CA-based security company, these cybercrime organizations—some claiming up to tens of thousands of members—have all emerged over the past two years to create a viable shadow economy. “It’s a contemporary economy mediated by Internet workings. It just happens to be illegal,” said Peter Cassidy, secretary-general of the APWG, a nonprofit organization dedicated to counteracting cybercrime.

What we’ve seen is really a deep stratification of electronic crime into a growing, prosperous and responsive economy, with a number of specialty organizations, syndication and deepening organization of peers, both within a vertical skillset and across the entire enterprise of electronic crime,” said Cassidy, “Increasingly, we see this is turning into big business.

Just like a Mafia family, they’re organized into strict hierarchies. They’re headed by a criminal boss, who is seconded by an underboss, providing Trojans for attacks while acting as the command and control center of the operation. Spearheading the malware attacks against businesses and individuals are the campaign managers, who direct their drones in affiliation networks further down the chain of command to actively steal the data from users’ computers.

The stolen data—generally users’ credit cards and social security numbers—is often sold by cyber resellers, who specialize solely in buying and selling the stolen data.

This is definitely an area of growing concern,” said Dave Marcus, security research and communications manager for McAfee. He continues, “Instead of accessing and stealing information, they’ll sell account information for a premium.” Marcus said that the resellers typically post the stolen information on Web sites, then it is offered for sale to hackers based on brand, location, and additional value-added features. Marcus said that one Web site discovered by McAfee Avert Labs offered stolen bank accounts for sale with much higher prices from U.S. financial institutions such as Citibank and Bank of America than for smaller credit unions and more obscure foreign banks. Criminals who want to use the information can then contact the resellers to negotiate a price.

Driven by the laws of supply and demand, the price of an average identity has dropped in recent years from $100 to somewhere between $10 and $20 apiece, with the commoditization of data such as credit card and bank account numbers with pins.

However, other information is even more valuable. Experts say that prime real estate for cybercriminals surrounding health-related data, internal corporate notes, and Outlook and FTP accounts that can provide access to intellectual property go for much higher prices on the black market. As a result, attackers will increasingly be targeting health and government organizations, as well as corporate intellectual property, security experts say.

 

Ralph Bach has been in IT long enough to know better and has blogged from his Bach Seat about IT, careers, and anything else that catches his attention since 2005. You can follow him on LinkedInFacebook, and Twitter. Email the Bach Seat here.

Category: Uncategorized | Tags: , , , , , ,
  Recent Entries »