If you thought viruses and other computer nasties were a problem now, brace yourself; you ain’t seen nothing yet. In the past year, the amount of malware — malicious software designed to take control of your computer and steal your data — has increased dramatically, and security experts are worried this trend will only increase in 2009.
In December 2008, Santa Clara, Calif.-based antivirus software provider McAfee Inc. released its Virtual Criminology Report, which showed that use of “Trojan horse” software has increased exponentially in the past two years. A Trojan horse program surreptitiously installs itself on your machine and then carries out malicious activities such as stealing your data. The company says the number of Trojans jumped to almost 120,000 last year, from 20,000 in 2007 and 7,000 in 2006.
“Governments are focusing on all sorts of other things, such as the credit crunch and terrorism,” says Greg Day, a security analyst with McAfee. “So, cyber-crime keeps moving along, making huge strides.”
And just because you have antivirus software doesn’t mean you’re safe, according to Joe Stewart, an analyst with Atlanta-based security consulting company SecureWorks Inc. Malware writers today use “packers” — computer programs designed to hide the code their software uses to perform malicious acts on a computer.
“Different antivirus vendors are more capable of dealing with generic detection that’s independent of the packers, but it requires a lot of time on their part,” Stewart says. “They have to know how every packer works. And every time a new one comes along, they have to dedicate time to decoding it. That takes a lot of investment.”
AV-Comparatives EG, an Austria-based antivirus testing organization, found in an August 2008 test that most antivirus products detected upward of 90% of known malware variants. But a later test, conducted in November, pitted them against new and unknown malware. Detection rates dropped drastically, with some well-known products detecting half, or less, of the malware samples tested.
This is why many security experts are now calling for a “defence in depth” approach to security. It’s not enough to use a single piece of antivirus software to try to stop malicious software from infecting your computers. Better to use multiple levels of protection, preferably underpinned by different antivirus “engines” from different software vendors to increase your chances of catching malicious programs.
But running more than one piece of antivirus software on your computer is a bad idea. It could result in software conflicts that cause your PC to malfunction or reduces its performance.
One solution: Yoggie Security Systems Ltd., based in Israel, produces a neat gadget that takes the job of protecting your machine away from Windows altogether. Its Gatekeeper Pico looks like a simple USB key but contains a tiny computer running 12 security applications. They include: an antivirus program based on an engine by Moscow-based Kaspersky Lab; an intrusion-prevention system that analyzes the type of traffic passing between your computer and the network to try to spot suspicious activity; anti-spyware; anti-phishing software; firewall software; and antispam capabilities. Because the Gateway Pico doesn’t use a computer’s processor to run, it can run more software designed to protect your system without worrying about the performance overhead.
Another defence strategy involves installing virus engines at multiple points within your organization. Having antivirus software on your desktop is one thing, but installing a gateway appliance that protects your whole office from attack provides another level of security. Several companies now produce unified threat-management appliances — sealed hardware products containing software that provides multiple layers of protection at once. These connect directly to the router that provides the office with Internet/Web access, and can be configured to protect all your machines at once.
For even more protection, you may consider a “cloud-based” service. Such services, from companies such as British-based MessageLabs Ltd. or Cupertino, Calif.-based Symantec Corp., check your incoming email and Web traffic for spam and other malicious content before it even reaches your network.
Protecting your computers from malicious threats is never a sure thing. It’s up to you to layer as much protection onto your system as possible. IE
Protect your data from malware
Those nasty bugs that sneak into your computer are becoming more plentiful, but they can be stopped
- By: Danny Bradbury
- February 9, 2009 February 9, 2009
- 13:55