ANTI-MALWARE.info | The Reference in Independent Anti-Malware Advice and Information
Subscribe | Log in

Blog

The lack of basic security and good consultancy in a world dominated by an economical crisis

Why basic antivirus is not failing.

 A lot has been written and said about antivirus products seemingly failing these days to protect users against advanced persistent threats or specific targeted attacks. The anti-virus industry seems not to be able to detect threats like Stuxnet, Duqu, Flame or even recently Dorifel in time. Media and press called some of those attacks acts of cyberwarfare. Richard A. Clarke, an internationally-recognized expert on security, defines cyberwarfare as “actions by a nation-state to penetrate another nation’s computers or networks for the purposes of causing damage or disruption.” But there are loads of other definitions. However, it is clear that cyberwarfare consists of many different threats ranging from sabotage to espionage and national security breaches to attacks related to the critical infrastructure of a region or country. The malware used is most likely developed at least by an organization with a lot of money and is related to the first signs of what could be called cyberwarfare.

So, several companies and the general public were claiming that we all were too late in stopping these threats. Looking at the case of Flame the AV industry found out that we already had some samples of it when the news became public, but we were not aware of it. The samples have never been verified as being malicious before. Also Stuxnet went undetected for over a year after it was found.

So, the question might be the following: Is the anti-virus industry ready for the next battle? Can we all, with our tight consumer antivirus industry related budgets, be up against targeted malware or APT’s created by organizations with a lot of money?

(more…)

This website is 17 years old!

Back in 1995 at the end of August I started this website as one of the first anti-virus and security sites in the world.  Today I nearly forgot this anniversary. The reason for this is that the speed of news and amounts of malware related problems has been growing like hell. The amounts of data and malware we see these days are excessive. I am personally involved with all this stuff much more (24/24  7 days a week) these days compared to 1989 when it all started for me.  The hacks we see these days are worrying. The mentality of people seems to be changed dramatically and hacking (read ‘cracking’) seems to be as normal as having dinner these days. Cyberwarfare, cybersabotage and cyberespionage are now also part of the problem. I wish I could say over 17 years: ‘Yes we’ve done it, we (the AV and security industry) solved the malware problem’ but I’m now sure that this is probably wishful thinking and never will be the case. However this battle isn’t over yet. Malware writers, hackers and other cybercriminals be prepared that also the laws are changing, maybe you could start thinking about finally turning you’re skills into the good direction. I hope nations will think twice when writing nation-state driven malware or even thinking of hacking back the hackers. An eye for an eye makes the whole world blind (Mahatma Gandhi).

 

Three importants AV industry events in a row

The month May has always been dedicated to several traditionally important security industry events of the year. G Data is always present at these events and was playing a very important role this time.
 

EICAR
While the EICAR conference 2011 was dominated by the buzzword cyberwar, the 2012 EICAR conference, actually the 21st, was focusing on ‘Cyber Attacks – Myths and Reality in Contemporary Context’. The conference took place at the Marriott Hotel in Lisbon.
The recent past brought a considerable shift in the underground malware authors’ mentality; a swing from the thrill-seeking geek striving for flame or glory to the professional culprit methodologies and, even more importantly, the inadequate expertise of the average user, for monetary gain. The next contemporary threat scenario calls for an adaptation of the technology and the defense methodologies. Even if scientific research would provide the baseline for some innovations, we still need to have a more holistic approach on the implementation of new innovations. This conference therefore invited researchers to address some of these issues in their papers.
This year’s event was another great one and we are already looking forward to the next one, including some new initiatives from EICAR which should appear soon on the EICAR’s website. If things turn out as planned, the EICAR 2013 conference will be held in Cologne, Germany, 9-11 June 2013.  (more…)