Traditional security technologies are becoming
increasingly ineffective as anti-virus firms struggle to keep pace
with organised criminal gangs, IT analysts will warn this week's
RSA conference.
Criminals are generating new variations of viruses and Trojans
at a rate that outstrips the ability of security companies to
develop new signatures, delegates will hear.
"A lot of the mainline products that people have been buying for
years are not much more than 30%, 40%, or 50% effective at
detecting any given corpus of malware," said Andrew Jaquith,
analyst at Yankee Group.
The trend will place renewed pressure on organisations to invest
in educating their staff to minimise the risk of infection when
they use IT in the workplace.
Criminal groups are making big profits by releasing hundreds of
versions of the same malware, each of which potentially requires a
new signature, to slip through anti-virus defences, said
Jaquith.
"The bad guys are doing a better job at sharing information than
the good guys," he added.
Ray Wagner, research vice-president at Gartner, said that
businesses would have to focus more on the "human factors" of
security to defend themselves.
"Most end-users are not capable of recognising what is malicious
malware and what isn't," he said.
And in the longer term, security suppliers would have to adapt
by creating technologies based on whitelisting safe programs,
rather than blacklisting malware and blocking malicious behaviour,
said Jaquith.
George Tubin, senior analyst at TowerGroup, cautioned that it
was a never-ending battle. "The fight against fraud and malware is
not a single battle to be won. We are never going to get on top of
it and fix the problem," he said.
www.rsaconference.com/2007/US
Read
David Lacey’s
security blog
Read
Stuart King’s
risk management blog
Related article:
CPS tackles e-crime
Comment on this article:
computer.weekly@rbi.co.uk