News

IT defences failing to keep pace with cyber-criminals

Bill Goodwin

Traditional security technologies are becoming increasingly ineffective as anti-virus firms struggle to keep pace with organised criminal gangs, IT analysts will warn this week's RSA conference.

Criminals are generating new variations of viruses and Trojans at a rate that outstrips the ability of security companies to develop new signatures, delegates will hear.

"A lot of the mainline products that people have been buying for years are not much more than 30%, 40%, or 50% effective at detecting any given corpus of malware," said Andrew Jaquith, analyst at Yankee Group.

The trend will place renewed pressure on organisations to invest in educating their staff to minimise the risk of infection when they use IT in the workplace.

Criminal groups are making big profits by releasing hundreds of versions of the same malware, each of which potentially requires a new signature, to slip through anti-virus defences, said Jaquith.

"The bad guys are doing a better job at sharing information than the good guys," he added.

Ray Wagner, research vice-president at Gartner, said that businesses would have to focus more on the "human factors" of security to defend themselves.

"Most end-users are not capable of recognising what is malicious malware and what isn't," he said.

And in the longer term, security suppliers would have to adapt by creating technologies based on whitelisting safe programs, rather than blacklisting malware and blocking malicious behaviour, said Jaquith.

George Tubin, senior analyst at TowerGroup, cautioned that it was a never-ending battle. "The fight against fraud and malware is not a single battle to be won. We are never going to get on top of it and fix the problem," he said.

www.rsaconference.com/2007/US

Read David Lacey’s security blog

Read Stuart King’s risk management blog

Related article: CPS tackles e-crime

Comment on this article: computer.weekly@rbi.co.uk



Email Alerts

Register now to receive ComputerWeekly.com IT-related news, guides and more, delivered to your inbox.
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
 

COMMENTS powered by Disqus  //  Commenting policy