Free Newsletter
Register for our Free Newsletters
Access Control
Deutsche Zone (German Zone)
Education, Training and Professional Services
Government Programmes
Guarding, Equipment and Enforcement
Industrial Computing Security
IT Security
Physical Security
View All
Other Carouselweb publications
Carousel Web
Defense File
New Materials
Pro Health Zone
Pro Manufacturing Zone
Pro Security Zone
Web Lec
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor
ProSecurityZone Sponsor

Cyber Intelligence Report reveals failings of anti-malware tools

Cyveillance : 20 August, 2009  (Technical Article)
Conventional means of filtering malicious code continues to lag behind according to the 1st half report on Cyber Intelligence available from Cyveillance
Cyveillance has announced the availability of their '1H 2009 Cyber Intelligence Report', which reveals that traditional antivirus (AV) vendors and Web browser anti-phishing filters continue to lag behind online criminals when it comes to detecting and protecting against new and quickly evolving threats on the Internet. Cyveillance testing(1) showed that more than half of active malware and phishing threats on the Internet continue to go undetected, with an average detection rate of 29 percent for malware attacks and 44 percent for phishing threats. In addition, Cyveillance tested two popular consumer phishing protection applications, McAfee's SiteAdvisor(2) and Symantec's(3) Norton SafeWeb, which only blocked or warned against initial phishing attacks 43 percent and 4 percent of the time, respectively.

'Cyber criminals have become more adept, operating globally and leveraging worldwide resources in order to evade enforcement efforts,' said Panos Anastassiadis, President and CEO of Cyveillance. 'With the influx of increasingly sophisticated attacks and social networking sites as targets, AV engines are finding it difficult to keep up with and protect against morphing malware and phishing attacks, specifically in the first 24-hour time period when the most damage occurs. Organizations must embrace a combination of reactive and proactive security measures if they intend to stay ahead of today's dynamically changing threats.'

In addition to the AV, Web browser anti-phishing and consumer protection application testing, other key findings in the report include:

- Cyveillance tracked an online 'fraud chain' which included malware components that store and serve malware executables, distribute malware to consumers and receive and store confidential information collected from infected computers.
- During the first half of 2009, there was an average of over 23,000 unique phishing attacks per month, which makes phishing still one of the top threats on the Internet.
- Popular consumer applications used for detecting phishing attacks do not provide adequate protection. Initially, Symantec's Norton SafeWeb only blocked/warned against 4.4 percent of phishing attacks and increased to only 5 percent after the first 24-hour period.
- During the first half of 2009, 200 unique brands were first-time targets of phishing attacks, which represents a 26 percent increase over new brands phished in the second half of 2008.

Cyveillance's '1H 2009 Cyber Intelligence Report' includes additional information on their testing of anti-virus vendors and malware Web browser anti-phishing filters.

Cyveillance identifies malware as any type of malicious software application designed to infiltrate computers and is generally implemented without a users' knowledge. An active malware threat is one that has been located on a live Web site within the last 30 days.

Because anti-virus solutions primarily detect known malware, criminals behind the attacks quickly modify them to be more difficult to detect. Cyveillance tested thirteen popular AV solutions4 between May 12 and June 10, 2009 to determine their average daily detection rate of known malicious files. The results show that these popular solutions detect less than half of the latest malware threats identified by Cyveillance.

Phishing is a social engineering scam that relies on both technology and human interaction to carry out online fraud and identity theft.

To better understand the daily risks consumers face from phishing attacks, Cyveillance test sampled unique and confirmed phishing. To measure the effectiveness of some of today's leading consumer anti-phishing solutions, Cyveillance fed these confirmed live attacks through four of the most widely used anti-phishing browser-based offerings(5). The data was fed into each solution and then again 24 hours later to determine detection rates over a minimal period of time. The results show that the Web browsers' anti-phishing protections detect an average of 44 percent of phishing attacks when they are initially launched. After 24 hours the average increases to a 78 percent detection rate.

All figures and statistics in the Cyveillance '1H 2009 Cyber Intelligence Report' are actual measurements rather than projections based upon sample datasets. The cyber intelligence included in this report includes data collected and analyzed between January 1 and June 30, 2009, except where otherwise noted.

Bookmark and Share
Home I Editor's Blog I News by Zone I News by Date I News by Category I Special Reports I Directory I Events I Advertise I Submit Your News I About Us I Guides
   © 2012
Netgains Logo