Malware still malingering for up-to-date anti-virus users

Panda links into the hive mind to fight zero-day viruses

By John Leyden • Get more from this author

Posted in Software & Security, 11th April 2008 13:07 GMT

Free whitepaper – CIO strategies for the retention and deletion of email

Having anti-virus software and keeping it up to date is no longer enough to keep from geting infected by malware.

A study by Panda Security revealed that 72 per cent of firms with up-to-date security software still had malware on their networks. The data - based on a sample of 1.5m users last year - also revealed that 23 per cent of home computers were infected. PCs protected by the security software from multiple vendors were affected by the problem.

The data comes from scans by users of Panda's ActiveScan online scanning tool.

Panda reckons the problem arises because the traditional anti-virus scanning approaches are no longer keeping up with the exponential growth in malware products. As a result, users are infected by threats that slip under the radar and leave little indication of their presence.

"The situation is getting out of control," said Luis Corrons, PandaLabs technologies manager.

In response to the problem, Panda Security is rolling out a change in its architecture so that malware detection is more automated. Clients are linked together through data centres that correlate data and push signature updates automatically. This approach, dubbed 'collective intelligence', is designed to overcome the shortcomings of the traditional approach of pushing out virus updates from a lab.

"We have automated the process and put it online," Panda's Pedro Bustamante explained, adding that the firm was moving towards the security as a service approach.

In order to raise awareness about the limitations of anti-virus technology, Panda Security has launched a campaign, Infected or Not, and a new site. Users and businesses will be offered the chance to run free security assessments.

The first ten firms to demonstrate they are not infected stand to win €5,000. Home users could win an iPod Nano.

Panda is using its collective intelligence approach alongside honeypots and malware exchange to draw up what it reckons is a real-time list of threats. Malware would be distinguished as such by its behaviour.

This seems to be more of a variation on a theme than the radical change the firm claims. Panda reckons that aggregation of the knowledge of a community of users can lead to better results. This smacks a little of the wisdom of crowds. It said information connected will be impersonal and confidential. Users would opt in to join a network.

There's more background on Panda's Infected or Not campaign here. ®

Free whitepaper – Should your email live in the cloud: an infrastructure and operations analysis