Computer Security Labs Are Being Overwhelmed and Are Not Able to Keep up With Developing Vaccines

    Luis Corrons, technical director of PandaLabs, Panda Software's malware research laboratory, stated: "There is a dramatic increase in the quantity of malware being unleashed on the Internet. There is such a great volume that the computer security labs are being overwhelmed and are not able to keep up with developing the vaccines needed for a large percent of new threats. This means that even computers with antivirus software installed are still vulnerable to new infections."

    This new wave of damaging software is created to infect computers silently, creating a false sense of safety among computer users since they see no visible infections. This is very good for the new breed of hackers who develop these infections. They are no longer kids in their basements developing viruses for the sake of fame -- this new breed of hackers are criminals who are stealing identities, emptying bank accounts, and infiltrating corporations.

    Corrons stated that Panda Software is carrying out an investigation to see how many computers are really malware-infected. Panda has created a website (http://www.infectedornot.com) where Internet users can test their PCs using a new security technology. The new technology is based on a "collective intelligence" that greatly speeds up the detection of malicious programs and the development of vaccines so infections that other programs miss can be found.
 
     1. In the absence of major news on email-worms infecting millions of computers for some time, is the Internet safer? "No way. There is a false sense of security among users," explained Corrons. "And that is precisely what malware creators are after. Their goal is no longer the notoriety of having caused the most destruction, but simply to quietly make money. "The safer users feel, the greater the chance they will fall victim to threats designed to silently steal their user names, passwords, credit card numbers, PINs, etc. This is what we call a 'silent epidemic."
    2. So then, what are the consequences of the 'silent epidemic'? "It is evident that the amount of malware circulating has increased," explained Corrons. "For example, in 2006 we identified as many new samples as in the previous 15 years combined. Security laboratories cannot cope with the amount of Internet-threats received daily, and their 'up-to-date' signature files are missing a significant amount of critical vaccines. Consequently, it is very easy for computers with up-to-date security solutions installed to be infected.
    "The malware-types we see most frequently have also changed. Up until 2006 email worms accounted for most new threats. In 2006 Trojans took the lead, being responsible for 53.65% of new malware samples. This shift is due to the fact that Trojans are very useful for stealing confidential data or remotely controlling computers and this is what today's hackers are after."
    3. Are traditional antiviruses not effective any more?
    "They are not effective enough," said Corrons. "There are so many new malware samples that security laboratories are overrun. Some malware is silent, it can go unnoticed for a considerable length time.
    "We are currently carrying out an investigation on our website http://www.infectedornot.com to try to determine to what extent users visiting it are infected or not by malicious codes."
    Based on a new 'collective intelligence' approach, Panda is capable to find much more malware than traditional antiviruses.
Corrons explained: "This approach is based on three main factors. The first is the collection of data from the broad internet community (Panda users, companies and collaborating entities). The second is automated data processing, where an expert system correlates the data received from the community with PandaLabs' extensive malware knowledge base. The system automatically returns verdicts (malware or goodware) on the new files received, thereby reducing the tasks PandaLabs must carry out manually to a minimum and greatly reducing the time it takes to come up with vaccines. The last factor involves making the knowledge available. This knowledge is delivered to users as Web services or through signature file updates. Due to the new approach, Panda is able to detect malware samples on http://www.infectedornot.com visitors' computers that have bypassed other antiviruses."
    4. What security measures should users take to avoid falling victim to an attack?
Corrons added: "Apart from having up-to-date security protection, it is vital to complement it with proactive technologies capable of detecting threats by analyzing their behavior. For example, Panda's proactive TruPrevent technology has managed to detect nearly 100,000 samples of new unique malware since it was launched in July 2004. It is also convenient to use http://www.infectedornot.com periodically or before carrying out an online transaction that could endanger confidential files."