Virus protection misses 70% in the first hour
Posted by: Timothy Weaver on 02/12/2015 06:21 PM
[
Comments
]
How secure do you feel about your anti-virus software?
Threat protection company Damballa has found that within the first hour of submission, AV products missed nearly 70 percent of malware. It gets worse; when rescanned to identify malware signatures, only 66 percent were identified after 24 hours, and after seven days the total was 72 percent. It took six months for AV products to create signatures for 100 percent of new malicious files.
Brian Foster CTO of Damballa said: "What's clear from these figures is that we have to turn the table on infection 'dwell' time. In much that same way that a flu vaccine hinges on making 'best-guess' decisions about the most prevalent virus strains -- AV is only effective for some of the people some of the time. Viruses morph and mutate and new ones can appear in the time it takes to address the most commonly found malware. Dependence on prevention tools simply isn't enough in this new age of advanced malware infections; attackers can morph malware code on a whim, yet organizations have a finite number of staff to deal with the barrage of noise generated from security alerts. We urge taking a fresh 'breach-readiness' approach, which reduces dependence on people and legacy prevention tools".
You can read the full report at the Damballa website.
Threat protection company Damballa has found that within the first hour of submission, AV products missed nearly 70 percent of malware. It gets worse; when rescanned to identify malware signatures, only 66 percent were identified after 24 hours, and after seven days the total was 72 percent. It took six months for AV products to create signatures for 100 percent of new malicious files.
Brian Foster CTO of Damballa said: "What's clear from these figures is that we have to turn the table on infection 'dwell' time. In much that same way that a flu vaccine hinges on making 'best-guess' decisions about the most prevalent virus strains -- AV is only effective for some of the people some of the time. Viruses morph and mutate and new ones can appear in the time it takes to address the most commonly found malware. Dependence on prevention tools simply isn't enough in this new age of advanced malware infections; attackers can morph malware code on a whim, yet organizations have a finite number of staff to deal with the barrage of noise generated from security alerts. We urge taking a fresh 'breach-readiness' approach, which reduces dependence on people and legacy prevention tools".
You can read the full report at the Damballa website.
Comments
