Presentation at ISACA Geek-Week

September 27, 2007

Panda Security will be presenting at the ISACA Geek-Week conference in Atlanta, GA in November. The conference will include a number of interesting presentations on IT audit and security.

http://www.isaca-atlanta.org/geekweek.htm

I will be speaking about a global research study we have recently concluded that indicates users are more infected then ever with hidden malware.

So if you live in the Atlanta area be sure to check out our presentation on the 15th.


Hype or the Matrix Reloaded Part II: The Government Hacked!

September 10, 2007

Recently there has been a lot of buzz concerning the latest reports on Government entities being hacked and in some cases their web sites are being defaced. With the increase in sophistication and change in motivation I would not be surprised if some of these attacks were successful. 

Web mafias and other foreign organized crime syndicates are of prime concern for businesses alike. With the advancement in malicious code and the increase in vulnerabilities discovered, targeted Trojans are being designed to penetrate defenses. 

In fact there is such a high volume of new and unique malware released on a daily basis that it creates a sustained denial of service.

The result is more and more attacks that go unnoticed by the authorities until its too late and confidential information of our nation’s secrets have been stolen. 

At Panda Security we call this the Silent Epidemic (which is referring to hidden attacks).

So how do we solve this problem? Partly by changing how security solutions are designed and deployed today. The traditional anti-malware model is simply not working or providing effective protection against the 3000 + new threats received on a daily basis for several reasons: 

  1. Traditional signature based solutions capture a small fraction of what is considered in “the wild”. This is mainly because of architecture limitations (file size, bandwidth constraints, protection module design, etc).
  2. The antivirus labs themselves do not have the manpower to process 100% of the samples received, rather only a small percentage are included in the daily signature file.
  3. Deploying protection upgrades in order to combat new malware strains is a difficult process in most part for large government and commercial agencies.

Our data indicates that 1 out of 5 PCs will be infected with malicious code that their current security solution will not detect. Thus, this leaves us with one pressing question “Are we really protected?” 

So where do we go from here? First of all solutions must be developed to address the increase in malicious code, second of all protection should be designed to be easily upgraded. Third, but not least, automated methods and tools should be deployed within AV labs to analyze malware and reduce the manual burden. 

Therefore; security solutions developed to be hosted entirely on-line which fit within the parameters of Web 2.0 in its fullest sense would solve these problems by: 

  1. Reducing the manual effort required to process the thousands of samples received daily. In other words increasing the capacity of the signature file.
  2. Allowing a much greater detection ratio through the development of web based clients that utilize signatures in “the cloud”, rather then locally.

Panda Security has begun to innovate and develop solutions along this concept starting with automating the malware collection to remediation life-cycle within PandaLabs.

Before this entire process had to be done manually and now this new system of automation has reduced our manual efforts by 95% and has allowed us to process the 3000 + received on a daily basis. This has resulted in a collection of nearly two million malware samples. We call this system the “Collective Intelligence”. 

Several solutions have been deployed to take advantage of this new model including NanoScan, TotalScan and a corporate audit tool known as Malware Radar.       


Distribution of new threats

September 2, 2007

Have you ever wondered what type of malware is more predominant in the wild then others and which ones are going extinct?

I thought I would shed some light on this subject since I have been getting quite a few questions lately.

It seems in the last year that several categories of malware seem to be on the verge of extinction, while others are on the rise.

Trojans make up for more then 80% of what PandaLabs detected this quarter. Mainly due to the change in behavior oriented towards carrying out ‘silent’ attacks to gain profit.

trend.jpg

Another interesting point is the commercialization of Malware to be sold through the Internet and to other hackers. Today one can rent DDoS services at a price of $10 – $20 per hour.

Pretty astonishing isn’t it? This makes it easy for anyone to commit financial fraud on the basis of malware for sale.

With all of this taken into consideration and seen with the company mentioned in the post – “Hype or the Matrix Reloaded: Perception vs. Reality”; users are continuing to get infected with hidden undetected threats. Until next time, Panda Security USA logging out.

 

  


Panda Security USA on the road

September 2, 2007

For those who are interested in further information concerning what I talked about in the post – “Hype or the Matrix Reloaded: Perception vs. Reality”; Panda Security will be giving a presentation at the Rochester Security Summit (www.rochestersecurity.org) in Rochester, NY on Oct 3rd from 10:30am to 11:30am.

The slides from this presentation should be made available on-line shortly after.

Furthermore; we are considering the idea of a breakout session by special invitation only at Interop NYC this year concerning “Cloud” based anti-malware technologies for the financial sector (send me an email if you are attending Interop and would be interested in this special one-time only presentation).