Our presentation to the Rochester Security Summit was a very interesting one indeed. As we speculated IT Security professionals from major corporations were not aware of the level of infections on protected machines. Our audience found the subject of hidden infections and insidous banking Trojans to be really interesting.
During the course of my presentation I recieved several questions on solutions and techniques to mitigate such risks as banking Trojans, targeted attacks, etc. Some attendees proposed several ideas for resolving these issues such as: white-listing, sand-boxing, multi-factor authentication and technologies for detecting change on a user’s system.
These technologies are all well and good, but it boils down to the effectiveness of anti-malware and security solutions in terms of keeping up with the large volume of new malware released on a daily basis (over 3000).
Generally speaking, the traditional security model used to provide protection to customers has it’s issues mainly along the lines of manually processing new malware (this gets very time consuming when dealing with large numbers). Therefore; signature files normal represent a small fraction of what is affecting users in the wild.
This results in many users becoming infected even with up-to-date anti-malware products.
Panda Security for instance has developed an innovative approach to dealing with new and sophisticated malware (including the large volume of malware we see daily) such as targeted attacks through a system called Collective Intelligence.
This system automates the processing of malware giving us the ability to detect 10x more then we currently do with 10x less effort.