Threat Intelligence Blog

Fueled by scalability and ease of use, it is not surprising that malware attacks delivered via the Web have more than doubled in frequency. What is interesting is the creativity taken by malware writers to evade detection and mitigation through technical means and wider geographical distribution.

So the question remains, how safe is it to surf the Internet? The answer is not one people want to hear.

The reality – the majority of active malware attacks go undetected, with leading anti-virus (AV) solutions detecting only 50% of instances or less. These results came to light when we recently test-sampled malware that we routinely uncover against several of the top AV products. The findings were released in our “1H 2008 Online Fraud Report” and can be seen in the table below.

F-Secure

Kaspersky

McAfee

Sophos

Trend Micro

Average daily detection rate from 6/20/08 to 7/19/08

51%

35%

34%

55%

52%

The fact that these results are based on a 30-day period, only further emphasizes the dynamic nature and scalability of today’s malware attacks. Given the reactive nature of today’s malware and AV detection technology, traditional AV solutions are inherently at a disadvantage when it comes to keeping up with these constantly changing and emerging threats. Now granted, no solution will ever be 100% effective against all real-time and zero-day threats, but by adding proactive intelligence gathering techniques to reactive AV solutions, the gap between infection and protection can be greatly reduced.

Online criminals are using any and every means available to maliciously infect computers and evade detection. Online security solutions should take heed and implement a truly comprehensive approach to security that includes both defensive and offensive elements, or online criminals will remain one step ahead.

Additional Posts

Domain Registration Scam picks up in volume

Cyveillance has recently observed an increase in the volume of spam email related to a domain ...

Creativity and Sophistication in Recent Phishing Attack

Cyveillance's President and CEO, Panos Anastassiadis, was targeted by new approach to an old scam, ...