Signature-based malware detection techniques are becoming less effective in the face of so-called 'malware 2.0' threats, a security firm claimed today.
"The security space is changing rapidly. We are witnessing a major shift in the anti-malware marketplace moving into a new era of malware 2.0," said Kurt Baumgartner, chief threat officer at PC Tools.
"We are now dealing with zero-minute, rather than just zero-day, exploits that have the potential to further evade signature detections."
PC Tools said that malware variants are now released at "immense rates", driving up sample volumes and making it almost impossible for researchers to keep on top of updates using manual analysis.
These threats are taking advantage of the non-detection sweet spot where they can freely propagate and infect before anti-malware companies can respond.
PC Tools argues that new compilers and other techniques are being used to make threats more difficult, if not impossible, to detect with traditional signature-based systems.
Rather than the broad sweeping attacks seen in the past, attacks are now focusing on smaller groups of PCs making it less likely to attract the attention of security vendors. As a result, malware is spreading in "epic proportions".
"The real challenge for security vendors is in identifying new ways to detect the behaviour of malware. Signature identification alone is ineffective in protecting consumers," said Baumgartner.
Fran Howarth, a partner at analyst firm Hurwitz and Associates, agreed with the research.
"Signature-based detection is dead, be it for antivirus, intrusion detection or any other security measures," she said, adding that security companies are currently just "playing a constant game of catch up".
The spyware industry is worth billions of dollars, and there are significant incentives for malware authors to develop techniques to avoid detection.
The researchers estimate that one in five users with major antivirus products already installed on their computers are still vulnerable to these new and emerging threats.
'Malware 2.0' raises its ugly head
By
Staff Writers
on Jul 20, 2007 1:34PM
Got a news tip for our journalists? Share it with us anonymously here.
Partner Content
Ingram Micro Ushers in the Age of Ultra
How NinjaOne Is Supporting The Channel As It Builds An Innovative Global Partner Program
Build cybersecurity capability with award winning Fortinet training from Ingram Micro
Tech For Good program gives purpose and strong business outcomes
Channel can help lead customers to boosting workplace wellbeing with professional headsets
Sponsored Whitepapers
-1.jpg&w=100&c=1&s=0)
Stop Fraud Before It Starts: A Must-Read Guide for Safer Customer Communications
The Cybersecurity Playbook for Partners in Asia Pacific and Japan
Pulseway Essential Eight Framework
7 Best Practices For Implementing Human Risk Management
2025 State of Machine Identity Security Report
.png&w=100&c=1&s=0)
