It's a common myth that all AV vendors exchange the malware they come across in between themselves, whereas that's obviously not always the case. And even if they don't, you'd better achieve a higher state of security in respect to ensuring your PC or network are protected from the majority of known malware threats, trouble is the average end users whose Internet connection speed is reaching that of an average ISP (metaphor), doesn't seem to bother because of the following concerns :
- it could wait
- it takes decades to update
- it would influence their superman's productivity
- where's the update button by the way?
From the press release of a commissioned survey :
"Harris Interactive® fielded the online survey among a nationwide sample of 2,079 U.S. adult computer users 18 years of age or older. The survey reveals that: Despite 55 percent being very confident or confident in the protectionoffered by the antivirus program on their computer, 42 percent have been affected by malware. A surprising 65 percent have postponed updating their virus protection. Of these adults, their top reasons for not updating are:
It was too disruptive to what they were doing on the computer - 38%
They thought it was something that could wait - 32%
They thought it would take too long - 27%
They weren’t sure how to update the antivirus program - 14%"
These very same end users represent among the key factors for successful assembling of botnets these days. If you secure the entire population, you'll end up with a secure sample itself, but the novice user's lack of incentives is ruining the whole effect -- and driving the DDoS protection tools market segment of course. I also wonder how did Gartner manage to estimate Panda Software's revenues and market share, given that compared to the rest of the publicly traded companies it's free from the burden of having stakeholders breathing down their neck?
Failures in Detection courtesy of VirusTotal.
Independent Contractor. Bitcoin: 15Zvie1j8CjSR52doVSZSjctCDSx3pDjKZ Email: dancho.danchev@hush.com OMEMO: ddanchev@conversations.im | OTR: danchodanchev@xmpp.jp | TOX ID: 2E6FCA35A18AA76B2CCE33B55404A796F077CADA56F38922A1988AA381AE617A15D3D3E3E6F1
Friday, July 21, 2006
Anti Virus Signatures Update - It Could Wait
Independent Security Consultancy, Threat Intelligence Analysis (OSINT/Cyber Counter Intelligence) and Competitive Intelligence research on demand. Insightful, unbiased, and client-tailored assessments, neatly communicated in the form of interactive reports - because anticipating the emerging threatscape is what shapes the big picture at the end of the day. Approach me at dancho.danchev@hush.com
Subscribe to:
Post Comments (Atom)
No comments:
Post a Comment