Sector guide: Security software

Like most of the IT market, the security sector is in a state of change. As the number of people who are using the internet and connected devices rises, so does the threat from cyber-criminals.

According to the latest Norton Cybercrime Report, two thirds of people have been a victim of cyber crime and the threat rises every day. These findings are supported by research conducted by German security software firm G Data, which claims that during 2010, a recordbreaking 1,017,208 new malware programs were released in to the public domain.

“The biggest threat right now is the total amount of malware that is being created: We are receiving 55,000 new malware samples every single day,” reveals Luis Corrons, technical director of PandaLabs. “Out of these 55,000 samples, 70 per cent of them are trojans, with the most dangerous type being banking trojans.”

BullGuard’s chief technology officer, Claus Villumsen, highlights the increasingly sophisticated tactics being used by cyber-criminals: “Earlier this year, researchers at Google estimated that rogue antivirus software currently accounts for fifteen per cent of all web-based malware and that it is growing in prevalence,” he says.

“But perhaps the real threat is RAM scrapers. RAM scrapers have been around for years, but very few people have ever heard of them, including people within the security industry. They have in fact been around for years, but recent indications lead industry analysts to believe they may well be the next real threat in 2010 and 2011.”

In the face of such seemingly insurmountable odds, ensuring the safety of internet users has become a more intensive task than ever before, with many security specialists having to revolutionise the way they detect and combat malicious algorithms.

“As in many areas of life, public perception tends to lag behind reality,” observes Kaspersky Labs’ senior security researcher David Emm. “Most people understand the need for anti-virus software to protect their computers. However, the use of signature-based solutions alone to deal with today’s complex threats is no longer sufficient. In recent years, a raft of proactive technologies have been developed and refined in response to the changing threat landscape.”

The complexity of these newer threats has led every security company to update their detection software. PandaLabs, for example, has created a system called collective intelligence, which according to Corrons is “an automatic system, hosted in the cloud that detects, analyses, classifies and creates the signature file for every single new sample we receive, giving protection practically in real time against these new threats.”

Symantec, meanwhile, has opted to take a more instantaneous approach. “Security has to be done in real time and as such we have to make precise, informed decisions instantly,” says Con Mallon, Symantec’s Norton product marketing director for EMEA. “Reputation-based security is the answer. It is a radical new approach. The old model for security was to go looking for the bad stuff and assume that everything was good. We cannot assume this now. We have to look at every file that is making its way onto your PC and determine its reputation.”

BullGuard, however, has invested in technology that analyses the behaviour of a piece of software, in a process that can identify malicious code before it harms a PC. “To deal with the volume and increased complexity, BullGuard has introduced behaviour-based detection of viruses as an addition to our signature-based virus detection. This enables us to counter what in the industry is known as ‘zero-day attacks’,” explains Villumsen.

Another recent development within the security industry has been the acquisition of McAfee by US hardware giant Intel. This has two implications for the wider market: Firstly, one of the world’s largest component builders considers security to be an important part of any PC, and secondly it prompts the question as to whether security will be an integrated component in the future.

“We believe that IT security is a specialised business and that specialized vendors, whose primary focus is in securing IT systems against malicious code threats via any network will succeed in the long run,” states Emm.

Villumsen is more philosophical about Intel’s latest foray in to the security sector: “We believe that Intel’s acquisition of McAfee is generally positive for the internet security industry, and certainly leaves room for other vendors. We believe it demonstrates that Intel feels security is an important part of the connected future – so it sees performance, connectivity and now security as the three pillars of the future of computing.”

However, David Harley, senior research fellow at ESET, notes that this is not the first time Intel has dipped its toe in to the security market: “Intel is not actually a stranger to the anti-virus marketplace: It sold its previous corporate-targeting product line to Symantec in the nineties.

“While it’s interesting to see them re-enter that marketplace, I’m not sure it’s an indication of a seismic event, or Intel has had a master plan for integrating security technology with some of its other interests. I wouldn’t really expect to see McAfee for motherboards, for instance.

“That said, I’ve always been a proponent of security as built-in rather than added on, and security as multilayered, rather than relying on a single point of success or failure: the days of up-to-date AV being all you need for a home system are long over.”

Corrons also feels that the acquisition could have long-term benefits for end users.

“McAfee’s cloud technology has been a key area of interest for Intel, as we know well; cloud detection has major benefits for components if technology is available to the manufacturer,” he says.

“My prediction is that developing hardware-enhanced security will be a longer-term focus, enabling benefits for consumers, governments and businesses.”

Although there are benefits to integrated security, Webroot’s EMEA consumer business development director David Bennett feels that the key focus must be on the cloud, as users increasingly store their data and interact online.

“Intel doesn’t run on all the PCs; the majority of threats are in the web sphere. There will still be the requirement for dedicated security suites that are able to protect you however, and wherever you connect online,” predicts Bennett. “Defence has to move into the cloud and sit within the broadband infrastructure, giving effectively a ‘clean pipe’ to the users, irrespective of the device being employed.”

With new developments coming from both sides of the security divide, it’s clear that the industry is in a continual state of change as the technology develops and the ‘cops and robbers’ seek to gain the upper hand. In addition, as internet usage grows, security is likely to become an increasingly prominent issue.

“Endpoints remain the principal repository for the data that is the lifeblood of the ‘dark economy’,” notes Emm. “However, the use of smartphones is growing steadily. The more we use them to conduct financial transactions online the more attractive they become as a target. We have seen a steady growth in the sophistication of mobile malware threats and the number of such threats is likely to increase moving forward.”

In a similar vein, BitDefender’s UK and Ireland sales director Simon Geach notes that the increasing use of wireless networks could present problems. “A good start for the future points of security would be to secure both wired and wireless networks. For example, inside corporations, system administrators do a good job at securing their premises, but there are plenty of unsecured wireless networks out there that leak confidential information,” he comments.

Harley suggests that the complex nature of modern malware threats has prompted a range of multifaceted solutions. “There’s a clear trend away from single layered technologies. There isn’t really such a thing as a true antivirus package any more: even the most basic packages cover a whole range of threats and nuisances, most of them non-viral,” he says.

AVG’s vice president of web threat research Roger Thompson elaborates: “I think the best products in the future will be based around layered defences involving web scanning, behaviour blocking, and traditional signature scanning. If you adopt this approach, each layer only has to be 80 per cent effective, because the proportion that one layer misses will be caught by the next.

“Think about Swiss cheese. Each layer has lots of holes, but if you place two slices on top of each other, they cover up most of the holes. Place a third layer on top, and there are no holes left.”

BITDEFENDER TOTAL SECURITY 2011
SRP: £59.99
Distributor: Gem Distribution, EntaTech
They say: BitDefender starts working and keeps working – around the clock and around the globe, continuously protecting your privacy and defending your digital world
Features: Proactive protection, privacy safeguards, two-way firewall, parental controls, online backup, webpage flagging

KASPERSKY PURE
SRP: £69.99
Distributor: EntaTech, Gem Distribution, Koch Media, Ingram Micro
They say: Renders your PC highly immune to cyber-threats of any kind
Features: Kaspersky Internet Security functionality, enhanced anti-malware and anti-spam protection, control centre, password manager, advanced parental controls, file shredder, data backup and restore, data encryption

NORTON ANTIVIRUS 2011
SRP: £39.99
Distributor: Computer 2000, Ingram Micro, Gem Distribution
They say: Detects and eliminates viruses, spyware, and other threats lying in wait to infect your PC, so you can chat, email, and share files safely
Features: Reputation-based security, proactive performance alerts, control centre, pulse updates, IM monitoring

NORTON INTERNET SECURITY 2011
SRP: £49.99
Distributor: Computer 2000, Ingram Micro, Gem Distribution
They say: Helps prevent cybercriminals from stealing your identity and your hard-earned money when you go online
Features: Parental controls, proactive performance alerts, anti-phishing, pulse updates, smart two-way firewall, IM monitoring

WEBROOT INTERNET SECURITY COMPLETE
SRP: £49.95
Distributor: Gem Distribution
They say: Protect your identity, privacy and personal information for complete protection at home or on-the-go
Features: Anti-virus, anti-spyware, firewall, online secure storage, system clean up, fast scanning, password management, identity protection

ESET MOBILE SECURITY
SRP: £29.95
Distributor: Westcoast
They say: Protects your online communications, sensitive data and privacy on the go. It effectively eliminates emerging mobile exploits and security breaches and keeps your inbox clear of unwanted SMS and MMS messages
Features: Proactive protection, light footprint, fast scanning, SMS anti-spam, remote wipe, SIM matching, security audit, intelligent firewall, messaging black/white lists

AVG ANTIVIRUS 2011
SRP: £29.99
Distributor: Koch Media
They say: If you use your computer every day, you need protection that’s always there, constantly keeping you safe
Features: High-speed scanning, enhanced virus detection, active surf shield, search-shield, email scanner, link scanner, anti-virus, anti-spyware, anti-rootkit

AVG INTERNET SECURITY 2011
SRP: £34.99
Distributor: Koch Media
They say: Provides multiple layers of protection for everything you do online, which means you don’t have to worry about identity theft, viruses or visiting harmful sites
Features: Firewall, anti-spam, identity protection, social networking protection, link scanner, online shield, smart scanning

BULLGUARD INTERNET SECURITY
SRP: £44.95
Distributor: EntaTech, Gem Distribution, Spire Technology, Target Components
They say: Introducing technology that positions BullGuard as the end user champion in the fight for digital liberation
Features: Antivirus, anti-spyware, anti-phishing, firewall, spam filter, backup, social media protection, behaviour detection, safe browsing, password protection, file inspector

G DATA ANTIVIRUS 2011
SRP: £24.95
Distributor: Securedis
They say: G Data’s best-in-test protection without any loss of computing power. Use of self-learning fingerprinting and whitelisting means increased scan speeds and reduced memory requirements
Features: Proactive detection, behaviour analysis, white listing, light footprint, cloud updates, parental controls, spam block, anti-spyware

G DATA TOTALCARE 2011
SRP: £39.99
Distributor: Securedis
They say: The G Data TotalCare all-in-one solution is the benchmark security package against which all others should be measured
Features: Virus protection, ‘silent’ firewall, data backup and recovery, security tuning, parental controls, anti-spam, email and messenger protection, online transaction protection

SENTRY BAY PERSONAL DATA PROTECTION SUITE
SRP: £29.99
Distributor: CMS Peripherals
They say: Provides the most effective protection from online identity theft by safeguarding all sensitive data entered into websites and proactively preventing users from visiting scam phishing sites
Features: Real-time protection against identity theft, neutralises key logging, PhishLock antiphishing technology, EntryProtect, data scrambling

ESET SMART SECURITY
SRP: £39.95
Distributor: Westcoast
They say: Combines an advanced management console and award-winning ThreatSense engine with a firewall and antispam.
Features: Light footprint, advanced archive scanning, encrypted communication protocols, enhanced mobile PC support, email client support, media access control, improved cleaning

PANDA 2011 CONSUMER RANGE
SRP: Antivirus Pro 2011 £40.99, Internet Security 2011 £50.99, Global Protection 2011 £61.99
Distributor: Blue Solutions, Micro-P, Northamber
They say: Protects your online world, providing maximum protection with minimum impact, and 50 per cent improved performance in Windows 7 compared to previous Panda versions
Features: Virtual keyboard, safe browser, home network manager, remote PC access, file encryption, file shredding, anti-malware, firewall and anti-phishing filter

CONTACTS
Blue Solutions:
0118 9898 222
CMS Peripherals:
020 8960 6000
Computer 2000:
0871 880 3000
Gem Distribution:
01279 822822
EntaTech:
0333 101 1000
Koch Media:
0870 027 8700
Ingram Micro:
0871 973 3000
Micro-P:
01282 776776
Northamber:
020 8296 7066
Securedis:
0845 658 7009
Spire Technology:
01202 828444
Target Components:
01977 739300
Westcoast:
0118 912 6000