Malware is getting stronger, but better knowledge and use of behavioural technology could help IT managers.
James Lyne, senior technologist at Sophos, claimed that the big challenge with protecting networks and end-users is that malware is becoming stronger and better. Speaking at a security conference in London, Lyne said that the modern attacker is seeking access to systems and campaigns are 'highly targeted'.
He said: “The big challenge as the bad guys go within an increased economy is that they are coming up with more quality malware. It is being made so fast that traditional technologies are barely keeping up. Forget zero-day, think minus two years. There is a business for vulnerability discovery, they find and sell them and are not reporting to vendors, there is a huge challenge to all of us, as who we are being targeted by is unclear.
“We have got to change everything about security technology, there is a change for you but also for the security industry. The bad guys are competent of changing so we need more use of reputation and clarification and more use of behaviour. A tiny portion of our customers actually use behaviour-related technology, and instead of solving the problem they make it so much more complex.
“It is easy to think of simple best practises and we have the stuff to do things more efficiently, but security is the newest subject for the end-user and we need to find the right way to educate them and get them to understand that we can make life hard for the bad guys, we can tell them it is our internet and not theirs.”
Including a live malware demonstration of how a PDF can take over a user's computer, Lyne also featured demonstrations of the Apple iPhone Ikee worm and the 'file deleting' Lose/Lose game at the conference.