Anti-virus defenders need to crush vulnerabilities
Anti-virus defenders need to crush vulnerabilities
Oct 22nd, 2004: Security experts in Chicago have identified the "window of vulnerability", or signature delay time, as the key way to significantly reduce the high level of email virus outbreaks.
MessageLabs reported on the findings after they were presented at the Virus Bulleting Conference in Chicago earlier this month.
The research presented by Gabor Szappanos from Virus Buster, reveals that when a new mass-mailing virus emerges, it can take a few hours to gather momentum to result in an outbreak.
If the window of vulnerability was reduced to three hours or less, mass-mailing viruses would not have the same high level of penetration.
Andreas Marx, at AV-test.org showed that average signature delay time has only been lowered from 12 to 10 hours during the past year.
A survey of 125 European businesses published by MessageLabs in July 2004 revealed that 65 percent of businesses believe that the signature-based approach will either not be able to cope with the increasing volume and destructiveness of email viruses and worms in the future, or will be obsolete.
Alex Shipp, MessageLabs' senior anti-virus technologist said: While malicious code has developed at a rapid rate, traditional anti-virus software relies on the same model as it did 20 years ago. Virus writers have become adept at exploiting windows of vulnerability because they know that the delay around getting signature files out has a critical effect on the scale of an outbreak.
"Companies are realising that they cannot rely solely on the old methods and are looking for a more proactive approach, such as Internet-level managed services that can stop known and unknown virus threats immediately, before they reach an organisation's network boundary."
Related Article: