Commentary: Microsoft can help kill fake antivirus threat

Powered by SC Magazine
 

Redmond should whitelist legitimate security firms.

Earlier this week, Symantec revealed that 42 million fake antivirus applications were downloaded last year.

It seems consumers are being duped into paying between $30 and $100 for software that basically hands full control of their computer over to cybercriminals.

The problem, according to Symantec, is that it's almost impossible for a consumer to tell the difference between a legitimate security application and a fake one. There is also no way of making a blacklist of fake apps because new ones are springing up on a regular basis.

"You really can't tell the difference anymore," said Rob Pregnall, a senior manager of Symantec's endpoint security. "They change all the time. If we could say, 'look for the one with the squiggly face in the top left corner,' it would be different by 11am - they would have changed it."

Below is a screenshot of one fake security warning that appeared on my laptop earlier this year. In this particular case it had virtually no chance of fooling me because it was displaying Windows dialogue boxes and fonts on my MacBook. But as you can see, it is pretty convincing.

Pregnall suggested that users rely on the same 'sixth sense' that helps them differentiate between legitimate emails and spam. Unfortunately, even savvy users are vulnerable to social engineering attacks - and these criminals spread their nets fairly wide so even if they only hook a few fish each time, they make a healthy profit.

Symantec's research claims 42 million fake AV apps were downloaded in 2008 and victims paid between US$30 and US$100 for each one. If we stick to the lowest price point, it means these apps made US$1.26bn!

According to Gartner figures, in terms of revenue alone, the fake antivirus product in 2008 generated more money than Trend Micro (US$938m) and almost as much as McAfee (US$1.47bn). Symantec still towers over the rest with 2008 revenues of almost US$3bn.

I can't help but be impressed by the fake AV makers for being so successful in a market so competitive it has already beaten off the likes of Microsoft, which recently launched a free antivirus application, Microsoft Security Essentials, to replace its unsuccessful OneCare Live product.

A solution

Ironically, I believe Microsoft could save the world from fake security applications by introducing a whitelist for apps from legitimate security firms.

This would mean that Symantec, Trend, AVG, Kaspersky and the rest would have to work with Microsoft to ensure their products were recognised as 'genuine' security applications.

Pregnall agrees whitelists are the future but is under no illusion that the problem will be easy to fix - especially if it means Symantec would have to start playing nice with Microsoft.

"I think the whitelisting argument is going to get considerable consideration in the future. There are obviously huge challenges in resourcing it and with different applications, files, patch updates etc - to keep away annoying alerts.

"However, reputation and whitelisting is definitely part of the way forward," he said.

I asked Microsoft about where it stands on the whitelisting front and about the potential obstacles to developing such a solution but as yet, Redmond has remained silent.

This might be understandable, as the company is preparing to launch Windows 7 tomorrow. I will keep asking them and try to report back to you next week.

In the meantime, I'd love to know what you think. Would whitelisting solve the issue? Is there a better way? How can you tell a fake security app from a real one? Do you care?


Commentary: Microsoft can help kill fake antivirus threat
 
 
 
Top Stories
Soft drinks and SoftLayer: A solution for hard times?
Coca-Cola Amatil's CIO Barry Simpson shares his story of cost-cutting, outsourcing and why his software developers to ride around in delivery trucks.
 
Optus considers breaking net neutrality in Australia
May charge Netflix, OTT providers for premium service.
 
AGL restructure sees CIO depart
Owen Coppage to leave after ten years.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Small business win in a budget with 'fair' savings: Abbott
Apr 17, 2015
Tony Abbott has reaffirmed that the government’s aim is “always to get taxes ...
Xero now includes an inventory function built-in
Mar 26, 2015
Xero has added inventory and other major new features to the latest release of its cloud ...
Apple reveals its new MacBook
Mar 13, 2015
Replacing the MacBook Air as Apple's thinnest laptop, the new MacBook comes packed with features.
Xero has released a new version of its app for the iPad
Mar 6, 2015
iPad-wielding Xero users can now take advantage of a new version of the iOS app for the cloud ...
Microsoft is offering Azure for Disaster Recovery to Australian SMBs
Feb 10, 2015
If you haven't talked to your IT provider about disaster recovery, it might be worth discussing ...
Latest Comments
Polls
Do you support the Government's data retention scheme?

   |   View results
Yes
  11%
 
No
  89%
TOTAL VOTES: 2324

Vote