Commentary: Microsoft can help kill fake antivirus threat

Powered by SC Magazine
 

Redmond should whitelist legitimate security firms.

Earlier this week, Symantec revealed that 42 million fake antivirus applications were downloaded last year.

It seems consumers are being duped into paying between $30 and $100 for software that basically hands full control of their computer over to cybercriminals.

The problem, according to Symantec, is that it's almost impossible for a consumer to tell the difference between a legitimate security application and a fake one. There is also no way of making a blacklist of fake apps because new ones are springing up on a regular basis.

"You really can't tell the difference anymore," said Rob Pregnall, a senior manager of Symantec's endpoint security. "They change all the time. If we could say, 'look for the one with the squiggly face in the top left corner,' it would be different by 11am - they would have changed it."

Below is a screenshot of one fake security warning that appeared on my laptop earlier this year. In this particular case it had virtually no chance of fooling me because it was displaying Windows dialogue boxes and fonts on my MacBook. But as you can see, it is pretty convincing.

Pregnall suggested that users rely on the same 'sixth sense' that helps them differentiate between legitimate emails and spam. Unfortunately, even savvy users are vulnerable to social engineering attacks - and these criminals spread their nets fairly wide so even if they only hook a few fish each time, they make a healthy profit.

Symantec's research claims 42 million fake AV apps were downloaded in 2008 and victims paid between US$30 and US$100 for each one. If we stick to the lowest price point, it means these apps made US$1.26bn!

According to Gartner figures, in terms of revenue alone, the fake antivirus product in 2008 generated more money than Trend Micro (US$938m) and almost as much as McAfee (US$1.47bn). Symantec still towers over the rest with 2008 revenues of almost US$3bn.

I can't help but be impressed by the fake AV makers for being so successful in a market so competitive it has already beaten off the likes of Microsoft, which recently launched a free antivirus application, Microsoft Security Essentials, to replace its unsuccessful OneCare Live product.

A solution

Ironically, I believe Microsoft could save the world from fake security applications by introducing a whitelist for apps from legitimate security firms.

This would mean that Symantec, Trend, AVG, Kaspersky and the rest would have to work with Microsoft to ensure their products were recognised as 'genuine' security applications.

Pregnall agrees whitelists are the future but is under no illusion that the problem will be easy to fix - especially if it means Symantec would have to start playing nice with Microsoft.

"I think the whitelisting argument is going to get considerable consideration in the future. There are obviously huge challenges in resourcing it and with different applications, files, patch updates etc - to keep away annoying alerts.

"However, reputation and whitelisting is definitely part of the way forward," he said.

I asked Microsoft about where it stands on the whitelisting front and about the potential obstacles to developing such a solution but as yet, Redmond has remained silent.

This might be understandable, as the company is preparing to launch Windows 7 tomorrow. I will keep asking them and try to report back to you next week.

In the meantime, I'd love to know what you think. Would whitelisting solve the issue? Is there a better way? How can you tell a fake security app from a real one? Do you care?


Commentary: Microsoft can help kill fake antivirus threat
 
 
 
Top Stories
Matching databases to Linux distros
Reviewed: OS-repository DBMSs, MariaDB vs MySQL.
 
Coalition's NBN cost-benefit study finds in favour of MTM
FTTP costs too much, would take too long.
 
Who'd have picked a BlackBerry for the Internet of Things?
[Blog] BlackBerry has a more secure future in the physical world.
 
 
Sign up to receive iTnews email bulletins
   FOLLOW US...
Latest articles on BIT Latest Articles from BIT
Looking for storage? Seagate has five new small business NAS devices
Aug 22, 2014
Seagate has announced a new portfolio of Networked Attached Storage (NAS) solutions specifically ...
Run a small business in western Sydney?
Aug 15, 2014
This event might be of interest if you're looking to meet other people with a similar interest ...
Buying a tablet? Microsoft's Surface Pro 3 goes on sale this month
Aug 8, 2014
Microsoft has announced its Surface Pro 3 will go on sale in Australia on 28 August from ...
Apple's top MacBook Pro with Retina is now cheaper
Aug 1, 2014
Apple has updated its MacBook Pro range with faster processors and new pricing, including ...
Pass on carbon tax savings, warns ACCC
Jul 24, 2014
The ACCC is warning businesses that supply "regulated goods" to pass on any cost savings ...
Latest Comments
Polls
Which is the most prevalent cyber attack method your organisation faces?




   |   View results
Phishing and social engineering
  70%
 
Advanced persistent threats
  3%
 
Unpatched or unsupported software vulnerabilities
  12%
 
Denial of service attacks
  6%
 
Insider threats
  10%
TOTAL VOTES: 704

Vote