Anti-virus manufacturers are failing to keep up with malware creators, a leading IT security expert argued in a recently published paper.
Eugene Kaspersky, head of virus research at the Massachusetts-based Kaspersky Lab, said in "The Contemporary Antivirus Industry and its Problems" that software companies are on the losing end of the "virus arms race" against new malware.
Calling the internet "a breeding ground for criminal activity,'' Kaspersky estimated that hundreds of hacker groups are stealing hundreds of millions of dollars from PC users each year. Yet, anti-virus vendors are not keeping up, he said.
"Unfortunately, there are relatively few products available in shops or on the internet that offer even close to 100-percent protection," Kaspersky said in the piece, published late last year on his Viruslist.com website.
"The majority of products are unable even to guarantee 90 percent protection," he said, noting that his lab receives between 200 and 300 new samples each day.
Amrit Williams, research director for Gartner, agreed with Kaspersky that financially-motivated cybercrimes are jumping dramatically. But the solution lies not only in anti-virus capabilities, Williams said.
For full protection, desktop users require an integrated product that contains four pieces: anti-virus software, anti-spyware tools, host-based intrusion prevention and personal firewalls, Williams said.
Still, Kaspersky's analysis provided an in-depth overview of what faces the anti-virus industry and may serve as a wake-up call, says Shane Coursen, a senior technical consultant with Kaspersky Lab.
"There's nothing really revolutionary in Eugene's document," Coursen said. "It's a refreshing and honest look at what we're up against now. I think Eugene might be trying to rally the troops: 'This is what we're looking at in the future. Let's get our thinking caps on.'"
While Kaspersky offered no concrete recommendations for users, Coursen said they "can avoid most threats simply by following the best known practices of the day.
Individuals should be wary of opening unexpected emails and downloading material from an unknown source, he said.
"Policies need to be established inside companies," Coursen said.
But the industry may always be one step behind the criminal mind, Williams warned.
"The anti-virus vendors are slow to adapt," he says. "The technology always lags behind threats."