Three-quarters of European businesses surveyed said they believe viruses
will become more dangerous, while two-thirds believe the frequency of attacks
will increase, according to e-mail security firm MessageLabs.
Natasha Staley, information security analyst at MessageLabs,
said Tuesday that given the massive increase in virus activity over the past
couple of years, it's likely this alarming growth will continue.
The greatest concern to the antivirus industry, however, will be the fact
that many businesses believe time is running out for companies whose protection
from malicious software now lags behind the advances being made by virus
According to separate research from the FBI, 99 percent of businesses have
antivirus protection. Yet in 2003, 82 percent were attacked by a virus,
resulting in more than US$200 billion in losses.
Therefore, it's perhaps unsurprising that only 35 percent of respondents to
the MessageLabs survey expressed confidence in traditional antivirus software,
while 43 percent said they are no longer confident about the protection it
affords. Almost a quarter of respondents (22 percent) said the changing face of
virus threats means traditional antivirus products will be obsolete within the
MessageLabs' Staley said much of the problem is because of the inherent
"sacrificial lamb" approach to so-called signature-based
antivirus technology--the chance that somebody may 'need' to get infected
with a virus for others to be protected. Signatures are short code snippets or
patterns found in a virus or Trojan horse that are unique to the program.
Antivirus software can use such identifiers to weed out bad programs from the
"This research shows that customers are starting to lose faith in traditional
antivirus solutions," Staley said. "It can be very frustrating for companies who
are still be getting caught out despite doing everything they can to protect
Much of the problem is with the rapid propagation of worms. The phenomenon
of the "Warhol" worm which spreads rapidly--and enjoys "15 minutes of
fame"--has often done its damage long before patches have been put in place or a
signature-based antivirus solution database has been updated.
Often that process of updating signature files and putting a fix in place can
take anywhere between six or seven hours and a whole day.
Security software firm Finjan, which claims to proactively stop viruses by
scanning and monitoring all active content on a network, refers to this as a
"window of vulnerability." In essence, a window exists from the point a
vulnerability is known until the point when it is fixed. Any exploit released
into the wild during that time can cause serious harm to a business.
Nick Sears, a vice president at Finjan Software, said: "Many of the current
(antivirus) solutions are excellent at recognizing and blocking viruses that
currently exist, but cannot cope with new Internet attacks."
The very nature of signature-based antivirus technology, at its most
rudimentary, means there is always a danger some customers will be hit, so that
others can be protected.
Finjan's Sears added: "As a result, it is purely a question of luck as to
whether you or your competitor is hit in this interim period."
Will Sturgeon of Silicon.com
reported from London.