“Even after 30 days, many AV vendors cannot detect known attacks, making it critical for enterprises to take a more proactive approach to online security in order to minimize the potential for infection,” said Panos Anastassiadis, COO of Cyveillance. “To increase protection, users can’t forget the basics – avoid unknown or disreputable websites, increase security settings on their web browser and leverage supplemental malware block lists to increase security on their devices. Only through both proactive and reactive tools can a solid security platform be achieved.”
Cyveillance identifies malware as any type of malicious software application—generally implemented without a users’ knowledge—designed to infiltrate computers. Users rely on security tools including signature-based AV solutions to protect against malware attacks. Cyber criminals circumvent these defenses by installing newly created malware programs that go unrecognized by AV solutions. A security solution must “catch up” with the latest threats to provide adequate protection.
Cyveillance tested thirteen popular AV solutions2 to determine their detection rate over a 30 day period and found that popular solutions only detect an average of 18.9% of new malware attacks. By day eight, AV solutions average a 45.7% detection rate. This rises to 56.6% on day 15, 60.3% by day 22, and 61.7% after 30 days. Top AV solutions take an average of 11.6 days to catch up to new malware. Since this does not include malware signatures undetected even after 30 days, users should not rely on the AV industry as their only line of defense.
All figures and statistics in the Cyveillance report “Malware Detection Rates for Leading AV Solutions: A Cyveillance Analysis” are actual measurements rather than projections based upon sample datasets, unless otherwise noted. The data used for this study were collected and analyzed between April 20, 2010 and April 22, 2010, resulting in an overall total data set of approximately 1,708 confirmed malware files. The files were then run through the latest release of the top desktop AV solutions upon initial detection and again every six hours for one month to determine their detection and lag rates. For more information about Cyveillance’s research findings, please visit www.cyveillance.com/avlagtimereport.
Cyveillance, a world leader in cyber intelligence, provides an intelligence-led approach to security. Through continuous, comprehensive Internet monitoring and sophisticated intelligence analysis, Cyveillance proactively identifies and eliminates threats to information, infrastructure, individuals and their interactions, enabling its customers to preserve their reputation, revenues, and customer trust. Cyveillance serves the Global 2000 and OEM Data Partners – protecting the majority of the Fortune 50, regional financial institutions nationwide, and more than 100 million global consumers through its partnerships with security and service providers that include Blue Coat, AOL and Microsoft. Cyveillance is a wholly owned subsidiary of QinetiQ North America. For more information, please visit www.cyveillance.com or http://www.qinetiq-na.com.