A Visceral Lesson in Endpoint Security

June 12, 2009 by Leave a Comment

Elinor Mills of CNET News had a great article yesterday called “Look Ma, I created a botnet!” that had Elinor going through the paces of infecting and controlling a PC through various malware including a botnet.  Two things jumped out at me from her story.

First, I have done a lot of writing about the depth and breadth of the malware menace by using the numbers from the Symantec Global Internet Security Threat Report.  The data from this report is the basis for our Worldwide Malware Signature Counter on the Triumfant Web site.  In her story, Elinor provides some great data from McAfee’s Avert Labs that adds yet another set of sobering statistics to the conversation. According to the article Avert Labs:

“…sees more than 400,000 new zombies a day, 4,000 new pieces of malware a day and 1.5 million malicious sites a month. There were 1.5 million pieces of unique malware last year and McAfee predicts that number will rise to 2.4 million this year.”

Like the Symantec numbers, these figures are staggering, but sometimes I fear that executives that look at security budgets and endpoint protection cannot grasp their meaning.   IT Security is a funny business where success often brings a sense of false security with those not savvy about the depth of the threat.  Somehow in spite of a deluge of sound statistics, those under budgetary pressure allow themselves to fall into the mind trap of “I have not had a major breach, therefore there is no real threat, therefore I am overspending on security”. 

Which brings me to my second point: I wonder if those same executives would think that way if each were able to take the same malware test drive as Elinor.   My guess is that they would walk away with a completely new outlook on the world and be able to better put the statistics like those from Avert Labs into practical context.  Elinor lives in this world continually and reports on massive breaches almost daily and she found the experience “sobering”.  Hats off to the McAfee folks for putting together such an eye opening demonstration – I am sure it has helped them close more than one contract.  But it may serve to do all of us in IT security a collective favor by providing a very visceral lesson to those who doubt the need for endpoint security.

Filed under Endpoint Security Tagged with , , , , ,

About Jim Ivers
Jim Ivers is the Chief Security Strategist at Triumfant

Leave a Reply

Fill in your details below or click an icon to log in:

Gravatar
WordPress.com Logo

You are commenting using your WordPress.com account. Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Cancel

Connecting to %s

Follow

Get every new post delivered to your Inbox.

Join 406 other followers