Real-Time Malware Protection Reduces Enterprise Costs
MOUNTAIN VIEW, Calif. & CUPERTINO, Calif. — Computer viruses, which grew progressively more virulent over the course of 2006, overwhelmed traditional Anti-Virus solutions according to the 2006 Email-borne Malware Review released today by Commtouch (Nasdaq:CTCH) and Proofpoint, Inc. New server-side polymorphic viruses that emerged during 2006 launched rapid burst attacks comprised of vast numbers of variants in order to circumvent common AV defenses.
"In 2006, a new distribution method for email-bone malware using massive numbers of short-lived and low-volume variants - as in the Stration/Warezov and ‘Happy New Year!’ virus attacks - turned every hour of an outbreak into a zero-hour," said Haggai Carmon, Commtouch Vice President of Products. "Throughout 2006, we began seeing outbreaks with thousands of distinct variants being sent in successive, overlapping waves of attacks lasting for weeks or even months. The barrage of wave after wave of such attacks made it nearly impossible for traditional AV solutions to create and propagate new signatures or heuristics in time to protect end-users from the risk of infection. We expect these types of attacks to continue and worsen through 2007."
In the past, copies of the same malicious code were mass distributed in large quantities, with one or just a handful of overlapping variants, per malware. But as AV solutions developed faster signature publishing mechanisms, malware writers changed their tactics to better exploit the "zero hour" vulnerability inherent in traditional anti-virus approaches. In the latest attacks, malware distributors develop huge numbers of distinct malware variants and unleash them simultaneously, or in successive waves. With the arrival of these so-called "server-side polymorphic malwares," by the time a signature is released for one variant, that variant has stopped circulating, and several new variants have been unleashed.
"Without real-time protection, enterprises leave themselves exposed to an unacceptable level of risk, because the cost of remediating malware infections can run as high as $500 per infected desktop," said Rami Habal, Director of Product Marketing for Proofpoint. "When an organization is getting hammered with thousands of variants of each new virus, it’s crucial to block each new variant immediately to prevent serious losses."
The Proofpoint Zero-Hour Anti-Virus[TM] module incorporates Commtouch Zero-Hour[TM] Virus Outbreak Protection to identify new virus activity and take preventive action at the earliest stages of a virus outbreak, keeping messaging systems safe until updated anti-virus signatures are available.
"We have been pleased to see that Proofpoint Zero-Hour Anti-Virus automatically quarantines so many different malware variants that would otherwise be missed by a purely signature-based AV engine," said Peter Skibitzki, Network Security Officer for the Placer County Office of Education. "The zero hour protection provided by Proofpoint and Commtouch completely eliminates the risks posed by rapidly-mutating viruses such as the recent ‘Happy New Year!’ attack, saving us from a lot of security headaches and, more importantly, eliminating the potentially huge costs involved in cleaning up infections."
Commtouch Zero-Hour[TM] Virus Outbreak Protection detects and blocks email-borne outbreaks - including server-side polymorphic malware - within moments of their release on the Internet. Powered by its Recurrent Pattern Detection[TM] technology, Commtouch’s Zero-Hour service is offered to messaging, security and anti-virus vendors for OEM integration as a complementary outbreak detection solution. Proofpoint has integrated Commtouch Zero-Hour Virus Outbreak Protection technology as part of an optional module for its Proofpoint Messaging Security Gateway[TM] appliance and Proofpoint Protection Server[TM] software solutions to ensure advanced email defense for its enterprise clients.
To access the 2006 Email-borne Malware Review, click http://www.commtouch.com/documents/2006_Email_Borne_Malware_Review.pdf or http://www.proofpoint.com/malware-report-2006.
About Proofpoint
Proofpoint provides messaging security solutions for large enterprises to stop spam, protect against email viruses, ensure that outbound messages comply with both corporate policies and external regulations and prevent leaks of confidential information via email and other network protocols. The company’s flagship products, the Proofpoint Messaging Security Gateway[TM] and Proofpoint Protection Server[R] provide future-proof messaging security using Proofpoint MLX[TM] technology, an advanced machine learning system developed by Proofpoint scientists and engineers. Proofpoint was founded by technology visionary and former CTO of Netscape Communications, Eric Hahn. The Cupertino, California-based company is funded by investors including Benchmark Capital, Bridgescale Partners, Inventures Group, JAFCO Ventures, Meritech Capital, Mohr, Davidow Ventures, and RRE Ventures. For more information, please visit http://www.proofpoint.com.
Information provided by: Findarticles.com
