Issues around security product testing, and also the latest in malware details dominated the discussions at Kaspersky’s 2012 North American Reviewers Summit.
Various formats and strategies for testing, such as "static" versus dynamic were closely scrutinized during a panel discussion that sought to gain consensus on how customer data can be properly protected while at the same time maintaining fairness to security vendors whose marketing teams, predictably, want to portray their products in the most favorable possible light.
"We can only test a small percentage of what’s going on out there," said Peter Stelzhammer of AV-Comparatives, an Austria-based company that performs independent testing of anti-virus software. "There is sometimes pressure from the vendor community to do things in ways that make them look good. We do everything we can to minimize false positives, but it’s also very important for people in our business to conduct fair and credible testing."
A number of other discussions were also on the agenda, including risks associated with third-party plug-ins that target Acrobat Reader and Java. But arguably, the most disturbing discussion focused on the proliferation of online banking Trojans, many of which are based on the Zeus botnet, which can steal certificates, inject code, redirect browsers, log keystrokes, create bogus screen shots and transmit sensitive bank account information to criminals.
"This is leading to huge profits for the underworld," said Roel Schouwenberg, senior anti-virus researcher at Kaspersky. "And, the security provided by bank websites in the United States is nothing compared to the security used by European banks. Basically, the U.S. banks are doing the same things done in Europe in the late 80s or early 90s. Sometimes I wonder why European banks are targeted at all, because, by comparison, web-based banking in the United States tends to be wide open.”
Meanwhile the variety of "exploit kits" available to the general public continues to be on the rise. Examples include Black Hole, Eleanor and Sparky. Some are even moving to an SaaS model through which exploit tools can be made available for as little as $25.
Kaspersky also briefed the gathering on the forthcoming rollout of "Internet Security 2013," which is being designed with additional anti-phishing protection, a higher level of browser support, a secure keyboard function that isolates keyboard input at the driver level, and also a virtual keyboard.
According to Kaspersky, there were over 200 million web-borne infection attempts in March 2012 alone.