Friday, March 6, 2009

20% of corporate computers have malware

Yes, they run antivirus. No, it doesn't help:
A study by Damballa demonstrated that the typical gap between malware release and detection/remediation using antivirus is 54 days. The study was comprised of over 200,000 malware samples scanned by a leading industry antivirus tool over six months. The study also revealed that:

• Almost half of the 200,000 malware samples were not detected on the day they were received

• 15% of the samples remained undetected after 180 days
Damballa is taking an interesting approach, focusing on the process where malware "phones home" (the Command and Control channel). Pretty clearly, looking in files like antivirus does works pretty badly.

It's clear that anivirus is now the equivalent of the lock on your door. Of course you lock up at night before you go to bed. It will even keep casual intruders out. But it won't stop - or even slow down, really - a knowledgeable and determined adversary.

This is the biggest reason to suggest changing from Windows to Linux. You don't get coverage of a lot of games, and you lose iTunes. However, you simply will not need antivirus.

1 comment:

  1. For a home user, Linux makes tremendous sense. Long term corporate, absolutely. Anything new, without legacy implications, absolutely.

    The problem is corporate legacy stuff, in the short and medium time frames. GM (as an example I'm familiar with) is hugely reliant on homegrown Visual Basic and Windows-only tools to actually run their business. Transitioning would take years, and would be very painful.

    It might even be as painful as the next major worm...

    ReplyDelete

Remember your manners when you post. Anonymous comments are not allowed because of the plague of spam comments.